Is your site throwing ‘Not Secure’ warnings? Get HTTPS now…
Major web browsers announce that sites with HTTP pages will be marked as ‘Not Secure’ from October
The world wide web can be a dangerous place. Web browsers and search engines – Google in particular – are constantly striving to make the web a safer place for everyone. In doing so, they sometimes change the operating parameters to which all website owners must adapt.
Major web browsers such as Firefox and Chrome have commenced a push to encourage all website owners to adopt the more secure HTTPS protocol as opposed to HTTP, which has been the standard for many years now.
HTTPS pages encrypt all communications between a users web browser and the web page they are visiting and are therefore considered critical in ensuring the privacy, authenticity and integrity of communications on the web.
In January 2017, major web browsers began their quest to improve how the browser communicates the connection security of HTTP pages. The non-secure labelling will occur on pages delivered over HTTP that include forms, and specifically pages that include password fields. Additionally, in Chrome credit card fields will put warnings in the address bar to explicitly indicate that the connection is not secure. Beginning in October 2017, Chrome will show the “Not secure” warning in two additional situations: when users enter data on an HTTP page, and on all HTTP pages visited in incognito or privacy mode.
The non-secure label appears similar to this:
A member of Google’s Chrome security team, Emily Schechter confirms that “Passwords and credit cards are not the only types of data that should be private,” in a blog announcing the changes that will start appearing in October. “Any type of data that users type into websites should not be accessible to others on the network, so starting in version 62 Chrome will show the ‘Not secure’ warning when users type data into HTTP sites”. Google’s plan is to eventually mark all HTTP pages as insecure.
Furthermore, Google has indicated that websites that do not use the HTTPS protocol will be ranked lower in search results as the search engine seeks to further protect its users.
What does this mean for website owners?
Website owners are being encouraged in no uncertain terms to adopt HTTPS protocol immediately. Should your site continue with HTTP, visitors to your site will receive clear warnings about your site being not private and potentially unsafe. This will likely make potential customers nervous about utilising your website to make contact with you and/or engage your services. Furthermore, your search engine optimisation (SEO) will take a hit with your Google ranking falling behind other sites that have adopted the HTTPS protocols.
What do you need to do?
Adopting HTTPS protocol can be managed via your host. They will provide clear instructions on how to upgrade your website to use the HTTPS protocols. Webhance is here to help! We can manage this process on your behalf. For all clients utilising Webhance managed hosting services we are able to upgrade your site for the one-off fee of $150 per site. Contact Julie now to arrange this service for your website.