Google Chrome Not Secure Warnings for HTTP websites coming October

Google has warned webmasters with HTTP websites that the next version of Google Chrome set to be released in October will show a ‘Not Secure’ warning for any site with a form input field.

Google says its popular Chrome web browser will mark HTTP websites with form input fields like contact forms as ‘not secure’ when Chrome 62 is released in October. Google’s notification said:

Beginning in October 2017, Chrome will show the ‘Not secure’ warning in two additional situations: when users enter data on an HTTP page, and on all HTTP pages visited in Incognito mode.

Google sent the warning message out to website owners registered with its Search Console but also provided notice in its blog post Next steps toward more connection security earlier this year.

What will the warning look like?

The warning will appear as a ‘Not Secure’ label in the address bar when a user begins to enter data.

Chrome 62 warning. Image by Google Chromium Blog

Why are Google doing this?

This move is part of a wider push by the Google to promote SSL and HTTPS, which boosts website security by encrypting the data, such as usernames, passwords and credit card details, sent between your website and visitors.

In 2014 google announced a ranking boost for websites using HTTPS and in January 2017, websites with forms for entering credit cards or passwords began to show a ‘Not Secure’ warning to users.

Emily Schechter of the Chrome Security Team said that Google plans further moves to increase the uptake of HTTPS:

Eventually, we plan to show the “Not Secure” warning for all HTTP pages, even outside Incognito mode. We will publish updates as we approach future releases, but don’t wait to get started moving to HTTPS! HTTPS is easier and cheaper than ever before, and it enables both the best performance the web offers and powerful new features that are too sensitive for HTTP.

How do I tell if my website is affected?

The simple way to work out if your website is affected is to check your website and ask the following questions:

  1. Does your website have any text inputs? E.g. a contact form, search bar, login panel, etc.
  2. Do you access your website using http:// in the address bar.

    If you answer yes to both questions then you’ll need to update your website to use SSL and https:// before October to avoid your visitors seeing the ‘Not Secure’ warning.

If you’re already using https:// you can sit back and relax!

How do I get an SSL certificate and start using HTTPS?

The good news is If you have a Ecenica web hosting plan then you already have a Free Let’s Encrypt SSL installed and ready for you to use for every domain on your account.

However, you may need to make changes to your website code to make your website use the SSL.

If you’re not an existing Ecenica customer, you can get free SSL certificates for your websites with any of our Web Hosting and Managed Cloud Hosting plans. We’ll also migrate your website for you for with our Website Migration service.

If you’re interested in switching your web hosting contact us today.

This entry was posted in News and tagged , , , , , . Bookmark the permalink. Both comments and trackbacks are currently closed.