Google Chrome now showing all http sites as not secure

Home » News » Google Chrome now showing all http sites as not secure

Google Chrome now showing all http sites as not secure

Posted on

The latest version of Google’s web browser Google Chrome is now clearly marking all http websites as ‘Not secure’ and all https websites as ‘Secure’.

Google Chrome version 68 was released on 24 July 2018 and adds a very clear message for http and https websites.

Here is the message for http websites:

SSL not-secure chrome message

Here is the message for https websites:

SSL Chrome secure

This is now a universal message for all websites. In previous versions Google Chrome would have only shown the ‘Not secure’ message where the page required a login, registration, payment details or some other transfer of personal information. The other browsers such as Mozilla FireFox, Microsoft Edge etc do carry warnings but only on pages where personal information is being transferred.

What is SSL / https?

SSL is an acronym for Secure Socket Layers. It provides a secure channel between two machines or devices operating over the internet or an internal network. It was superceded by TLS (Transport Layer Security) in 1999 but everyone still uses the term SSL.

For your website to successfully run through https rather than http and avoid the Google Chrome warning, you need an SSL certificate for your domain and web hosting.

These are small data files that digitally bind a cryptographic key to an organization’s details. When installed on a web server, it activates the padlock and the https protocol and allows secure connections from a web server to a browser.

SSL Certificates protect your sensitive information such as credit card information, usernames, passwords etc. It also:

  • Keeps data secure between servers
  • Increases your Google Rankings
  • Builds/Enhances customer trust
  • Improves conversion rates

Why is Google Chrome now encouraging website owners to move to SSL

This action by Google will undoubtedly influence many website owners to migrate to SSL, so why is it so keen?

At the heart of their strategy is a desire for a better, safer Internet where information is accurate and websites are safe for visitors. If, as a website owner, you have gone through the process of buying and installing a SSL certificate, proving your identity and ownership then your website is likely to have similar levels of care and attention.

Google in their support page here Google webmasters support on SSL https said this:

Users expect a secure and private online experience when using a website. We encourage you to adopt HTTPS in order to protect your users’ connections to your website, regardless of the content on the site.

With the new explicit warning messages in Google Chrome, then it’s clear that Google are keen to encourage website owners to choose this option. At the time of writing, Google Chrome has about 50% of the browser market share in the UK so is very important for website owners.

Browser share in UK

UK browser market share

Our SSL certificate services

We provide SSL certificates as an add-on for our all web hosting packages. We can also migrate your website to https, plus make the necessary changes to make it work and your past website authority and backlinks are maintained. The following actions must be completed for a successful migration to https:

  • The SSL certificate is installed successfully on the web hosting.
  • The website pages are added to work through https.
  • Redirects are added so old http links redirect to the new https address.
  • SEO, search engine optimisation action is taken including Google Analytics, Google Search Console Bing Webmaster tools etc

There will be other adjustments and testing involved but the process should be relatively painless. It is important to make sure all the redirects are properly written so old links and bookmarks still work. All our personal website hosting packages and above now come with a free SSL certificate – more information here: web hosting.

Further reading

Migrating a WordPress website to SSL