this-side-up-media-ssl-google-chrome-01

Google Exposing non-https sites

Google’s popular web browser, Chrome’s is powering 59% of all web searches, and when the internet giant says that security is a top priority, they act upon it.

Little of you may have noticed the “i inside a circle” in the address bar, introduced to the material design UI of Chrome, back in August 2016. And if you did, you would have been alarmed by the message once you click on it, claiming that your connection to this site is not secure. Replacing the blank page icon with the “i in the circle” was just the first step of Google’s drive to expose non-https websites in hope that more website owners will install SSL certificates.

The next step up Google’s sleeve, which they will introduce with Chrome version 56 later this month, is to make the notice more prominent. If your visitors did not notice the first step, this one they will and it will surely raise concerns. And Google is not going top stop there; they already revealed the final step where they will highlight the “Not Secure” message along with a red icon.

The Impact

If you are making use of a good hosting company, your website is up to date, both you and your developer follow best practices when it comes to website and server security, then your website will be just as safe as it was prior to thee message that Google added. The problem however is, you visitors don’t know that, and they are likely to be confused and interpret the message to indicate that your website is compromised.

What to do

You may ignore this all, but we strongly recommend that your speak to your developer and get an SSL certificate installed. Until recently, you would have paid up to $200 for a decent SSL certificates. Luckily there are now open source version, free of charge, available, and the level of security – just as good! The implementation may not be that straight forward, and very much depends on your server environment and website. One big thing is your valued SEO ranking which you certanly do not wnat to loose due to bad implementation of an SLL certificate.