Third-Party Plugins Causing HTTP Issues


Karah Blandford, Account Specialist at Ontario SEO
Karah Blandford
April 24, 2020
Website Not Secure

If you’ve ever used a Facebook Feed plugin on your website, you may have run into an issue with your website appearing as “unsecure”, even if you have taken the steps to move from HTTP to HTTPS.

Google Chrome recently made the security status of a website more apparent by including a padlock in the far left-hand side of the browser bar:

Insecure site with padlock

With this change came a lot of concern from businesses who don’t have a “secure” website, worried that users would be hesitant to visit a website with this status.

The truth is, there are a lot of ways to hack into data being transferred via http. The main thing to note is that it is not really a problem when watching videos or scrolling through a website, but it is a problem if you need to protect the data being sent.

Insecure site

In any case, an unsecure website can raise red flags with users, so it is best practice to go ahead with the switch from HTTP to HTTPS. The switch is fairly easy to implement and can be make or break when it comes to a user’s perceptions of what “secure” vs. “unsecure” might mean.

In addition to raising red flags with users, having an HTTPS website is a ranking factor in Google’s algorithm. As websites are deemed more secure being HTTPS, they also gain a small ranking benefit due to the security aspects. Therefore, it is crucial to ensure your website maintains an HTTPS status from a user trust standpoint as well as an SEO one.

Facebook Feeds Can Make Your Website Appear “Unsecure”

Third-party plugins used on your website can cause a secure website to appear as unsecure depending on the plugin. This was something that we noticed when one of our client’s websites was appearing as HTTP in the Google Search Engine.

We were able to pinpoint the issue to the plugin being used on the client’s home page. The Facebook Feed was pulling in images from their Facebook posts that were not HTTPS, rendering the entire page “unsecure”. The plugin was loading the images from a third-party URL and serving the page to users as unsecure HTTP.

If you have put in the effort to make your website secure with HTTPS, it is worth the battle to find a plugin that loads images security via HTTPS.

Have more questions? Reach out to us and we’d be happy to help diagnose any issues you are having, or help you make the switch to a secure website.