Google to Start Flagging HTTP Websites As Unsecure
For years, Google has been encouraging webmasters to migrate to secure sites, and, following the release of Chrome 56 in January this year, the tech giants finally declared that HTTP pages which transmit sensitive information will be deemed as non-secure in October of this year.
When users type personal data into websites, it shouldn’t be accessible to anyone else. Hence the reason why Google has made the move to flag HTTP web pages where users input personal information. This new measure is aimed at enhancing security and pre-warning users about risky sites before they disclose sensitive information of a financial and personal nature.
First off, let’s get a better understanding of what HTTP and HTTPS are:
HTTP (Hyper Text Transfer Protocol) and HTTPS (Hyper Text Transfer Protocol Secure) are both languages in which data is sent between your browser and the website you’re connected to. The difference between the two lies in the fact that HTTPS is a secure connection and HTTP is unsecure.
With a HTTP connection, unauthorised bodies can access the information passed between the web servers and clients. HTTPS on the other hand, has an added layer of security over the conversation in the form of a SSL (Secure Sockets Layer). This extra security encrypts data so that it can’t be accessed by foreign parties or corrupted in transmission.
So, what’s changing?
Up until now, HTTP pages have been flagged with an information symbol, whereby if you click you’ll see a subtle warning that the connection is unsecure and to avoid submitting any sensitive information that could be subject to risk from hackers.
In contrast, a lock symbol alongside the word ‘Secure’ indicates pages with HTTPS connections. By clicking through to find out more, users learn that the site is well protected and any information inputted will remain secure and private from unauthorised parties.
Google introduced these latest security measures having felt the current markings on HTTP pages didn’t reflect just how unsecure these connections were. At a time where online security has reached an all-time high, prioritising the protection of sensitive data has become essential.
Chrome 62 will show 'Not secure' warnings for HTTP pages with user input fields and all HTTP pages in incognito mode. (Image: Google)
How do I make my website secure?
To make the transition to HTTPS you must obtain an SSL Certificate from a Certificate Authority. This certificate not only signifies that your site is trustworthy and legitimate but also ensures your website users can interact without fear of data corruption. Once you receive your certificate, there’s several other steps to take to make the migration towards operating a safer site. They include:
- Approving the certificate
- Carrying out a complete backup of your website
- Changing internal links
- Updating any external links that you can
- Creating a 301 redirect
- If applicable, make sure to update URLs on social media and AdWords too.
While these changes can be done yourself, they can be tricky for those with limited technical knowledge. If your website is managed by your hosting provider, you can request for them to make the migration to HTTPS for you.
User data protection is vital in today’s online world. Not having a secure HTTPS website puts you at risk of losing the trust and business of your potential customers. These latest Google changes are just the beginning of the move towards enhanced protection and user security.
To prevent your site from being labelled as unsecure, ensure you’re using HTTPS. Simply speak to your hosting provider about upgrading. Alternatively, if you have sufficient experience you can do this yourself with Google’s guide on enabling HTTPS on your servers.
While heightened security is of course the greatest benefit of HTTPS, that’s not the only improvement. According to The Search Engine Journal, HTTP web pages load 334% slower than the secure HTTPS versions.
In addition, Google have stated that they will prioritise HTTPS protected sites in their search rankings.
So, what are you waiting for!