HTTPS security certificates for websites is a ‘thing’ that has been about now for quite some time. However, as of 25th July 2018 Chrome version 68 will now display the following warning in the browser address bar to ALL visitors if your site is using HTTP.
If you are running a small business you have to act NOW!
If you don’t know what HTTPS is then you may want to start by reading our guide about avoiding the Chrome “Not Secure” warning.
TL/DR? (That’s ‘Too Long, Didn’t Read’)
Simply put, HTTPS is making the web a safer place, the connection between your website and the visitors browser is encrypted. This means any information, like names, email address, bank details, debit card numbers etc. cannot be intercepted between the website and the browser of the visitor. Therefore HTTPS = better website experience for your visitors and the big G is ALL about user experience.
So back in 2014 Google started to use HTTPS as a ranking factor in their search algorithm. It was a “lightweight” ranking factor, but a factor nonetheless. It’s odd that Google went so public on a specific ranking factor but this shows how seriously they wanted webmasters to take making their website HTTPS compliant. We wrote a blog about HTTPS Everywhere and Google and this gives further insight from experienced Google Engineers as to why HTTPS needs to be adopted by ALL websites.
Chrome Starts to Warn Visitors about HTTP
FFW a couple of years and the momentum started to build;
- September 2016 – Chrome started to warn users when they visited non-secure HTTP websites, the idea was to encourage more sites to make the transition to HTTPS.
- January 2017 – Chrome started to warn users when a web page was not secure in the browser address bar. Not surprisingly as Chrome is a Google product, the browser started to notify website visitors that pages are “insecure” if only using HTTP.
- October 2017 – Chrome started to show the ‘Not secure’ warning when users entered data into a form on an HTTP page, and on all HTTP pages visited in Incognito mode.
All of this was a big push by major internet companies to self-police and make the web a much, much more secure place. As HTTPS became more important and used widely across the web Google upped the weighting for HTTPS in the search results. Now if you look on the front page of Google search results you will find that the majority are HTTPS and quite often Google shows results from websites using HTTPS exclusively.
However small businesses seem to have been very slow to catch on to this huge shift in web security that has happened.
Google Ups the Ante
Well, the game has changed again and now from July 24, 2018 with Google Chrome release 68, any visitor using Chrome browser visiting a HTTP only website will start seeing a “Not Secure” message on all pages not using HTTPS.
That means if your website is not hosted using SSL/TLS certificates your visitors will see “Not Secure” if they visit your web page. Given that almost 65% of internet traffic uses the Chrome web browser it is safe to assume that over 50% of your visitors could be seeing “Not Secure” when visiting your website.
If you are not using HTTPS in 2018 then you are not only missing out on the benefits this brings your website but it also signals to your visitors that you are not taking their security online seriously. It’s no longer acceptable to just ignore HTTPS, it will impact on the “trust signals” that your website sends to your visitors. If you had a sign on your shop door that said “Not Secure” would that be a good idea? How would your customers feel if they saw this sign?
We would suggest that you contact your hosts today and ask them to add a HTTPS certificate to your website, it’s the ONE thing you can do that will give you 5 important improvements to help your website online:
- Increase trust in your business
- Improve that important first impression
- Help improve the Internet
- Give you a little boost on Google
- Increase security for your visitors
If you have a website and currently don’t have HTTPS and display the green padlock in your visitors browser then the message is clear from Google; they are going to tell everyone who visits about the possible security risks they are taking when visiting your website.
You have been warned.
So What Do I Do?
As we stated in our previous blog post on this topic, these warnings will become increasingly severe and we foresee the time when you will see the “Your Connection is Not Private” page being shown before users can even get to your website.
Google is taking Internet security and user privacy very seriously and is going to penalise website owners without HTTP in increasingly severe ways. I can see a day when website’s without a valid SSL/TLS security certificate just not being indexed at all by Google. You read it here first people!
The message is crystal clear, take your visitor’s security seriously or your business will suffer, the choice is yours.
We understand that adding an SSL/TLS Certificate to your website may be above your technical know-how, which is why we offer it for free with all our hosting packages.
If this issue affects you and you wish to discuss it with experts call us on 01420 398080