My website is not secured : Forums : PythonAnywhere

My website is not secured

i'm using the free account option and after deploying, I get "not secured" at the address bar next to the url. Is that supposed to be normal?

deleted-user-2282342 | 3 posts | Dec. 27, 2017, 1 p.m. | permalink

that sounds like it's because you have http content inside of a https website (eg: say one of your pictures is loaded over http)

conrad | 4232 posts | PythonAnywhere staff | Dec. 27, 2017, 4:59 p.m. | permalink

How is one to go about in fixing it? I mean, I have the same problem as a PAID member and I'm creating a social media website, of all web addresses to say "not secure"

deleted-user-3276445 | 3 posts | Jan. 2, 2018, 11:17 a.m. | permalink

i forced ssl and now it has a red "not secure"! Help me please!

deleted-user-3276445 | 3 posts | Jan. 2, 2018, 11:23 a.m. | permalink

Hi there, your issue is slightly different from the OP. You need an SSL certificate. More info here: https://help.pythonanywhere.com/pages/SSLOwnDomains/

harry | 2710 posts | PythonAnywhere staff | Jan. 2, 2018, 11:24 a.m. | permalink

I am having the same problem. I am using a free account and i don't think I am using any other http content on the website. What else could be the problem?

deleted-user-5255156 | 1 post | March 4, 2019, 4:24 a.m. | permalink

If you go to http://bharathanmudaliar.pythonanywhere.com/ it will show up as insecure. https://bharathanmudaliar.pythonanywhere.com/ it will show up as secure.

If you want to always redirect to https, you can do it yourself in your code, or you can use our webapp config "Force HTTPS" option.

conrad | 4232 posts | PythonAnywhere staff | March 4, 2019, 11:18 a.m. | permalink

My account is a free account. I tried to 'Force HTTPS' on my web configuration page, but it is not getting enabled. The slider remains 'Disabled'. What would be the problem?

tdkrishnan | 2 posts | May 25, 2020, 10:51 a.m. | permalink

When you clicked on the slider did it change from disabled to enabled? (that is what it should do- I wonder if perhaps you weren't clicking on the right side of the slider)

conrad | 4232 posts | PythonAnywhere staff | May 26, 2020, 3:15 a.m. | permalink

It worked!! Thanks, @conrad!!! All the time I was clicking on the blank area, assuming the slider will move to the clicked side.

tdkrishnan | 2 posts | May 27, 2020, 2:19 a.m. | permalink

Mine won't even let me log in and brings up errors about a not secure notification. I did move the slider so it says enabled. What else could I be missing? Thanks.

deleted-user-9346172 | 1 post | Jan. 17, 2021, 2:27 p.m. | permalink

Did you reload your web app after making the change? Are you accessing the site using https?

glenn | 9718 posts | PythonAnywhere staff | Jan. 17, 2021, 2:50 p.m. | permalink

It worked for me! I just enabled the "force https" slider and now, after reloading the website on the web app page, it shows as a secure website.

Zivesanywhere | 1 post | Dec. 13, 2022, 3:53 p.m. | permalink

Yes, that will work well! The only time that "Force HTTPS" is a bad idea is if you've just created a website on a custom domain (that is, one that doesn't end with .pythonanywhere.com) and you haven't set up an HTTPS certificate.

giles | 12074 posts | PythonAnywhere staff | Dec. 14, 2022, 3:07 a.m. | permalink