What Square.space Logo

How to Make Your Squarespace Site SSL Secure (It's Easier Than You Think)

Last Updated: Apr 21 2026 By Lindsey
Squarespace Monetization and Business Features
Contents [Show]
You want to make sure your Squarespace site is SSL secure - the good news is that Squarespace provides free SSL certificates automatically on every site, but you still need to verify it's active and fix any mixed content issues. Squarespace includes free SSL certificates from Let's Encrypt on every plan starting at $16/month. SSL encrypts the connection between your site and visitors, protecting form submissions, login data, and checkout information. HTTPS is also a confirmed Google ranking factor. SSL activation is automatic but can take up to 72 hours after connecting a domain.
This guide covers how to verify SSL is active on your Squarespace site, fix mixed content warnings, enable HSTS, and set up canonical URLs for SEO.
How to Make Your Squarespace Site SSL Secure (It's Easier Than You Think)

You know that little padlock in the browser bar? The one next to "https"? That's SSL. If your Squarespace site doesn't have it, Google flags it, visitors get nervous, and your site looks untrustworthy.

SSL (Secure Sockets Layer) encrypts the connection between your site and its visitors. It protects form submissions, login data, checkout info - everything. Squarespace provides free SSL certificates for every site. And it's almost automatic.

How to Make Sure SSL Is Working on Your Squarespace Site

Step 1: Enable SSL in Settings

  1. Go to your Squarespace Dashboard
  2. Click Settings > Advanced > SSL
  3. Set Security Preference to Secure (Preferred)
  4. Make sure SSL is set to ON
  5. Save your changes

This activates the SSL certificate provided by Let's Encrypt.

Step 2: Wait for Activation

SSL certificates on Squarespace usually activate within a few minutes - but in some cases, it can take up to 72 hours (especially if your domain was just connected).

In the meantime:

  • Visit your site at https://yourdomain.com
  • Don't force redirects or edit DNS during this time

If the padlock shows in the browser bar, you're good.

Step 3: Fix Mixed Content Warnings

If your site says "Not Secure" even after SSL is enabled, you might have mixed content - meaning you're trying to load insecure (http) assets on a secure (https) page.

Here's how to fix it:

  • Go to Settings > Advanced > SSL
  • Turn on HSTS and Force HTTPS
  • In Design > Custom CSS or any Code Blocks, search for any links starting with http://
  • Update them to https:// or use relative URLs (no http/https at all)
  • Double-check all image embeds, video URLs, and third-party scripts

Step 4: Use HTTPS Everywhere

Update all your internal links:

  • In navigation menus
  • Inside buttons
  • Within blog content

Make sure every link starts with https:// to avoid unnecessary warnings or redirects.

Step 5: Set Canonical URLs

To avoid SEO confusion between HTTP and HTTPS versions of your site:

  1. Go to Settings > SEO > Site Visibility
  2. Confirm that your canonical URL is set to the HTTPS version
  3. Submit your HTTPS site to Google Search Console

Why SSL Matters

  • Security: Encrypts data between your site and visitors - protects forms, payments, and login credentials
  • Trust: The padlock icon tells visitors your site is secure - they're more likely to stay, sign up, and buy
  • SEO: HTTPS is a confirmed Google ranking factor - sites without SSL may rank lower
  • Compliance: Required for processing payments and handling personal data under GDPR and other regulations

Bottom Line

SSL isn't just a security feature - it's a trust signal. Squarespace makes it easy with free, automatic SSL certificates on every site. But you still need to check the settings, fix mixed content, and make sure every link uses HTTPS. Ten minutes of effort for a secure site that visitors and search engines trust.

Frequently Asked Questions

Does Squarespace include free SSL?

Yes. Every Squarespace site gets a free SSL certificate from Let's Encrypt, included on all plans. It activates automatically when you connect your domain, usually within minutes but sometimes up to 72 hours.

How do I check if my Squarespace site has SSL?

Visit your site at https://yourdomain.com. If you see a padlock icon in the browser address bar, SSL is active. If you see "Not Secure," check Settings > Advanced > SSL and make sure it's turned on with Security Preference set to "Secure (Preferred)."

What is a mixed content warning on Squarespace?

Mixed content means your HTTPS page is trying to load some resources (images, scripts, embeds) over insecure HTTP. This triggers a "Not Secure" warning even though SSL is enabled. Fix it by updating all URLs to https:// in code blocks, custom CSS, and embedded content.

What is HSTS on Squarespace?

HSTS (HTTP Strict Transport Security) tells browsers to always use HTTPS when connecting to your site. Enable it in Settings > Advanced > SSL alongside Force HTTPS. This prevents any insecure connections and improves security.

Does SSL affect SEO on Squarespace?

Yes. HTTPS is a confirmed Google ranking factor. Sites with SSL enabled may rank higher than identical sites without it. SSL also improves user trust and reduces bounce rates, both of which indirectly benefit SEO.

How long does SSL take to activate on Squarespace?

Usually a few minutes. In some cases - especially when you've just connected a new domain - it can take up to 72 hours. Don't make DNS changes during this waiting period. Check back by visiting your site at https://yourdomain.com.
Start Your Squarespace Website
Keep Reading

* Read the rest of the post and open up an offer
Top