Design & Development

Google Analytics’ Security Warnings

The subject of security warnings with Google Analytics is one that has been frequently brought up by our readers, and was something that I ran into when I launched an earlier Practical eCommerce website. The issue is that occasionally someone will install Google Analytics on their site only to find that users are getting errors about “both secure and unsecure” information on the page. Whether you understand that or not, it is not conducive to making an online sale.

Install the Tracking Code

When installing Google Analytics, someone needs to place two small pieces of JavaScript code on each page of the site they want to track. The first downloads a library of JavaScript functions that are used, and the second contains unique information about your Google account and calls some tracking functions. The error is generated by the first script, which accesses the server “” for the JavaScript library. You will notice that this server is not secure, and is the one to blame for security warnings.

Luckily, the solution is quite simple. For the pages on your site that are secured by an SSL certificate, you need to place a different piece of code to install Google Analytics. You can get the correct piece of code for your account by logging in to your Google Analytics account, and selecting “edit” next to the website profile that you want to use. Choose to edit the URL at the top of that page, and replace the “http://” with “https://”, which will tell Analytics your site is secure. Save the changes and click “account status” for that website profile to get the new JavaScript code to install on secure pages only.

Notice that the server the browser now gets the JavaScript library from is “” and the secure pages no longer generate a security warning.

Brian Getting
Brian Getting
Bio   •   RSS Feed