I just posted our web site www.sipgrinder.com that I created with Xway and it looks great. I am not sure what I did wrong but it is still coming up as not secure, http.
This is something you should ask your web host about.
It’s secure if I add https:// before your domain (so there is an SSL certificate). Your web host should be able to ensure that this is the default setting.
As @Jeremy pointed out, HTTPS is working properly for your website, it’s just not forced. It looks like your hosting provider is using cPanel so you may have been given login details to the cPanel interface.
If you were, you might be able to force HTTPS as described here:
If that doesn’t help though, it will be a question for your hosting provider.