Good ol' Google has now set a deadline for website owners to upgrade their websites to be HTTPS. This means your website pages are being requested by Google to be served as HTTPS, rather than just HTTP (that's ALL types of websites). So be warned....

HTTPS and GoogleSince 2016, Google - the search engine - has moved toward showing more secure websites by strongly advocating that sites adopt HTTPS encryption. And within the last year, they’ve tried to help users understand that HTTP sites are not secure (for entering credit card or passwords) by gradually marking a larger subset of HTTP pages as “not secure”. Beginning in July 2018 with the release of Chrome 68, Chrome (Googles own browser) will mark all HTTP sites as “not secure”. This is rather drastic.

In 2016, websites displayed via Googles Chrome web browser which contain either a password or credit card form were marked as 'not secure' unless equipped with an SSL (Secure Socket Layer) Certificate.Now it's becoming the norm that ALL websites are served as HTTPS. SSL is used to encrypt all data to and from a website to the users browser including sensitive personal data (i.e. card details/personal information) when sent by a form to a web server).

Google has set this deadline of July 2018 and warns ALL website owners to upgrade before this date otherwise they will add a notice in the address bar stating the site is insecure.

What is HTTPS and SSL?

HTTPS stands for Hypertext Transfer Protocol Secure or “HTTP Secure,” and is an application-specific implementation that is a combination of the Hypertext Transfer Protocol (HTTP) with the SSL/TLS. HTTPS is used to provide encrypted communication with and secure identification of a Web server.

What is SSL and TLS?

SSL stands for Secure Sockets Layer and was the most widely deployed cryptographic protocol to provide security over internet communications before it was preceded by TLS (Transport Layer Security) in 1999. Despite the depreciation of the SSL protocol and the adoption of TLS in its place, most people still refer to this type of technology as SSL.

HTTPS and Google Chrome

Web developers have been transitioning websites to HTTPS over the years and making the web safer for everyone. Progress in 2017, according to Google and its browser, Chrome, was incredible and it’s continued since then:

  • Over 68% of Chrome traffic on both Android and Windows is now protected
  • Over 78% of Chrome traffic on both Chrome OS and Mac is now protected
  • 81 of the top 100 sites on the web use HTTPS by default

Chrome’s new interface will help users understand that all HTTP sites are not secure and continue to move the web towards a secure HTTPS web by default. HTTPS unlocks potential better performance improvements than HTTP in Chrome (note - this does not include other browsers).

How do I make my website more secure?

Google will warn users that non-HTTPS sites are insecure, so in the first instance, contact your website developer (like us) who will be able to upgrade your website to HTTPS by installing SSL on the hosting server for your website domain within 48 hours. Our SSL certificates are high quality certificates and encryption furthermore they are set per domain (rather than the 'buy one for the server and share it with 1000's of other websites'-type - which are not the most secure!). If you're unsure who your website developer is or what to do or you built the website yourself and need help making it more secure, contact our web developers who can help.

Google will warn users to stay away from non-HTTPS sitesJuly 2018 HTTPS and Chrome deadline

Don't ignore this deadline of July 2018 because it could seriously affect your website click through rate (on Chrome). If your website is not HTTPS fewer users may click it due to the unfriendly warning with which Google will label your site. July 2018 is the date when Chrome will begin explicitly warning users if a site is insecure. More than 50 percent of Internet browsers worldwide are Chrome (you may be using Chrome while reading this), so you need to be aware that even if you don't use Chrome, your users will!

This prominent warning that Google will put on your website url may affect how secure users will feel upon seeing your website and may cause visitors to ignore your site or leave it immediately, which will negatively impact your websites bounce rate, advertising impressions, affiliate clicks, and e-commerce sales. So it's not worth ignoring - contact aprompt website designers in Wiltshire today to install HTTPS on your website

eCommerce websites and SSL

If you have an eCommerce website you really should have an SSL installed - if you haven't already requested the installation of SSL on your website please contact our website designers in Wiltshire straight away and we can help you get your website secure.

Written by Kirsty Paget