Google Chrome and SSL

Chrome making SSL a must have

With the release of Google Chrome 68 comes a change the treatment of HTTP. When a person visits a website now they will be presented with a visual indicator in the address bar saying 'not secure'. This rollout began in July 2018 but next release of Chrome in October will have even further updates to this.

While this currently only affects Chrome users, and only those who have the recent version its safe to say it is going to become the standard and a headache for people not using HTTPS on their website.

As an example here is how Chrome previously displayed this and the recent update in July displayed below it.

Google Chrome and SSL

In future releases of Chrome, the indicators are going to be even stronger. Chrome intends that when a user on your website starts to input data (for example in a form) that the warning will switch from the black font to a bright red showing it to be urgent.

So why is Google making HTTPS mandatory?

Security of the web is changing, and to be honest its long overdue. We recently in Europe had the changes around GDPR and it highlighted risks associated with peoples data online. When a user visits a website that is HTTP all data and communication in the browser with that website is done so with plaintext which is unsecured and can be intercepted and stolen. HTTPS was more a concern for those taking online payments or operating e-commerce websites. You would most likely be familiar with making payments online and seeing the padlock on any of the main shopping websites. However, Google now wants to make a push for better connection security across the entire internet.

Should I change to HTTPS?

Well, the choice to not encrypt your website means it will be labelled by Google as 'Not Secure', and Chrome is the most used browser at a 66% market share. So from the point of view that most people use Chrome and tend to trust Google and their browser telling them something isn't secure, then changing over from HTTP to HTTPS has become a must do. Also while Google has said before that moving from HTTP to HTTPS will only have a very small and subtle effect on your SEO ranking, it is believed that it will be a ranking factor and that websites which are HTTPS will be ranked ahead of those which aren't.

So what I need to do?

At this stage, you need to contact your hosting provider and look at getting an SSL certificate installed on your website. An SSL certificate is an annual cost so it needs to be renewed each year. Once installed on your website there is also some updating needed to make sure everything starts displaying as HTTPS which you will need to speak to your website company about.

For any of our clients drop us an email and we will go through the costs involved in setting up the SSL certificate thought Blacknight our recommended hosting provider and the one-time fee to implement the changes across the website.