Google is Requiring Websites to Switch to HTTPS or Show Up as Non-Secure


June 18, 2018

If your website collects sensitive visitor information such as passwords, credit card information, or other personal data – be warned.

Earlier this year, Google made changes that started to mark websites without HTTPS as non-secure on Google Chrome, Google’s own web browser that has 59.38% of the browser market share. That’s way above the second highest used browser, Safari, with only 14.88% market share.

If you haven’t already made the switch to HTTPS and purchased an SSL certificate to protect visitors and your site, now is the time. That's because Google has finally put a deadline on this - July 2018. 

What Exactly Is HTTPS?

“HTTP (HyperText Transfer Protocol) and HTTPS (HyperText Transfer Protocol Secure) are both protocols, or languages, for passing information between web servers and clients,” according to Search Engine Journal.

What is important to take away from it is that HTTPS is a secure connection, whereas HTTP is unsecure. With a standard HTTP connection, it is possible for unauthorized parties to observe the conversation between your computing device and the site.

An HTTPS connection adds a blanket of security over that conversation using an SSL/TSL protocol (Secure Sockets Layer and Transport Layer Security) that prevents cyber eavesdropping, protects against data corruption, and authenticates communication.

To ensure the safety of Google Chrome users, Google has begun to penalize HTTP connections by alerting users of what it is… insecure.

Here is what a non-secure vs. secure web form looks like (notice the URL bar):

How to Secure Your Website

To enable HTTPS on your website, you must first acquire an SSL certificate from a Certificate Authority (CA). This acts as a stamp of approval from a trusted party because it ensures your website is legitimate and secure.

Once you have your certificate, it needs to be installed and your website will need to be updated. That includes doing a full backup of your site, changing all your internal links, checking code libraries, updating all external links that you can, and creating 301 redirects.

It’s also important to update your URLs on Google (Search Console, Analytics, Adwords), anywhere else you are running paid aids, on all your social profiles, and across all your top citations.

This process can be very involved depending on the size of your website and web presence, but the alternative is leaving your visitors unprotected and jeopardizing their trust in your business.

Google Chrome flagging HTTP sites as unsecure is just step one of changes soon to come that better protect the privacy and security of sensitive information. There’s no reason to delay HTTPS any longer.

FAQs About Switching to HTTPS

Here are a few FAQs on what it takes to secure your website...

1. Does it affect me?

If you have a website, yes.

2. What does SSL do?

In short, it encrypts the pages on your website.

3. Why would I want that?

To protect your visitors and to reassure them that the information coming from your website is really your company sending the information. Last but not least, to pacify Google so they don’t tell 59% of the world that your website is not secure.

4. What do I need to do?

1. Get a secure certificate installed on your domain.

2. Change all the pages, links, images, etc. to be served from the secure domain.

5. Why are there two parts to this?

Part 1 is the getting a certificate and installation.

Part 2 is fixing your existing website.

6. How much is Part 1?

If you just need the certificate installed, a 1-year certificate is $50. 

Plus $135 for installation. (Depending on your hosting provider, there may be a small additional installation fee from them.)

7. How much is Part 2 (the fixing of an existing website)?

If you have an existing website you’ll also need to get your website working off your new secure domain. (You should only have to do the second part one time). As for how much that costs - it's tough to say. It really depends on how big your website is and how many images and links you have. If you'd like us to give you an estimate, please fill out the contact form at the bottom of this page. Be sure to include your website address.

8. What do you do in Part 2?

We make it so the website pages are secure. In doing so, we will update images, apps and widgets, social share icons and internal page links to make sure all are served securely. Finally, we will do 301 redirects on all the pages to make sure the old insecure pages redirect to the new secure version of the page.

9. Do we need 301 redirects?

If you have an existing website, yes. To the search engines, moving to a secure domain can look like your old website is disappearing and a brand new website is emerging. You want to let the search engines know the page has just moved and is not gone away completely, so you don’t lose your ranking. Google actually said that going secure will help your ranking.

10. If I have more than one website domain, do I have to do them all?

No. You just need to do your primary website domain.


If you'd like to move forward with purchasing and installing an SSL certificate, call the SMT office at 407-682-2222 or fill out the contact form below with your website address and we'll get you a quote!

Did you like this post?

Sign up for our Tips and Trends list and we'll let you know each week when we have a new one.

Categories

Web Design (27)
Web Development (36)
Misc. Website (21)
Search Engine Optimization (97)
Social Media Marketing (111)
Local Search Marketing (24)
Content Marketing (38)
PPC Advertising (34)
Digital Marketing (128)
Marketing Automation (26)
Sales Automation (21)
Company News (10)
Other (28)

Archives

Feeds