Home » News » Chrome To Flag http Sites As Insecure

Chrome To Flag http Sites As Insecure

Have you got the S for your http yet?

Chrome To Flag http Sites As Insecure

Http and https, let’s explain this first, look at the url in a web browser, it either starts http:// or https://

The S represents ‘secure’ which means you have a certificate that authenticates your domain name and enables an additional layer of security (encryption) to your incoming data.

HTTPS = Hypertext Transfer Protocol Secure

It has been best practice for years now that people with ecommerce sites have secure areas on the site, usually the cart area where a customer’s sensitive data is handed over.  Things change at a fast pace as we all know, and for ages now the recommendation has been that all websites sat on a https domain, ecommerce or no ecommerce. If you are yet to take action, 2 good reasons not to delay this:

  1. Starting this month, Chrome (Google’s browser) will begin to mark http sites as non-secure (red!)
  2. Google prefers a fully secure site and as such a possible boost in SEO rankings is possible (take it while you can people)

How to get the S? 

So, to get this s on your http, you must install a security certificate linked to your domain name/s on your server. These used to be fairly costly at a few hundred pounds a year, but an open source project by the Internet Security Research Group (ISRG) has released a free to use security certificate called Lets Encrypt.

There are various different types of certificate you can purchase but I’m not going to go into that all now, far too much tech already, just talk to your web developers or your hosting company.

Things to consider when moving to HTTPS

So this is much more our area, Google will consider this a major change (site move/url change) and so it is critical that it is handled well in order to protect your current SEO ranking.

  • Set up url redirects very carefully, don’t forget the canonicals
  • Do not block your HTTPS pages by robots.txt files.
  • Do not include meta noindex tags in your HTTPS pages.
  • Use Fetch as Google to test that Googlebot can access your pages.
  • Ensure that your site content is crawled for links, images and downloads that may need to be updated to https.
  • Add the HTTPS property to Search Console
  • Keep an eye on your site’s search engine ranking and make sure that the change is not having a negative impact, you may have missed something.

This is a really good place to get updates on this work, read Googles Security Blog

If you need any help please don’t hesitate to get in touch, if even for some quick advice.

e: marketing@philosophi.uk

t: 01326567182