Have you spotted the Google Chrome Insecure Warning on your website? Unless you have a SSL Certificate and serve your web pages in HTTPS / Secure Mode, Google will tell your site visitors, that your site is Insecure. That’s bad news …
Google has told us for a long time, it prefers secure websites in it’s search rankings and planned to make it mandatory. Google has now made this official. Websites accessed via the popular Chrome Browser will now display the ‘Insecure’ icon on all sites without SSL.
If you don’t know how to deal with this, read on. If you need help, ask your web developers or get in touch with us so we can explain.
Would you shop on a website that says it is insecure?
If a website is asking me to fill in a form, make a payment or login, it would be a risk to do so on any website which fails to provide security via HTTPS pages. The chances of my data being intercepted are slim BUT it’s possible, and now, Google Chrome highlights this issue by making sites display as Insecure to make users aware of the risk.
What is the difference between HTTP and HTTPS?
The idea of HTTPS is to encrypt the connection between the browser and the server using an SSL Certificate. Any data inputted to the screen (form filling, checkout data etc) is encrypted to avoid hackers being able to see that data. HTTP is a plain text protocol which makes it easier for a hacker to intercept and read data.
HTTP standards for Hyper Text Transfer Protocol and is Non-Secure
HTTPS stands for Hyper Text Transfer Protocol Secure and is Secure
Why should i make this change to HTTPS?
For some time now, it’s been widely recognised that serving webpages via HTTPS gives a slight SEO boost. This is something WEBS4SEO do as standard for all their SEO customers.
All website owners should move to HTTPS to build trust.
Like i said above, would you really shop on a website which told you in the browser, that it is insecure? It will not inspire confidence and that is detrimental to the success of your site.
Google Chrome Insecure Warning
Look at the following screen shots from Insecure and Secure websites.
Insecure Mode: Website running in HTTP with NO SSL
Secure Mode: Website running in HTTPS with SSL Certificate
Purchasing SSL Certificates
It isn’t expensive and it’s easy to do. The cost depends on the level of certificate, but for most non E-Commerce websites, basic SSL Certificates are ample. You can click here for costs on our hosting site, if you need one.
Activating HTTPS Secure Web Pages
The process of doing this will depend on the type of website you operate.
- Adjust the settings of the site to be https:// for both entries in General / Settings
- Install Velvet URL plugin and change URL’s from http:// to https:// (replace using the actual full domain name e.g https://www.webs.limited/ replacing https://www.webs.limited)
- If you are using a CDN, flush the cache and check the site
You can do this manually in the config file, or login to the administrator area and:
- Click on System / Global Configuration / Server
- Tick the box ‘Force HTTPS’ on Entire Site
- Check website is working properly for you
Search on Google, ask your developer or the provider of your website platform how to enable HTTPS for your website. If you get stuck, get in touch, as we can surely help you sort this.
Securing the Internet
In 2011, Google introduced HTTPS by default on its popular Gmail service.
Yahoo moved all its users’ data to secure servers in March 2014, and Facebook committed to secure browsing by default since July 2013.
The move of larger tech companies to encourage encryption, comes after leaks from Edward Snowden. He alleged that the National Security Agency (NSA) and GCHQ used various technologies to spy on citizens, which prompted a global debate on cyber-security and privacy.
If you need help configuring SSL for your website, ordering SSL certificates or general advise with SEO for your site, call us on 0800 756 9975 for professional and friendly advise.