If your website’s default access is still HTTP instead of being secured with an SSL certificate, starting tomorrow Google Chrome browsers – which represent about 60% of the browsers used out there – will start reporting your site as ‘Not Secure’ in the Chrome address bar.
Obviously this will cause many users to not trust your site – even if you don’t conduct financial transactions or store data. Not good.
Google’s motivation for this move was explained in an online memo they released in February. Basically, when accessing sites secured by HTTPS encryption, interactions between the site and the end-user’s browser are fully encrypted. And as a positive benefit, most bots and browsers favor HTTPS sites. This means more traffic and better placing in search results.
If you’re website isn’t fully encrypted, it’s scramble time. In addition to purchasing, configuring, and installing a SSL certificate, you’ll also need to make sure that any plug-ins used on your site are configured to access content securely.
Note that 90-day SSL certificates are available for free but then you’ll need to renew the certificate every 3 months. Certificates are available to purchase for 1 and 2-year terms from most of the Domain Registrars including GoDaddy, Web.com, and Network Solutions. If you have a hosted site, get in touch with your hosting provider – but expect them to be busy.