Do you still have HTTP pages on your website? If you do, they are now a target of being listed as “not secure” by the Google Chrome web browser.
The “non-secure” message on the browser tells users that your HTTP site is NOT safe to use, which can lead to a dramatic increase in your site’s abandonment rate.
Google has announced that as of October 2017, this new security measure will be activated on all HTTP pages that:
- Require site visitor data to be entered
- Are viewed in Incognito mode
The Google developers’ “battle to end HTTP” is with good reason. HTTP is the protocol for how the messaging on your site is transmitted over the web.
HTTP sites without the security measure of an SSL certificate (notated by the “s” in HTTPS) are not private networks, and leave site messaging open to hackers who can steal personal user information from websites.
HTTPS Enhances Search Ranking
It is important to optimize your site to adhere to the Google Chrome web browser stipulations because it is (by a significant margin) the most popular web browser that people are using to find websites today—being home to 44.5% of all browser usage.
Since the HTTPS protocol is one of the ways that this highly popular search engine ranks your site’s search position, websites that implement this security feature have the potential of boosting their search rankings and generating higher site quality scores.
Dangers of HTTP
Google SSL certificates were formerly used strictly to prove to users that their payments over the web which utilized credit card information would be secure during online purchases. However, this security verification is now being regarded as an essential safety feature for a variety of user data entered via online forms.
Having site pages with HTTP protocol instead of HTTPS also runs the risk of site visitors thinking that you are a fake website attempting to mimic an official brand. And web users’ fears about hacking attacks are not unfounded since web attacks are on the rise. Eavesdropping, man-in-the-middle attacks, and/or data modifications are the bread and butter of the hackers lurking on the web today.
A recent example of these types of HTTP protocol abuses was seen when the chairman of Hillary Clinton’s campaign, John Podesta, was sent a fake password reset prompt appearing to be from Google mail. The email instead was found to be a phishing attempt that was used to hack his account and completely erase all data from his phone and tablet.
How to Secure Your Site
See our instructions on what site verification method works best for you and how to implement website security features by checking out our article “Do You Know What an SSL Certificate is? (You Should).”