Menu
August 10th 2017

Last Call for non HTTPS Websites

Last Call for non HTTPS Websites

As you may or may not know (depending on if you follow our social media accounts or not) the days of websites operating without HTTPS certificates are soon coming to an end.

What's an SSL Certificate you may ask?

One of the most important components of having your business represented online is creating a trusted environment where potential customers feel confident in making enquiries and purchases. SSL certificates create a foundation of trust by establishing a secure connection and web browsers giving visual cues, such as a lock icon or a green bar, to help visitors know when their connection is secure.

How is it secure?

One of the important features of SSL certificates is that to even show the padlock or green bar symbols, the certificate must be correctly paired to the server that the website is on. Because the certificate cannot be installed to a website without a proper pairing key that correctly pairs the certificate with the domain name and web address, it is a fact that the certificates do provide an element of trust so you know that the website you are browsing is genuine.

Haven't these been around for ages?

In short, yes. SSL Certificates have been a fact of life for nearly 20 years and have mainly been used on e-commerce websites to secure checkout areas. This is to ensure that credit card and other personal information is transmitted in an encrypted manner.

So why is this now suddenly an issue?

In short: blame Google. As Google Chrome is by far the world's most popular web browser, when Google announced in September 2016 that they would start highlighting all websites that didn't have an SSL certificate as 'Not Secure', it created a lot of work for website owners, developers and hosting companies to install certificates correctly onto millions of websites that didn't have them, and this was sped up in January 2017 when Google Chrome's latest version introduced this change. Overnight, websites containing form data such as login / sign up forms, any checkouts or other data gathering elements were faced with a Not Secure warning right up there in the address bar.

But my website doesn't have any of those things so why does it affect me?

Another point on Google's original blog post was that they announced their intentions to start marking ALL websites that don't have an SSL certificate as Not Secure. This means that every website from the biggest e-commerce shop down to the smallest brochure website for the local builder is affected. Nothing creates mistrust on a website more than an obvious warning saying: 'this site is not secure'.

I can live with that, so it doesn't affect me!

The other element that we haven't mentioned yet is all to do with how Google is forcing this change over the internet: Search Engine Rankings.

It is a fact that the weighting Google puts to sites with HTTPS certificates installed is now higher than it was. In recent weeks (August 2017) we have seen websites across all industries and sizes suffer ranking decreases due to the simple factor of not having SSL set up correctly on their websites. Even websites that have a certificate but it has been misconfigured, are suffering ranking decreases.

Go back