Browsers Show non-HTTPS Sites As Insecure
Articles,  Blog

Browsers Show non-HTTPS Sites As Insecure


This is John Locke, and today we’re
talking about Google Chrome marking non-HTTPS sites as insecure, and what
that means for your site. Welcome back, this is John from Lockedown Design and
SEO. Starting in July of 2018, Google Chrome is going to be marking any non-HTTPS sites as insecure. What does that mean?
So normally, websites by default, they run on HTTP, which is a protocol that basically puts stuff up on the web, but it’s insecure. SSL certificates, which
make that little green lock in your browser bar, that tell you that a site is
secure, that is HTTPS. So for the past three years,
Google has been telling webmasters, site owners, and people of
that nature, that they want people to be turning toward HTTPS. In the past, SSL
certificates would cost anywhere from fifty to three hundred dollars a year,
depending on the level of encryption that you wanted for your site. So in the
past few years, a service called Let’s Encrypt, which is completely free, has
made the barrier of entry to getting a basic SSL certificate very low. We
build a lot of our sites on the WordPress platform. The vast majority of
managed WordPress hosting out there including Kinsta, WP Engine, Flywheel,
they all partner with Let’s Encrypt to offer free SSL certificates as part of
their service. migrating to HTTPS can be a little tricky, but it’s not as tricky
as it used to be in the past. Remember that Google does look at a HTTPS website as a
totally different website [than the HTTP version of the site]. Most of the managed WordPress hosts out
there have site wide redirects, to where if there are links out there that have
HTTP URLs, it’s going to automatically redirect people who click those links to your
HTTPS site. So why this is important, and why this is happening. there’s a lot of
focus on security and privacy in the last few years. That was starting
even years ago. Basically the point is, if you have any type of contact form on
your site, where it’s collecting people’s name, email, address, or phone number, that
SSL certificate, that encryption, that HTTPS is going to mean that
information is transmitted through the internet securely. That’s part of the
reason for it. And the other part of it is, it’s just the right thing to do for
your visitors, to make sure that if they’re filling out any sort of form on
your site, that information is encrypted, and that information gets to the destination
securely. So if you have a website right now, and it’s July of 2018 or later, and
you’re seeing that warning in Chrome, if people are going to your site in the
Chrome browser, and they’re seeing a warning that “this site is insecure”,
that’s why it is happening. Your site, most likely, is either still on HTTP, or your SSL
certificate is misconfigured in some way. There are a lot of ways to solve this
problem. You can either purchase the SSL certificate. Most hosting companies
have arrangements with SSL companies, so they could facilitate that on their own,
and configure and install the SSL for you.
There are also third-party places out there that offer SSL certificates. You
want to get a decent amount of encryption. The other thing you can do is,
if you have a WordPress site, if you’re on one of these hosts like WP Engine or
Kinsta or Flywheel, they can set you up with the SSL certificate through Let’s
Encrypt, which basically rolls over every 90 days and auto-renews. You basically
set it up once it auto-renews through your host. It’s just a way of making the
web a little bit more secure. I think it’s a great program. If you feel like
you need extra levels of encryption, there are SSL certificates that you can
go out there and purchase. But again, if you’re seeing this in Chrome, you need to
get an SSL certificate. So what you can do, get with a web developer, you don’t
want your customers coming to your site through the Chrome browser and seeing
this warning that your site is insecure. Other browsers might do that in the
future as well. It seems to be the way that the web is going, just evolving and
getting better so this is just one of those things that you have to keep up
with. On most decent web hosting, this should be relatively painless for you to set
up. If you have any questions about it, you can definitely get with your web
developer, or your web agency, and have them help you out with it. So if you have
an SEO question that you’d like to see answered, go ahead and put it in the
comments below we’ll go ahead and get it in a video for you. This is John Locke. My
business is Lockedown Design and SEO, and we help manufacturers and industrial
companies, getting more traffic from Google, getting in them more requests for
quotes. Don’t forget to subscribe. Peace.

2 Comments

  • John Locke

    If you look at most search results, the majority of results on page one are HTTPS, not HTTP. Have a SEO question? Leave it in the comments below, and we'll answer it in a future video. Peace.

  • gemcan54

    Should I send a message to sites that show this Not Secure and tell them they need a SSL certificate? I go to sites that say secure on the address bar but when I click on something on their page, the secure lock is no longer there. i.e. CBN Even Fox News on my computer shows not secure. That seems really odd. My MacPro has not had a backup in a long time, could that be the reason as well that my old system isn't up to date with others on the WWW?

Leave a Reply

Your email address will not be published. Required fields are marked *