Skip to main content

Not Secure Warnings on Your Website

Not Secure Warnings on Your WebsiteWeb Browser Not Secure Warnings

Simply put, Not Secure warnings when a user/customer visits to your website is bad for business. It can be frustrating, the “rules” on Internet change so often it’s hard to keep up. Being a website owner, you have  responsibility to your users to make sure any data they enter is protected.

For the past few years, Google has been suggesting  that all websites move to HTTPS so all web pages are delivered over a secure connection.  If you migrate your website over to HTTPS by purchasing and installing a secure certificate, Google will reward you by giving you a small ranking boost in the search engine results pages (SERPS).

Early in 2017, Google Chrome web browser has started displaying a Not Secure warning in the browser address bar if you have a form on your website that collects private information like a password or credit card number.

This does not pertain to just eCommerce website forms collecting credit card information, this applies to ALL forms, your login forms,  even your website contact form.   Firefox browser has implemented similar non secure warnings, and actively promote  using HTTPS on all websites.

 

What is HTTPS?

When you load your website starting with http vs https any data that is submitted travels over the Internet as viewable text. Loading a page https vs http, when data is submitted through a form, text is encrypted (scrambled, encoded…) and impossible to decode and read.

Keeping Data Safe

I would assume most people don’t think about what happens when you submit a button on a website. If you are a website owner though, you have an ethical responsibility to protect your users data.

Maybe your website is not selling products or having users login to access protected information.  Google has made another recent announcement that starting in October 2017 , using Google Chrome 62 any website form, regardless if it is submitting passwords or credit cards will display a Not Secure warning in the browser address bar.

Google’s goal is to eventually push all websites to load over HTTPS.  So you can ignore it for now, or you can be proactive and take care of it before it’s a problem.

How to make your website load over HTTPS?

In order for your website to load securely, you need to acquire, install and configure a SSL certificate on your web server. Pricing for a secure certificate ranges from free to hundreds of dollars a year.  There different types of secure certificates you can buy depending on your needs.

Your web host can install a secure certificate for you for free or a small fee. Once it’s installed you can then update your website so it loads over HTTPS. Adding code to force a redirect to https:// if a user types in http:// and updating links throughout your site need to be done.  All code references on the page need to be using https or you will still get a Not Secure warning. It will take some time to review and debug all web pages to make sure they are loading over HTTPS.   If you are not comfortable with working directly in your website source code, hiring a web developer to properly migrate your website to HTTPS may be a good investment for you.

Does my website need SSL?

If you are questioning if you need an SSL certificate for your website, if any of these statements are true you do.

Are you accepting credit cards on your website?

Do you have login form on your website?

Do you have a contact form on your website?

Do you have ANY form submitting data on your website?

Do you want to be proactive in keeping your website safe and secure for yourself and your users?

Do you want your business website to appear to be professional and in your users best interest?

Do you want to keep up with the current standards and technology on the Internet?

Comments are closed.