With the latest update of Chrome 68, all HTTP sites are insecure.
Google Chrome 68 makes it mandatory for all the websites to have an SSL certificate. This is the stable version of Google Chrome. Though, it is obvious that every user will not have the latest version as soon as it is available. Chrome has an enormous user base therefore, it constantly updates the changes to ensure the proper functioning. The constant changes make it easy to roll back to an earlier version if something doesn’t work rightly.
What is different in Chrome 68?
The websites having HTTP protocol will get a visible negative tag saying “not secure” near the URL in Chrome.
Take a look at what will happen to the HTTP sites as the Chrome version changed from 64 to 68.
There will be more improvements further. When you start to type any text in the HTTP site, the “not secure” warning will change from black font to vibrant red color.
Presently, you can see a “Secure” tag with a padlock icon for the HTTPS sites. But further, the things are going to change. In upcoming releases of Google, it will remove this tag for Organization Validated and Domain Validated SSL certificates fully.
Why having HTTPS is compulsory?
All the ways point to the security of the web. The basic flaw of the HTTP protocol is in its security. It doesn’t provide connection security. The websites with HTTP protocol do not provide any encryption of the data. That means the data transfer is merely in a plain text format. The security is essential for all types of transactions and no one should compromise it.
You can reduce the chances of frauds and attacks by installing an SSL/TLS certificate for your website. By getting one, you can safeguard the data of your users. This, in turn, will increase the trust of your users.
If you pay attention carefully then you will see that all the reputed business have an SSL/TLS certificate and so they follow the HTTPS protocol. It is easily identifiable by the “secure” tag, the padlock icon and some browsers showing https://in the URL as well.
What does Google think?
Google is enforcing to have an SSL certificate as it removes one step to validate and check for the security of the site. The users won’t have to worry about the trust factor of your site. So you say that you don’t have an “https://” URL yet on your site? Get it now with us!
Many people are unaware of how to check the secure connection. Many don’t even know the term “secure connection”. Therefore, asking them to check for a padlock icon in the URL is a major task for them. Google refers to this behavior as- “actively unfriendly to the user.”
What Google wishes is, to ease the process of connection security so that encryption and HTTPS remain mere standards. Users should not take the pressure of all these things.
You can still make sure that who is running the site. Faulty business makers can also get an HTTPS certificate, but determining the security just visually is a bad idea. Therefore, Google is removing its “secure” tag. There are cases where bad guys tricked users by showing this “secure” tag. Nonetheless, having HTTPS is a need, a must-have thing, and so, there is no reward for it. The only thing a user needs to be aware of is of the “insecure” site.
What must I do to avoid the punishment from Google?
Well, you will have to light up candles in front of Google’s office in California!
Hell, no! Which solution than installing an SSL certificate seems valid? Clearly, you need to install an SSL certificate immediately.
The mere purpose to write this article is to let everyone know the vitality of SSL certificate. Every business owner needs to know which type of SSL certificate will be best suitable for his/her business. There is a huge range to choose from the different types of plans. The range differs from free Domain Validated certificates to Extended Validation certificates. Extended Validation certificates display the company’s name in the URL bar.
You must figure out what kind of encryption you need, how many domains or sub-domains you need to protect, etc. The plans vary for each budget and case of your business. But, remember, every asset and user-facing page now has to go through HTTPS. By using 301 redirects, you can show the way off to the browsers for correcting HTTPS pages.
Mind well, deciding not to have SSL encryption is choosing a “Not Secure” tag by Google for your site! You better know the consequences as Google holds the share of a lion in the browser and SEO market. Also, you must be knowing how much people trust Google and if it says something isn’t trustworthy then you will be gone with the wind!
So, if you don’t want to face this, protect your site now!