This is a very important post for any business, organization or individual with a website. Starting now (October 2017), most sites will display a “Not Secure” warning in Google Chrome browser (and eventually others) if they have not upgraded from “http” to “https”. In particular, the warning will appear if information is collected in any of the following ways:
- Search fields
- Contact forms, opt-in forms that capture information for mailing lists, forms to enter a giveway
- Online payments, donations, shopping carts
- Comment boxes: Name, website, email address, and comment
- Any other ways a visitor may type something on your website and that information is transmitted to your server or any other server that collects the information.
Benefits of Upgrading to HTTPS
As Orpical Group (a Philadelphia marketing agency) notes on their website:
Trust – HTTPS notifies users that all data provided from the website they are visiting is trustworthy and has not been altered. Users are starting to get messages from browsers when they visit a web page that is Not-Secure. Sites with HTTPS display a “Secure” message, helping build trust.
Confidentiality – HTTPS confirms that all the activity complete on the website will be encrypted. This also means that the website and activity cannot be visible to someone who is trying to sniff through network traffic.
Protection – HTTPS protects sensitive information. Website users want to be confident that their sensitive information, such as credit card or personal information, stay secure and do not fall into the wrong hands.
Search – Security is a top priority for Google. They invest a lot in making sure that their services use industry-leading security, like strong HTTPS encryption by default. Now, more than ever, they are putting emphasis on HTTPS in the search ranking algorithms.
More reasons to upgrade:
- Google ranks secure sites higher (penalizes non-secure sites)
- https sites load faster
- Eventually, Chrome will show a Not Secure warning for all pages served over HTTP, regardless of whether or not the page contains sensitive input fields.
Webmaster Ray Can Help
More background information is below, but bottom line is that Attraction LLC offers low prices:
From $50 for one-time installation/configuration plus $50/year for the annual renewal of the SSL Certificate. Prices will vary slightly depending on your hosting account. For example, this compares favorably to GoDaddy’s $70/yr renewal rate.
A temporary option for some would be to remove any contact forms on your site and replace with a simple email link. Contact me asap to discuss best options for your site!
FORBES ARTICLE 8/22/17:
Chrome Will Soon Warn You About Unsecure Websites. Should You Be Concerned?
“Google is trying to do something about this by pressuring companies to provide more security for the people who visit their websites…
…Google is pushing back against webpages with URLs that begin with “http” – no “s” – because they don’t encrypt communication between the user and the website. Communication may not be secure and the user’s interactions with the website can be hacked…
…Beginning in October, Google’s Chrome browser will display the message “Not Secure” in the address bar when users interact with an unencrypted webpage.”
“Chrome dominates the global browser market to such a great degree that more than half of the world’s internet users will see the warnings when they interact with unencrypted websites.”
Search Engine Journal article:
Google Is Requiring HTTPS for Secure Data in Chrome
Does your site collect sensitive visitor information such as passwords, credit card information, or personal data? If so, be warned: by the end of January 2017, Google Chrome will begin marking sites without HTTPS as non-secure. … If you have not done so already, protect your visitors and your site with an SSL certificate and migrate to HTTPS (HyperText Transfer Protocol Secure).
All you need to know is that HTTPS is a secure connection, whereas HTTP is unsecure. With a standard HTTP connection, it is possible for unauthorized parties to observe the conversation between your computing device and the site…
Chrome Warning Added:
– In past http shows “i” and when clicked says “This site is not secure”.
– https shows “Secure” in green, along with green padlock.
– Starting 10/17, http will show “Not secure”.
Process to Install SSL:
- Purchase SSL Certificate from a Certificate Authority
- Generate CSR, CRT, and KEY files and install in host control panel
- Backup site content
- Change all internal links (http to https)
- Check code libraries / test
- Update all external links that you can (from directories & other sites)
- Create a 301 redirect
Webmaster Ray Can Help
More background information is below, but bottom line is that Attraction LLC offers low prices:
From $50 for one-time installation/configuration and from $45/year for the annual renewal of the SSL Certificate. Prices will vary slightly depending on your hosting account. For example, this compares favorably to GoDaddy’s $70/yr renewal rate. Contact me asap to discuss best options for your site!