Any site that doesn’t have an SSL certificate or is just using HTTP protocol is in for a rude awakening very soon from Google.
The search engine turned everything else announced that in July that Chrome users would be alerted that a site that’s just HTTP in the URL window. And in September the plan is to give that same warning in the window of the browser.
It’s a helpful push to make the web a bit more secure for users online. And all of the major sites (plus this one) are using it. So it has to be doing something right. And I know this seems like such bully attempt from big, bad Google, but it’s important in today’s internet.
And whether Google requires it or not, your site should be using the HTTPS protocol.
Your website needs it
Well first off, as I mentioned earlier, you’re going to need HTTPS and an SSL very, very soon if you don’t have one. Google’s decision to highlight sites that aren’t using HTTPS will mean that if you don’t have it will be flagged by Chrome as not having HTTPS. Other browsers, like Safari and Firefox, might follow suit soon after.
If you’re site gets flagged for not using HTTPS, people are going to see it and decide not to go to your site. After all, the browser is telling them that the site might not be safe for them to go to. That means traffic to your site is going to go down, and if you do business through your site, either through eCommerce or getting leads through your site, that’s going to cost you business.
So to just avoid all of the confusion, go ahead and get an SSL certificate for your website now if you haven’t already done so.
Security and trust issues
I know it might seem odd or mean that Google is deciding to do this seemingly arbitrarily. But honestly, I think it’s the right move for the web these days. While SSL and HTTPS doesn’t take care of every security concern, it does add a layer of security for the site.
SSL keeps your connection between your computer and the website you’re on private. The connection is encrypted with only a key your computer and the website know. That means that third party computers, like that guy using the coffee shop to try and hack some people, can’t interrupt that connection.
This makes SSL and HTTPS basically required for any website that runs payment over it, whether or not Google says it’s required. And for the safety and privacy of visitors to your website, it should be on your site as well no matter what.
Pretty easy to get
Of course, for a non-web developer, getting an SSL certificate and making your site use HTTPS can seem like a daunting task and expensive. And for a while, it actually was quite difficult and a skill you had to learn.
But in the past few years, getting an SSL certificate is actually quite easy. Let’s Encrypt allows you to get and set up an SSL certificate for free. Yeah, that’s right. You can get an SSL certificate for free. Simple as that.
If you use WP Engine for hosting, you can get and set up a Let’s Encrypt SSL certificate through the user portals. Other hosts have directions about how to set up the certificate for your site.
But there’s no longer an excuse for your site to have an SSL certificate and to be using HTTPS. While HTTPS doesn’t take care of all security concerns, it does add a layer of security your site needs. And that means your site is more trustworthy and your traffic stays the same.
So do it now.