Are you aware that Google will start showing non-HTTPS websites in the Chrome browser as “NOT SECURE” this month?
(source: Google Security)
This is part of their wider push for an encrypted-only internet. Which, admirable as it is – relies a little bit on fear to push adoption…hence the NOT SECURE warning this month.
We’ve written about the other advantages of a secure website before such as SEO and website speed (with http/2).
Recently I’ve spoken to some of our customers who are naturally worried how this will be seen by your site visitors. Are you planning to remediate your site and avoid the user warnings?
If so we can help by:
- Carrying out a website conversion and replace insecure links within the database with secure ones
- Install a free SSL certificate (or your own, hosting dependant)
- Finally, we’ll apply a configuration change to force all users to use the secure website.
Naturally, all work will be done and tested on Staging before converting the Live website.
This will ensure your site is default secure in operation and free from “mixed mode” SSL errors. When Google pushes the new version of Chrome, you can relax whilst admiring your shiny new green padlock and the improved security and trust.
If you want to avoid the Not Secure message for your visitors then we can carry out your site conversion for a one-off fee of just £99.
We are expecting an increase in requests related to this once Chrome 68 is released so if you would like this done then please get in touch so we can get this scheduled in good time.
As we’ve written about here and here already – If you’re using Mozilla Firefox, Google Chrome or any of the popular web browsers to surf the net and visit websites, chances are, you have probably come across a website that has been flagged as ‘unsecured’. It could be a warning pop-up on Firefox or a not secure icon and text on Chrome’s address bar. Find out what these things mean, why should you care about your website’s security and why you need an HTTPS website in 2018.
How does HTTPS work?
Websites that have log-ins, contact forms or fields that require personal information such as credit or debit card details need some form of security measure to keep these information safe from hackers and wrong doers.
The first line of defence against these villains lies in the form of a protocol called Secure Sockets Layer or SSL installed in websites. When you visit a supported site, it will send an SSL certificate to your device to create a special safe and secure connection. Once it has been established, all information will be encrypted.
3 Major benefits of having a secure website?
1. You And Your Visitors Are More Secure
An SSL certificate encrypts your website visitors information whenever they log in or input sensitive information such as bank details, PINs, and the like. To ensure that no one else is privy to all those details, the certificate generates a random key that your website uses to decrypt information sent from your visitors.
The cool thing is, all these technical bits happen in the background. With an SSL certificate installed, there is no need to worry about your website visitors information being leaked into other parts of the internet.
2. Consumers Trust A Safe Website
We now live in a world where online transactions seem to be the norm for most people. According to a survey completed in December 2016, 87% of UK internet users have made at least a single purchase online. This trend is expected to rise as more people are discovering the joys of making online purchases.
People are more likely to make purchases from a safe and secure website. You’ll miss out on the fun if your website is flagged as unsecured. Google, through their browser, has supported using HTTPS and has rolled out versions of its browser that indicate whether a site is secured or not. Mozilla Firefox has also implemented a similar feature.
Google and other search engines love secure websites as it protects their own users from being redirected to fraudulent and unsecured sites. If your website is secure, you might boost your rankings against similar websites who are left unsecured. The company has confirmed that HTTPS is an important factor in its rankings.
We’ll help you become secure
At GorillaHub, we are committed to helping everyone use the internet more securely and will be launching a low-cost website conversion service for small business websites in January. If you have any questions on SSL certificates / HTTPS or how you can get your site converted, please get in touch
Last time out we explained what HTTPS is and what advantages it brings. This week we’ll show you how you can get a free SSL certificate and install it on your web site.
Aren’t SSL certificates expensive?
They can be, as they often come with financial guarantees and you can be sure the largest sites on the internet spend many thousands of pounds on security and the certificate is just one part of this. If you are reading this the chances are you don’t need this level of cover and a more basic certificate will do.We love LetsEncrypt as a great free solution – there really is no reason not to run SSL on your site nowadays. Of course, you can choose to purchase an SSL certificate from a provider, but we’ll be focusing on doing it with LetsEncrypt in this article.
From their website:
Let’s Encrypt is a free, automated, and open certificate authority (CA), run for the public’s benefit. It is a service provided by the Internet Security Research Group (ISRG).We give people the digital certificates they need in order to enable HTTPS (SSL/TLS) for websites, for free, in the most user-friendly way we can. We do this because we want to create a more secure and privacy-respecting Web.
How to install through your hosting provider
Hopefully, you’ve chosen one of the many hosting providers that have chosen to support LetsEncrypt, as this makes it trivial to set up and automatically renew your SSL certificates. The full list of providers can be found here. Log in to your hosting control panel and look for the setting in and simply follow the instructions there – a few clicks later and you’ll be all set.
If there is an option to “enforce” SSL then select this to automatically redirect site visitors to the secure version of your website.