This article will explain why you may see a Not Secure pop-up on your site. 

Explanation

Your site may not automatically redirect users to the secure (HTTPS) version. This means that any user who visits your site will see a Not Secure message, depending on the web browser.

When users view your site securely (using HTTP), the content of the site is encrypted when it is sent to and from the user's computer or device. This prevents an intermediary from observing the content that the user is browsing. 

If the user browses the site insecurely (using HTTP), the content is transmitted without encryption. A third party could then read that information during transmission. This is not an issue with normal web content, but any submitted information (names, email addresses, personal information, etc.) should be transmitted securely.

Read more about the Benefits of HTTPS, but this is the main difference between the Secure and Not Secure versions of the Page.

Solution

• You can enable Always SSL, but it is recommended to Download a Mixed Content Report and Address Items in a Mixed Content Report before you Enable HTTPS by Default. If you would like help with this, please contact our Technical Support Team.