You may or may not have heard about Google’s recent announcement regarding the way that its flagship browser, ‘Chrome’, processes websites but it’s time to make the necessary changes to ensure your website is up to standard.
For years the company has been a strong advocate of enforcing compulsory HTTPS connections and thanks to the release of their most recent browser update, labelling HTTP-only sites as ‘not secure’, they’re closer than ever to achieving their vision.
If you understand what this update actually means for you and have taken the initiative to prepare your website, then great! If you have no idea what we’re talking about, then you’ve come to the right place. Let’s get started…
What actually changed?
Google Chrome’s interface has been updated so that all HTTP only pages will be visibly flagged for viewers upon accessing them. Specifically, the address bar will have a ‘Not secure’ warning pasted before the domain name, ensuring that all guilty pages are publicly humiliated.
The above image illustrates how the new warning message will be displayed initially. Upon information being entered by a user that message will transform into a redwarning, and if it is in red, you know it is serious.
Starting with the basics: HTTP and HTTPS
HTTP (Hyper Transfer Protocol) is responsible for connecting server information to the browser, in other words, displaying your website content to the user that is trying to access it.
The main difference between this protocol and HTTPS comes from the S, which stands for ‘Secure’. This means that the connection between your website and the browser is encrypted, ensuring that any sensitive information such as passwords or payment details are protected.
This form of encryption is administered via an SSL certificate and is installed on the hosting server itself. The encryption works by replacing sensitive information with a random assortment of characters that require a complex key to be deciphered, making it (pretty much) impossible for hackers to intercept and exploit.
The Benefits of an SSL Certificate
Provides your website with that highly-sought-after green padlock in the URL, letting customers know your website is safe.
Boosts your search engine rankings as algorithms give preferential treatment to websites with an active SSL certificate.
Increases conversion rates! After all, visitors are far more likely to purchase from a website that they visually recognise as being secure.
Prevents your website from being labelled as ‘Not Secure’.
Types of SSL Certificates
There are three popular types of SSL certificates that are commonly used, with variations of each available.
Domain Validation (DV)
Confirms that the specified organisation is, in fact, the registered owner of the domain
Relatively quick to set up with verification procedures being minimal
Highlights that the website is secure
Organisation Validation (OV)
Requires more of an in-depth investigation, as the organisation will be contacted directly for verification purposes.
Takes a bit longer to set up, generally a few days
The SSL certificate details will include organisational information
Extended Validation (EV)
Involves an extensive authentication process that includes clarifying that the organisation actually requested the SSL, identifying the physical location of the company and confirming that they are legally recognised.
Is somewhat time-consuming and can more than a week to be processed
Provides the website with a custom green address bar that features the company name
Although Google’s decision is forcing change upon us all, it’s necessary if we wish to uphold the integrity and security of the online space. Holding website owners accountable by forcing an SSL certificate is the best way to regulate the environment and ensure that customers can easily identify which websites they can trust with their personal information.
Ultimately, If your website is your lifeblood, it needs to be ahead of the curve and up-to-standard, helping deliver ongoing results and conforming to these security changes should be viewed as a necessary hurdle that all individuals and companies need to overcome to succeed online in 2018.
Whether you need a guide on how to actually migrate your data or are looking for help dealing with mixed content warnings, you’re bound to find hundreds of articles available online to help you make the move today.
Alternatively, if you are technically challenged be sure to contact a web developer who should be able to provide you with the necessary assistance.