As of July 1st 2018, Google’s Chrome browser has been marking websites served over plain HTTP ‘Not Secure’ as part of an initiative to move towards a more secure web. This switch coincided with the release of Chrome 68 and a warning is now displayed in the Omnibox similar to the image above.
“Chrome’s new interface will help users understand that all HTTP sites are not secure, and continue to move the web towards a secure HTTPS web by default.”
– Emily Schechter, Chrome Security Product Manager
Google has been pushing website owners to make the switch to HTTPS for sometime now, including offering a Ranking’s Boost for those sites that comply.
What does this mean for my Website?
Besides the obvious bonus of a ranking’s boost for your website in Google searches, there are many other benefits to upgrading your website to HTTPS.
HTTPS is secure. This means that any data you send back and forth over the connection is encrypted. Without the encryption key, the information is essentially gibberish. HTTPS also offers a performance boost and runs much faster than sites over a regular HTTP connection. Not only that, but serving your site over HTTPS will block ISPs from injecting ads onto your website. Finally, you will need to have encryption in order to run your site on HTTP/2, which will be the future of the web.
Speaking of HTTP, it’s old news! Like Geocities or a website built with frames… it’s time to upgrade. The biggest reason is HTTP is not secure. This means that any data transferred over the connection can be hijacked or seen by some undesirable people. It is a common misconception that HTTPS is only needed when you are collecting sensitive information such as processing payments on an eCommerce Website, this is untrue. Simply by logging into your WordPress website over HTTP your information can be stolen. This allows hackers to wreak all kinds of havoc and is part of the reason why websites that aren’t paying close attention to security are more likely to be hacked / injected with malware.
What do I need to do?
You need to install an SSL Certificate and convert your website to HTTPS. HTTPS has become much easier and most importantly, cheaper with services like Let’s Encrypt, leaving little to no excuse for not jumping on the band wagon.
In addition to installing your certificate and serving your website over HTTPS, you will need to fix Mixed Content issues and make sure you have a plan in place for preserving any SEO and Google search rankings. This is where a developer comes in very handy.
In short, anyone that runs a website, whether it be eCommerce or a small personal blog should be upgrading to HTTPS if they haven’t already.
If you are considering the switch and you need help with your HTTP to HTTPS conversion, I’ve got you covered! Just contact me to get started. As a bonus, I’m offering a 20% discount on HTTPS conversions to all current and new subscribers to any of my WordPress Maintenance Plans.