diff --git a/cfg/conf.sample.php b/cfg/conf.sample.php
index fba5df8..b195e2a 100644
--- a/cfg/conf.sample.php
+++ b/cfg/conf.sample.php
@@ -77,6 +77,9 @@ languageselection = false
 ; sha256 in HMAC for the deletion token
 zerobincompatibility = false
 
+; enable or disable the warning message when the site is served over HTTP instead of HTTPS, defaults to true
+httpwarning = true
+
 [expire]
 ; expire value that is selected per default
 ; make sure the value exists in [expire_options]
diff --git a/css/bootstrap/privatebin.css b/css/bootstrap/privatebin.css
index 8355ac3..1c7bc28 100644
--- a/css/bootstrap/privatebin.css
+++ b/css/bootstrap/privatebin.css
@@ -81,12 +81,11 @@ body.loading {
 }
 
 .dragAndDropFile{
-        color:#777;
-        font-size:1em;
-        display:inline;
+	color:#777;
+	font-size:1em;
+	display:inline;
 }
 
-
 #deletelink {
 	float: right;
 	margin-left: 5px;
diff --git a/css/privatebin.css b/css/privatebin.css
index 5dab6c0..c7124e2 100644
--- a/css/privatebin.css
+++ b/css/privatebin.css
@@ -290,9 +290,9 @@ input {
 
 #ienotice a { color: #000; }
 
-#oldienotice { display: none; }
+#oldnotice, #httpnotice { display: none; }
 
-.errorMessage {
+#errormessage, .errorMessage {
 	background-color: #f77 !important;
 	color:#ff0;
 }
diff --git a/js/privatebin.js b/js/privatebin.js
index ca57eb5..5b39658 100644
--- a/js/privatebin.js
+++ b/js/privatebin.js
@@ -1651,7 +1651,6 @@ jQuery.PrivateBin = (function($, RawDeflate) {
          */
         me.hideMessages = function()
         {
-            // also possible: $('.statusmessage').addClass('hidden');
             $statusMessage.addClass('hidden');
             $errorMessage.addClass('hidden');
         };
@@ -4672,7 +4671,7 @@ jQuery.PrivateBin = (function($, RawDeflate) {
             }
 
             if (isInsecureConnection()) {
-                Alert.showError('This website is using an insecure HTTP connection! Please use it only for testing.');
+                $('#httpnotice').toggle(true);
             }
 
             return true;
diff --git a/lib/Configuration.php b/lib/Configuration.php
index b6d7c41..8202c93 100644
--- a/lib/Configuration.php
+++ b/lib/Configuration.php
@@ -55,6 +55,7 @@ class Configuration
             'icon'                     => 'identicon',
             'cspheader'                => 'default-src \'none\'; manifest-src \'self\'; connect-src *; script-src \'self\' \'unsafe-eval\'; style-src \'self\'; font-src \'self\'; img-src \'self\' data: blob:; media-src blob:; object-src blob:; Referrer-Policy: \'no-referrer\'; sandbox allow-same-origin allow-scripts allow-forms allow-popups allow-modals',
             'zerobincompatibility'     => false,
+            'httpwarning'              => true,
         ),
         'expire' => array(
             'default' => '1week',
diff --git a/lib/Controller.php b/lib/Controller.php
index 142bb5b..09b257a 100644
--- a/lib/Controller.php
+++ b/lib/Controller.php
@@ -386,6 +386,7 @@ class Controller
         $page->assign('EXPIREDEFAULT', $this->_conf->getKey('default', 'expire'));
         $page->assign('URLSHORTENER', $this->_conf->getKey('urlshortener'));
         $page->assign('QRCODE', $this->_conf->getKey('qrcode'));
+        $page->assign('HTTPWARNING', $this->_conf->getKey('httpwarning'));
         $page->draw($this->_conf->getKey('template'));
     }
 
