Time for SSL and HTTPS as Google Cracks Down

I guess we all knew that time was coming, but no one knew when, and that time has come. So SSL and HTTPS should be on your agenda right now. How and why will this affect you? Well, as you may know, SSL and HTTPS are all about online security, and it is in everyone’s […]

Written By Luke B

On 08/02/2017
"

Read more

"

Read more

I guess we all knew that time was coming, but no one knew when, and that time has come. So SSL and HTTPS should be on your agenda right now.

How and why will this affect you?

Well, as you may know, SSL and HTTPS are all about online security, and it is in everyone’s interest to be secure online right?!

Google are in a unique position in that they dominate not only the search market but also have a pretty firm hold on the Internet browser market with Chrome on desktop and mobile.

For a long time, SEO experts have been trying to determine the actual difference between having and SSL certificate versus not for SEO. At the moment, the REAL world difference in search rankings seems to be negligible.

However, there is more to search ranking than just the Google algorithm and how SSL would come into it. You also have to consider the bounce rate of your page and user trust.

If a customer is not sure about purchasing from you, then you aren’t going to get the conversions or leads from your site. And this is when the new google chrome update comes in.

The Google Chrome – Not Secure Issue

As of January 31st Google Chrome version 56 was released, and with it came a small but significant change to the way it handles sites that aren’t using HTTPS. It now says that any form that has either password or credit card entry is “Not Secure” when it is on a page that doesn’t have an SSL certificate and being accessed over HTTPS. As mentioned in the Wordfence blog, this is enough to “confuse your site visitors or surprise you if you are not expecting it.” and that is it.

Google Chrome - Not Secure comparison

 

If you saw a form that said “Not Secure” on it, you might leave the site, and you may even not go back

why is the site not secure?

Maybe it’s not a real site?

With customers and online security, any doubt is potentially bad.

And this is how Google will slowly push people into the HTTPS era without doing it through search rankings, which might seem unfair.

This change will be the first part of a staged rollout over the next few months and years designed to encourage websites to get rid of plain old HTTP.

In an upcoming Google Chrome release, Chrome will label all non-HTTPS pages in incognito mode as “Not secure” because if you are using incognito, you have an increased expectation of privacy, and plain old HTTP just isn’t that private anymore.

This is all heading towards the eventual demise of HTTP, in favour of HTTPS. The final step being that Chrome will label all plain HTTP pages as “Not secure”.

 

Google Chrome - Not Secure future version

 

What’s the Solution?

Well luckily there is a solution, and it is much easier and less costly to implement than it was. SSL certificates used to cost hundreds of dollars per month, and now you can get them for under £50 per year, $5 per month and in some places, you can even get SSL certificates for free.The world has changed, we need more security as we spend more online, so it makes sense to push people into the HTTPS future kicking and screaming.

The world has changed, we need more security as we spend more online, so it makes sense to push people into the HTTPS future kicking and screaming. And though I think it will unfairly affect people that don’t need any advanced online security such as SSL certificates and HTTPS, such as basic website, or blog owners that don’t sell online or even let people log in to their site. It may be a necessary downside to the upside of a more secure internet in general.

As is usually the case as things become more commonplace, we can expect the price of SSL certificates to gradually decline as they have been and wider adoption of free SSL. Eventually hosting providers such as 123 Reg, GoDaddy, and 1&1 will provide them as standard with little or no input from the end user.

The future is HTTPS, and it’s more secure for everyone 🙂

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *