Hi, sorry, just seeing this.
I think
this is the earlier comment Ecmandu is talking about.
TLDR: We don't use encryption, traffic to the site passes through a third party, and we don't have certificates that establish that we are who we say we are. I don't think any of that is a problem, but Google does.
Encryption: there's no encryption (connection to ILP uses HTTP and not HTTPS), packets passed back and forth between your computer and ILP's server could in theory be intercepted.
Traffic passes through a third party: we use Cloudflare to protect against DDOS attacks. They are reputable, but this may be flagged as sketchy without a certificate or something else to show it's intended.
We don't have certificates: I don't fully understand how this works or what it does, but it's something to do with proving who we are. For example, if you are giving your bank details to a website, you want to be sure it's your bank, and there are third party services that make that happen. It's much less crucial here, it costs money, and I don't know how to set it up.
Google is probably right to make that kind of warning prominent, but it does favor larger, more sophisticated operations over hobbyist sites like ILP. You aren't being hacked, you aren't going to get viruses (if ILP served viruses, Google would flag that differently and yet more prominently), but you shouldn't share very sensitive info through ILP.
User Control Panel > Board preference > Edit display options > Display signatures: No.