Google will mark non-HTTPS websites as “Non Secure” this month

Google will mark non-HTTPS websites as “Non Secure” this month

 

Are you aware that Google will start showing non-HTTPS websites in the Chrome browser as “NOT SECURE” this month?

(source: Google Security)

This is part of their wider push for an encrypted-only internet.  Which, admirable as it is – relies a little bit on fear to push adoption…hence the NOT SECURE warning this month.

We’ve written about the other advantages of a secure website before such as SEO and website speed (with http/2).

Recently I’ve spoken to some of our customers who are naturally worried how this will be seen by your site visitors.  Are you planning to remediate your site and avoid the user warnings?

If so we can help by:

  1. Carrying out a website conversion and replace insecure links within the database with secure ones
  2. Install a free SSL certificate (or your own, hosting dependant)
  3. Finally, we’ll apply a configuration change to force all users to use the secure website.

Naturally, all work will be done and tested on Staging before converting the Live website.

This will ensure your site is default secure in operation and free from “mixed mode” SSL errors.  When Google pushes the new version of Chrome, you can relax whilst admiring your shiny new green padlock and the improved security and trust.

If you want to avoid the Not Secure message for your visitors then we can carry out your site conversion for a one-off fee of just £99.

We are expecting an increase in requests related to this once Chrome 68 is released so if you would like this done then please get in touch so we can get this scheduled in good time.

 

Improve your website security and trust with SSL

Improve your website security and trust with SSL

Running a secure (HTTPS) website improves security, trust and Google will love you for it.  Let us show you how you can easily add a free SSL certificate to your website using LetsEncrypt.

Aren’t SSL certificates expensive?

Introducing LetsEncrypt

Let’s Encrypt is a free, automated, and open certificate authority (CA), run for the public’s benefit. It is a service provided by the Internet Security Research Group (ISRG).We give people the digital certificates they need in order to enable HTTPS (SSL/TLS) for websites, for free, in the most user-friendly way we can. We do this because we want to create a more secure and privacy-respecting Web.

How to install through your hosting provider

How to install on your own server

If you maintain your own unix-based web server, then there is a simple command line application called CertBot that looks after certificate generation and installation.  Head on over to the CertBot Website and enter your details for configuration instructions specific to your setup. Certbot HowtoAlthough CertBot was primarily designed for linux / unix, there is also a port for Windows Server / IIS called LetsEncrypt Win Simple that reportedly works well.

Need more help?

If you’d like help with this or any other areas of website security, or to find out more about our hosting and site management services that include SSL and other benefits built in, then please get in touch below.