Chrome release reveals "insecure badge" for websites without SSL
Posted by Paul Nesbitt on 18 February 2017 04:26 PM

Chrome release reveals "insecure badge" for websites without SSL

Chrome Browser

On February 1, Google rolled out the latest version of its Chrome internet browser. Labelled Chrome 56, the updated browser features a significant change in the way in which it displays websites that are delivered without the HTTPS protocol – or, in other words, websites without an installed SSL certificate. 

Starting with this update, websites that do not run on HTTPS will be labelled in the browser bar as ‘Not secure’. From Chrome 56, the browser will display the warning on pages that ask for your password or other confidential information – like your address or credit card number. This is, however, a staged release that will eventually see all non-HTTPS websites labelled as ‘Not secure’ with a red alert icon to prompt users to exit the website.

The impact on your website

Visitors to your website may be surprised upon their next visit when a ‘Not secure’ symbol appears in their browser bar; they could even interpret the message as a sign that your website has been compromised or hacked.

Therefore, it’s important to take the time to implement an SSL certificate onto your website. At present, the ‘Not secure’ symbol will only appear on pages with form fields for passwords and credit card information, but a full rollout is expected in the coming months.

Installing an SSL certificate

Although Google has outlined a technical description of implementing SSL on your website, the process can be challenging for those without prior technical knowledge. It can, indeed, be tough to convert your website from HTTP to HTTPS, particularly if you have a lot of web pages that deliver external content on an unsecured protocol.

In November 2016, British newspaper The Guardian confirmed that it had converted all of its web pages to HTTPS, but that the process was not as straightforward as first thought. One issue was that advertising agencies avoided adopting to HTTPS and that embeds such as videos and other external content had to be removed, or updated, in order for pages to be fully delivered in HTTPS. For large websites like The Guardian, other issues such as old interactive content and an extensive search engine optimisation strategy also had to be taken into account.

Luckily, advancements in technology have made the adoption to HTTPS and SSL seamless. The majority of external content hosts (like Facebook, YouTube and SlideShare) now serve their content securely on HTTPS, and you can even find WordPress plugins to help you convert existing web pages to their HTTPS counterparts.

Free SSL certificates from PAC Web Hosting

At PAC Web Hosting, we care about helping our customers meet the demands of search engines such as Google – as well as playing our part in creating a safer, more optimised browsing experience. All of our web hosting packages now include free ‘Let’s Encrypt’ SSL certificates which cover all of your domain names – including your main domain names, aliases and subdomains. What’s more, these certificates are automatically issued and renewed so that you don’t have to do a thing.

To find out more about the benefits of SSL, and to arrange assistance in installing an SSL certificate on your PAC-hosted website, get in touch with a member of our team today.

Comments (0)