Earlier this year, Google announced plans to display HTTP websites with the words, “Not secure” to the left of the Chrome address bar. This move will give more internet users more reasons to stay away from your website.
In the past, information-based sites that handle little or no user data didn’t need to buy an SSL certificate. That has changed.
Google’s war on HTTP
Years ago, Google began incentivizing website owners to secure their sites. They believed that the move would generally improve online security while helping internet users to feel more safe and comfortable.
Don’t we all feel warm and fuzzy when we see the green padlock in our address bar?
As early as 2014, Google added SSL as a ranking factor in search.
So, from an SEO standpoint, website owners had a strong reason to move from HTTP to HTTPS.
This February, Google announced their move to shame website owners into securing their sites. Rather than missing the “Secure” notification, Chrome will start saying “Not secure,” when users visit an HTTP site.
The change occurs with Chrome version 68, rolling out this month.
Resistance is futile.
What’s the problem?
Simply put, your insecure, HTTP website looks more conspicuous than ever. Even if you don’t sell via your website, your visitors will see the troubling notification from Google telling them that your website is “Not secure.”
Guess what? For most people, “not secure” means “unsafe” or “risky.”
Ask yourself, “Who wants to take unnecessary risks online?” The answer is, “Nobody.” That’s why, increasingly, people will avoid visiting and interacting with your website, if you don’t have HTTPS.
How does HTTPS help?
For starters, when you have an HTTPS website, your visitors will see a green, positive, safety notification in their web browser. Green is better than red. “Secure” is better than “Not secure.” Got it?
SSL has other benefits too.
When an internet user visits and SSL-protected site (the URL begins with HTTPS), your website forms a secure, encrypted connection with that person’s web browser.
This means that hackers and snoops can’t see the information being sent between your site and the browser, dramatically improving security.
With a standard HTTP connection, bad actors can see all the data sent between your site and a web browser.
How to secure your website
To convert your website from insecure HTTP to secure HTTPS take the following steps.
Buy an SSL certificate. You can get one from your web hosting provider or from a third-party SSL vendor. Shop around to get the best price.
Follow the instructions from your web host to install and activate your certficate. Afterward, your website content should be available via HTTPS.
Redirect your traffic. Make sure that no one can load your pages as HTTP by configuring rules on your server to re-coute all insecure traffic to SSL.
Adjust your links. To avoid mixed content warnings, change all your internal links to HTTPS.
Update Google Search Console. After logging in, tell Search Console that your site is now accessed via SSL.
In summary, Google is pushing the entire internet to use HTTPS rather than HTTP. As a result, sites that do not have SSL encryption will be increasingly shamed and shunned. So, even if you don’t transfer sensitive data, you still need to install an SSL certificate.
Remember: Help is never far away. Bruce Tyson and his team can help you properly secure your website. We also provide professional disaster recovery services. Contact us to learn more.