Is Your Website Still Not HTTPS?

If you’re a business that hasn’t yet made the switch to an https website, 2017 is the year to do it. Google Chrome, which is the mostly widely used desktop and laptop browser in the U.S. with over 50 percent desktop market share, has recently released version 56, which shows heightened security warnings for users.

Here’s how an HTTPS site now looks in Chrome.

secure chrome

Note the padlock symbol which is universal in browsers with HTTPS sites. The ‘Secure’ indication in Chrome is a newer addition.

Here’s how a Non-HTTPS site appears in Chrome, even on a popular site like CNN:

info chrome

When you click on the ‘i’ info icon, it gives the following message:

i secure example

So while a news site like CNN isn’t likely looking to get users to login or make payments on their site, there website does not appear as secure as an HTTPS site, which could be a negative user experience.

New ‘Not Secure’ Warning in Chrome

Furthermore, Chrome (version 56 and later) mark pages that collect passwords or credit card details as “Not Secure” unless the pages are served over a secure sockets layer (SSL), which is what HTTPS adds to site. An example of how this now appears in Chrome is below:

not secure chrome

URLs that that include these sensitive input fields on the page will trigger the browser warning. The new warning is the first stage of a long-term plan by Google to mark all pages served over the non-encrypted HTTP protocol as ‘Not Secure’. The Solutions to ‘Not Secure’ are: (a). switch your site to HTTPS completely, or (b). Link to an HTTPS secure page that lets your website’s users login or make payments there.

Other widely used browsers are also stepping up their security warnings. Mozilla’s Firefox now has a slash through the padlock with a message that says when you click on the icon that says ‘Connection is Not Secure. Logins entered on this page could be compromised’. Microsoft’s Edge browser now has an ‘X’ indication through the padlock on pages that aren’t HTTPS where logins or payment info are entered.

Take Web Security Seriously

We recommend having a website security certificate in addition to a more comprehensive website security approach. Our website security package includes a security certificate, security monitoring, and protection against hacks, viruses and other malware. A business website is too valuable to leave vulnerable to attack.

https everywhere

This entry was posted in Security. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

CommentLuv badge