diff --git a/tpl/bootstrap.php b/tpl/bootstrap.php
index 9f2ff4f..c908cae 100644
--- a/tpl/bootstrap.php
+++ b/tpl/bootstrap.php
@@ -72,7 +72,7 @@ if ($MARKDOWN):
 endif;
 ?>
 		<script type="text/javascript" data-cfasync="false" src="js/purify-1.0.10.js" integrity="sha512-CqskSFXERL38A1PJP9BlO04me7kmwgDIhN1+k24RoFiisEwXA0BMdm0lzJC7g5jCRZ4k5OYdOJGEqW9CwDl4CA==" crossorigin="anonymous"></script>
-		<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-M0NIZDkl5ZzzzG1ISZjgrgKr2jMDZ7EeTfVAgj7YkkbU83pAddjfkjlak9dp5KsMZYFDw62052a+bT+PPJhMCA==" crossorigin="anonymous"></script>
+		<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-nuGweMxu6IG9HcczL7tf6dhR2vGKVaYuv7yC7ap+WsUnI6TMrdyQiT1dZG/k9JvnvW+ptJ+bFkuHpgec1gZ/DA==" crossorigin="anonymous"></script>
 		<!--[if IE]>
 		<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;}</style>
 		<![endif]-->
@@ -440,11 +440,11 @@ if ($FILEUPLOAD):
 <?php
 endif;
 ?>
-				<div id="status" role="alert" class="statusmessage alert alert-info<?php echo empty($STATUS) ? ' hidden' : '' ?>">
+				<div id="status" role="alert" class="alert alert-info<?php echo empty($STATUS) ? ' hidden' : '' ?>">
 					<span class="glyphicon glyphicon-info-sign" aria-hidden="true"></span>
 					<?php echo htmlspecialchars($STATUS), PHP_EOL; ?>
 				</div>
-				<div id="errormessage" role="alert" class="statusmessage<?php echo empty($ERROR) ? ' hidden' : '' ?> alert alert-danger">
+				<div id="errormessage" role="alert" class="<?php echo empty($ERROR) ? 'hidden' : '' ?> alert alert-danger">
 					<span class="glyphicon glyphicon-alert" aria-hidden="true"></span>
 					<?php echo htmlspecialchars($ERROR), PHP_EOL; ?>
 				</div>
@@ -465,6 +465,16 @@ endif;
 					<a href="https://www.opera.com/">Opera</a>,
 					<a href="https://www.google.com/chrome">Chrome</a>…
 				</div>
+<?php
+if ($HTTPWARNING):
+?>
+				<div id="httpnotice" role="alert" class="hidden alert alert-danger">
+					<span class="glyphicon glyphicon-alert" aria-hidden="true"></span>
+					<?php echo I18n::_('This website is using an insecure HTTP connection! Please use it only for testing.'), PHP_EOL; ?>
+				</div>
+<?php
+endif;
+?>
 				<div id="pastesuccess" role="alert" class="hidden alert alert-success">
 					<span class="glyphicon glyphicon-ok" aria-hidden="true"></span>
 					<div id="deletelink"></div>
@@ -502,7 +512,7 @@ endif;
 				</div>
 			</section>
 			<section class="container">
-				<div id="noscript" role="alert" class="nonworking alert alert-info noscript-hide">
+				<div id="noscript" role="alert" class="alert alert-info noscript-hide">
 					<span class="glyphicon glyphicon-exclamation-sign" aria-hidden="true"></span>
 					<?php echo I18n::_('Loading…'); ?><br />
 					<span class="small"><?php echo I18n::_('In case this message never disappears please have a look at <a href="https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away">this FAQ for information to troubleshoot</a>.'); ?></span>
diff --git a/tpl/page.php b/tpl/page.php
index a552e80..a571cdb 100644
--- a/tpl/page.php
+++ b/tpl/page.php
@@ -50,7 +50,7 @@ if ($MARKDOWN):
 endif;
 ?>
 		<script type="text/javascript" data-cfasync="false" src="js/purify-1.0.10.js" integrity="sha512-CqskSFXERL38A1PJP9BlO04me7kmwgDIhN1+k24RoFiisEwXA0BMdm0lzJC7g5jCRZ4k5OYdOJGEqW9CwDl4CA==" crossorigin="anonymous"></script>
-		<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-M0NIZDkl5ZzzzG1ISZjgrgKr2jMDZ7EeTfVAgj7YkkbU83pAddjfkjlak9dp5KsMZYFDw62052a+bT+PPJhMCA==" crossorigin="anonymous"></script>
+		<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-nuGweMxu6IG9HcczL7tf6dhR2vGKVaYuv7yC7ap+WsUnI6TMrdyQiT1dZG/k9JvnvW+ptJ+bFkuHpgec1gZ/DA==" crossorigin="anonymous"></script>
 		<!--[if IE]>
 		<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;}</style>
 		<![endif]-->
@@ -84,6 +84,13 @@ endif;
 				<a href="https://www.opera.com/">Opera</a>,
 				<a href="https://www.google.com/chrome">Chrome</a>…
 			</div>
+<?php
+if ($HTTPWARNING):
+?>
+			<div id="httpnotice" class="errorMessage"><?php echo I18n::_('This website is using an insecure HTTP connection! Please use it only for testing.'); ?></div>
+<?php
+endif;
+?>
 		</header>
 		<section>
 			<article>
diff --git a/tst/ViewTest.php b/tst/ViewTest.php
index 4437344..cde7c1b 100644
--- a/tst/ViewTest.php
+++ b/tst/ViewTest.php
@@ -55,6 +55,7 @@ class ViewTest extends PHPUnit_Framework_TestCase
         $page->assign('EXPIREDEFAULT', self::$expire_default);
         $page->assign('URLSHORTENER', '');
         $page->assign('QRCODE', true);
+        $page->assign('HTTPWARNING', true);
 
         $dir = dir(PATH . 'tpl');
         while (false !== ($file = $dir->read())) {