# 30964: Campaign rejected: non-secured URL (http://) detected

Log Type: APPLICATION

Log Level: ERROR

## Description

Your A2P 10DLC campaign was rejected because it contains URLs that use the insecure HTTP protocol instead of HTTPS. All URLs included in A2P 10DLC campaigns, whether in sample messages, campaign descriptions, or opt-in flows, must use HTTPS to ensure encrypted communication between consumers and your website. Non-secured HTTP URLs expose consumers to man-in-the-middle attacks and data interception.

### Possible causes

* **HTTP URLs in sample messages:** One or more sample messages contain URLs using `http://` instead of `https://`.
* **Non-secured website URL in campaign registration:** The website URL provided during campaign registration uses HTTP rather than HTTPS.
* **Mixed content on landing page:** While the main URL may use HTTPS, the landing page loads resources or redirects through insecure HTTP connections.

### Possible solutions

* The rejected campaign is **not eligible for resubmission**. Campaign URLs must use HTTPS to protect consumer security and privacy.
* Ensure your website has a valid SSL/TLS certificate installed and that all URLs in your campaign use `https://` before registering a new campaign.
* If you believe this rejection was made in error, [contact support](https://support.twilio.com).

### Additional resources

* [A2P 10DLC Registration Guide](/docs/messaging/compliance/a2p-10dlc)
* [Campaign Registration Best Practices](https://help.twilio.com/hc/en-us/articles/11847054539547-A2P-10DLC-Campaign-Approval-Best-Practices)