Google to mark all HTTP pages as “not secure”

Google to mark all HTTP pages as “not secure”

How secure is your website? If you’re collecting sensitive customer information like passwords or credit card information, what are you doing to ensure and reassure customers it’s all safe?  If you haven’t already added a SSL certificate to your site, and haven’t yet made the switch to HTTPS, the secure version of HTTP, it might be time to step up.

Why?  Apart from the obvious reason of making your site more safe and secure, you’ll also avoid having your site marked as “Not secure” for every potential customer to see.

Google has announced that from Chrome version 68 (Released in July 2018), the browser will label any site that isn’t using HTTPS as “Not secure”. (Previously, Chrome had shown this warning only for sites handling sensitive information such as personal details and contact forms).

Here’s an unsecured website example warning:

not secure

So you don’t have to worry about Google blocking HTTP websites, but this is still a less than ideal situation.

Considering the amount of hard work and effort it takes to attract prospects to your site, the last thing you want to do is drive them away the second they enter because of an unsecured website warning.

And you can bet your rivals are busy securing their websites: Google says that over 68% of Chrome traffic on both Android and Windows is now secured, rising to 78% for Chrome traffic on Chrome OS and Mac.

In this post we’ll explain why HTTPS has become vital to any businesses’ credibility and safety online, as well as how to get started making the switch from HTTP to HTTPS.

But before we get any further, what exactly are HTTPS and SSL?

  • HTTPS (Hyper Text Transfer Protocol Secure) is a secure version of HTTP. It’s most often used for ecommerce sites to make secure transactions. If you’ve visited your bank’s website and noticed a padlock icon in the top right corner, then you can rest easy knowing that the site is secure.
  • SSL stands for Secure Sockets Layer. It’s a protocol that provides secure connections for transmitting files. In simpler words, SSL isn’t used to encrypt a file but the connection.

So, if you have a domain like:

  • https://www.example.com – you’ll know that it’s encrypted and secure since it uses HTTPS.
  • http://www.example.com – you’ll know it’s unencrypted and non-secure as it’s HTTP.

Do HTTPS sites get an SEO boost over HTTP sites?

Some years ago, Google announced HTTPS as a lightweight ranking signal. This means they started showing preference for HTTPS in the search engine results page (SERPs). In other words, sites using SSL certificates are considered more secure, so they’re more trusted, which means they also deserve to get a small boost in the rankings.

However, you shouldn’t expect switching to HTTPS to have a huge impact on your search engine rankings.

Who should make the switch to HTTPS?

Everyone.

If you own a simple business site, HTTPS can prevent intruders from being able to passively “listen in” on any communication between your site and your users.

Is SSL necessary for B2B websites?

The answer for most B2B websites, and most B2C websites is “yes, you will need an SSL”. If you:

  • Have a contact form
  • Accept payments (directly or via a third-party provider)
  • Collect any other kind of personal information via your website
  • Have a members/logged in area of your site

Then you need to protect that information, and an SSL allows you to do this.

Should I install SSL for a blog?

Again, for most blogs the answer is probably “yes, you will need an SSL”. Things such as contact forms and comment sections are prevalent on blogs and you need to ensure the any information transmitted via these methods is protected. To do so, your blog will need an SSL.

As you can see, there are lots of reasons of complying with the Google HTTPS requirement no matter what type of website you have.

On top of a small boost in search rankings, increased security and credibility online, you also get a pretty lock symbol that immediately tells visitors your site is safe and secure:

secure

How to get started.

Find out what type of SSL is suitable for your website. The SSL certificate you choose depends on the type of website you have. For example, if you’re a start-up business the Simple SSL would be the right solution for you. But if you have an online shop, we’d recommend the Standard SSL or Extended SSL as this helps ensure that all data is protected and secure against online threats; plus, it adds the green bar to your site with extra company details to help increase trust.

Check out our SSL Certificates page for more information on the different types of SSLs provided by Calla Internet, and which one’s best for you.

Buy your SSL. Once you’ve decided on the right SSL for your site, purchase it.  We can help walk you through the process if that helps – just drop us a line.

What next?

Next you will need to update your website to work with HTTPS URLs. This might involve some development work so if you don’t have the skills, it’s best to find someone with the expertise needed to help you.  We can recommend our sister company to help with this if required.

When making the move, make sure to protect your SEO as a big mistake can result in a drop in rankings, and you don’t want that.

What to expect when migrating to HTTPS.

If you’re migrating to HTTPS hoping for a significant boost in rankings, think again. Since HTTPS is a small ranking factor, you won’t notice much of a change in rankings. It’s not unlikely for it to become a more important ranking factor in the future, considering Google’s constant push for a more secure web.

What you can expect is increased security for your site. This includes communication and data exchange and collection between you and your visitors. And anyone visiting your site will know that your site is safe and secure. This means that switching to HTTPS also comes with increased trust and credibility for your brand, which are now critical to a businesses’ success online.

If done correctly, you should not see any fall in your website’s SEO rankings because of the switch. You can see John Mueller of Google confirm that here.

However, if you do experience falling rankings check out this guide from Moz to help you understand what could’ve gone wrong and how to fix it.

Wrapping up

Here’s the thing: it’s not just Google that wants a more secure web. We all do. So if the search engine giant is encouraging “all website owners to switch from HTTP to HTTPS to keep everyone safe on the web,” what’s stopping you from making the move?

HTTPS may be a small signal for now, but if Google believes it’s needed to enhance users’ experience, expect it to eventually play a bigger role in the search algorithm.

About the Author