Google has announced a deadline of July 2018 as the date for when Chrome will begin clearly warning users if a site is not secure. This prominent warning is likely to affect how secure users feel and may cause visitors to leave a site, resulting in a negative impact on a sites bounce rate, impressions, clicks, and sales.  This warning comes after a previous one last year where Google warned webmasters to switch from non-secure HTTP to HTTPS or risk losing traffic.

What is HTTPS?

HTTPS (Hypertext Transfer Protocol Secure) is a way to make your website secure and protect ‘the integrity and confidentiality of your users’ data’ (Google).
Way back in August 2014, Google announced that changing the security certificate of your website to HTTPS/SSL (also known as ‘HTTP over TLS’, Transport Layer Security) would be used as a ranking signal, albeit a weak one. At the time Google predicted that switching from HTTP to HTTPS would positively impact less than 1% of global queries.

In fact, in a Google webmaster hangout, Google’s John Mueller said that HTTPS is far from a ‘magic bullet’ that would cause a visible change or noticeable SEO benefits, although making your site more secure does make sense in the long-term for user peace of mind.

Back in 2015, HTTPS was only a minor ranking signal that didn’t make a huge difference to your overall rankings, however, Google has continued to look at ways to improve and prioritize website security. The search engine wants to make sure that the websites people access via Google are secure and what they say they are.

Information from Google as of February 2018

Google’s announcement was firm about their goal to warn users of insecure sites, with the intent of persuading more web publishers into upgrading to HTTPS.  Chrome’s new interface will help users understand that all HTTP sites are not secure, and continue to move the web towards a secure HTTPS web by default.

Information from Google as of August 2017.  Google Is Forcing You to Switch to HTTPS by October or Lose Rankings

Google is now sending out emails to Search Console users saying that if you don’t switch from your non-secure HTTP website to HTTPS, then you risk losing traffic and have a “NOT SECURE” notification pop-up on your website for all Chrome users. The deadline is October 2017.  Here is a copy of one of the emails that were sent out:

Security Warning


HTTPS is safe, HTTP is not

The reason for Google’s push towards HTTPS is website security. Earlier in 2017, Google sent out notifications that secure-data must be secured. This includes, but is not limited to sites that collect customer data such as credit card information and even personal information. HTTP basically allows unauthorized people to tap into your computer and steal all of your valuable information. Google wants to avoid that by strongly encouraging the shift to HTTPS.

Time for the switch to HTTPS

Switching to an HTTPS certificate helps with:

  • Authentication – Is the website visitor on the site they think they’re on?
  • Data integrity – Is the data safe when transferred?
  • Encryption – Could someone be eavesdropping on the website visitor?

HTTPS stops malicious attackers from impersonating the destination site, tampering with data or listening in.

You can read a full guide on how to secure your website with HTTPS here. Different 2048-bit TLS certificates are available for commercial and non-commercial websites, as well as single host certificates and multi-domain certificates.

Need a Guide to Stress-Free HTTPS Migration? Take a look at the following from Search Engine Journal

Want to check that your SSL certificate is installed correctly? Here’s a free SSL Checker

It’s a good idea to test your server too – you can do that here SSL Server Test

Google Chrome

In December 2014, the issue of secure browsing came to the forefront of SEO conversations again when Google developers working on the search engine’s Chrome browser proposed warning people their data is at risk every time they visit a website that does not use the HTTPS system (you can read the proposal here). When implemented, initially planned for 2015, web users will see a message that the connection they’re about to make to a website ‘provides no data security’ or they may simply see a red cross through the padlock symbol at the start of the web address.

In 2015 only 33% of websites used HTTPS, this number has grown and today the average volume of encrypted internet traffic finally surpassed the average volume of unencrypted traffic. When Google does begin to flag up warnings on non-secure HTTP websites we are likely to see a much bigger swing towards HTTPS across the board.

This may initially cause confusion for website users who may not understand the difference between HTTP and HTTPS and worry that there is something wrong with a website they have previously used without hesitation. People tend to assume that websites and emails are private but creating an indicator that this isn’t the case will challenge that assumption.

Webmasters will face the initial challenge of moving a website over to HTTPS but supporters of Google’s HTTPS Everywhere campaign feel this will be a good thing for the Internet and Internet users in the long-term.

Free SEO Checklist

Find out how to create a website that Google and your customers love our SEO Checklist

Discover how to:

  • Optimise your website for higher rankings in Google while also providing a good user experience for your customers.
  • Build site credibility and increase influence so that Google ranks you even higher and your potential customers find and trust you
  • Create unique and authentic content to drive conversations and fuel online searches leading to more quality leads, inquiries, and sales.

 

Need Help with transitioning your website to HTTPS?

We can work with you to transition or update your website to HTTPs.  Click here to request a quote for our Website services.

For more information about our Website Services Click Here