Many site owners are going to be getting an e-mail warning from Google very soon! Simply because they have not put HTTPS/SSL security in place on their sites.
From this month on "Chrome will show a Not Secure warning for all pages served over HTTP, regardless of whether or not the page contains sensitive input fields".
We've been advising our clients that this has been coming for some considerable time.....most recently two months ago in HTTPS Websites so many are now prepared. Are you?
The background to this is that we register every site that we build with Google in their Search Console. This tells them exactly where your site is located, and we also give them an XML sitemap along with multiple page URL's so they can index you more efficiently. So they know all about you!
This has benefits besides quicker indexing because it also flags up warnings if there are technical irregularities on the site. We then analyse these and rectify them immediately before it causes any issues. But with this situation regarding HTTPS they're taking it a stage further because they're sending me an e-mail to be passed on to the owner of the site.
The correspondence is quite clear....."The new warning is the first stage of a long-term plan to mark all pages served over the non-encrypted HTTP protocol as Not Secure".
If you look in the browser address bar of this site you'll see the green padlock and the word "Secure". If you don't have an SSL in place you'll bee seeing a warning icon with the words "Not Secure" which doesn't exactly inspire confidence in visitors. After all, if you had the choice of vising a Secure or Non-Secure site where would you go?
It's not clear yet whether these warnings will show up in the Google search listings.....but if they do then your traffic is likely to drop considerably. We already know that Google are prioritising Secure sites in the listings, now it's a question of if, or when, they plan to start dropping the Non-Secure sites. Whatever happens, it's not good news if you don't have SSL security in place.
I know that some of you won't like this latest update. But you have to understand that Google wants to make the web a safer place.....and directing users to sites where they could be put at risk of phishing or identity theft doesn't help their cause. And it certainly doesn't help the users much either.
If you have a website, think of it as a shop in real life. Then ask yourself whether you would want to enter any premises that had been deemed unfit or dangerous? We all have a collective responsibility here, so I would strongly suggest you get HTTPS/SSL encryption in place immediately. With Business comes Responsibility!
As I pointed out a few months ago in Is Your Business Worth a Coffee the cost is not going to break the bank! But running without it is guaranteed to have a detrimental effect on your bank balance through lost business.