If you accidentally clicked on a bad website or suspicious website on your iPhone, close the browser or app immediately where the link was opened.
Then clear out your browser history and website data to remove any traces that could be lingering.
It's also a good idea to run a security scan on your iPhone with any trusted antivirus app.
You should also restart your iPhone which helps to shut down any active threats and if you see any suspicious profiles on your iPhone go to settings, general and profiles and remove them.
Also remove any suspicious calendars by going to settings, calendar, accounts and subscribed calendars.
If your iPhone has malware from visiting the bad or suspicious website, you can reset the iPhone to it's factory settings which will wipe the device clean and reinstall the operating system.
If you visit an unsecure website on an iPhone any data that you enter on the unsecure website like passwords, credit card numbers etc won't be encrypted and could potentially be intercepted by hackers.
Although if you simply browse the unsecure website on your iPhone without entering any information it's not usually harmful.
Safari will also display an not secure warning on your iPhone to alert you to the risk of the unsecure website, especially if you attempt to enter data on the website page.
However some websites might be temporarily unsecure, such as during website maintenance or an SSL certificate may have expired and the website owner forgot to renew it.
In those cases, the website is still safe and won't harm your iPhone.
As long as the website is legit and there's no actual viruses on the website, visiting the unsecure website on your iPhone won't do any harm.
But any information you type into a form, like a username, password or credit card number or debit card number etc can be intercepted and read by a third party.
When a website is not secure and unencrypted, the connected between the iPhone and the website is not encrypted, which makes it easier for other people on the same network to sniff or see any data that you're receiving or sending.
If a legit website that you visit is unsecure and it was secured before, try contacting the website owner to let them know as they may have forgot to renew their SSL and need to secure the website again.
Avoid entering any personal information such as passwords, credit card numbers or details or debit card details, or other sensitive information on an unsecure website, even if you know the website is legit.