Practical Security Guides For Your Team

Your website's security certificate has expired. Think of it like an ID badge with a past-due date — browsers check this badge every time someone visits, and when it's expired, they show a full-screen warning telling visitors your site is unsafe. Most people will leave immediately rather than click through.

Your server's encryption setup has a misconfiguration in how it handles a specific downgrade-prevention signal. When a browser tries to detect whether someone is tampering with its connection, your server responds with the wrong error — like a smoke detector that beeps when you test it, but with the wrong tone. The protection may still be partially in place, but the server isn't behaving according to the standard, which can confuse security tools and warrants a closer look.

Your server is using a self-signed security certificate — one that you (or your server) created yourself, rather than one issued by a trusted authority. Browsers treat this the same way they'd treat a badge someone printed at home: it might look official, but there's no independent body vouching for it. Visitors to your site will see a security warning, and some browsers may block access entirely.

Your server still supports TLS 1.0, an old encryption standard from 1999 that has a known weakness called BEAST. Think of it like a lock on your front door that was recalled years ago — it still works most of the time, but security experts have shown it can be picked under the right conditions. Modern browsers and servers have largely worked around this flaw on their end, but the safest fix is to retire the old protocol on your server entirely.