How Google’s “Not Secure” Warning Affects Your Site

Every year, Microsoft, Google and all the big names tech make advancements in securing the internet and protecting people’s privacy. They are continually rolling out new features aimed at improving browser security. One of the biggest updates we’ve seen is included in the newest release of Google’s web browser Chrome. Google is now marking all website connections “not secure” if the site doesn’t operate on a HTTPS connection. 

WHAT EXACTLY IS HTTPS?

HTTP, or Hypertext Transfer Protocol, is what connects your web browser to a web page via a web host server. The secure version of HTTP is HTTPS. Literally the S stands for secure, which is means the connection adds encryption between your browser and the host server/website. In a nutshell, encryption basically scrambles the information being exchanged between your browser and the website. Encryption makes the data being transferred nonsensical to anyone else who may try to intercept it. By adding encryption, you get:

  • An extra level of privacy
  • An extra level of security
  • A way to ensure the sites you visit are legit

This is particularly important when entering any type of personal data, like credit card info, but is overall good for the health of internet security….

WHAT’S CHANGED?

For several years, Google has been leading the pack in pushing all websites to use HTTPS. It has already been giving encrypted sites bumps in search rankings. HTTPS websites have also been displayed with a green lock and the word “Secure” in the URL bar. HTTP sites meanwhile had a small icon next to them in the URL bar you could click for more information, which looked like this:

Not Secure Old Warning Chrome

But how many people actually noticed that icon? And if they did, how many people clicked it? Now, with the launch of Chrome 68, Google gives you a warning when you visit an unencrypted site. In the URL bar Google will label HTTP sites as “Not Secure”, like this:

Current Secure Warning Chrome

In September, Google will remove the “Secure” indicator next to HTTPS sites to signal to users encryption is default  practice across the web. By October 2018, Google will make the “Not Secure” warning even more prominent and eye-catching in red:

Future Not Secure Warning

HOW DOES THIS AFFECT YOUR SITE?

If your website operates on HTTP, you’ve been missing out on traffic by ranking lower in Google’s search engine results. With Google rolling out the warning on the world’s most popular web browser (60% of users surf the web with Chrome) visitors are sure to skip your site once it’s labeled “Not Secure”.

The good news is getting your site up and running with HTTPS is quick and easy. All you have need is a SSL Certificate, which KartHost™ can help you get for free. If your hosting is with KartHost™ you can easily add your own Let’s Encrypt SSL Certificate (and any paid SSL Certificate) to your site. Check out this tutorial with video to see how simple it is to activate your Let’s Encrypt SSL Certificate on KartHost™ cPanel:

 

Generating A Let’s Encrypt SSL Certificate

SSL CERTIFICATES: THE NEXT LEVEL

While this free SSL certificate will work well for most websites hosted with KartHost™, there are some businesses and industries that will need a specialized SSL certificate. If you sell products or services online, or are looking to establish trust with your visitors we highly recommend considering one of these three SSL certificates:

  • Domain Verified Certificates – This paid level of SSL certificate verifies your domain and that you legally own it. You will also receive a seal of trust to use on your website. 
  • Organizational SSL Certificates –  Again, you will need to prove you own your domain, but you will also need to provide proof you own your business. While more difficult to obtain, these SSL certificates boosts the trust value for your visitors, which is especially important when selling online.
  • EV Certificate (Extended Validation Certificate) – This is the highest level SSL certificate, while also providing the highest trust to visitors. To qualify, you must be registered with your state as an LLC Corporation (Inc). Your  legal business name will be displayed in green in the URL bar:

Chrome Example:

Chrome Web BrowserEV Chrome

Firefox Example:

Firefox Web BrowserEV Firefox

Safari Example:

Safari Web BrowserEV Safari

Edge Example:

Edge Web Browser (Windows 10)EV MS Edge on Win 10

If you are a WordPress Managed Hosting client or use our EZWP Builder package, the SSL certificate has already been taken care of for you by KartHost™. For our self managed hosting clients, it’s easy to do it yourself, just follow the tutorial above or contact us if you need help. 

Roy Randolph

Co-Founder and COO of KartHost LLC, KartHost founded in 2000 Retired Commercial Airline Captain.

Leave a Comment