Google has put all websites on notice: starting in July, either you encrypt your site or else Google’s Chrome browser will flag your site as “not secure,” according to a new Google blog post.
Our advice: encrypt your site now. Don’t wait until July. If your site lacks SSL encryption, it is already being downgraded in search results.
Here’s how you can tell if your site is encrypted:
- Visit an HTTP URL on your site such as: http://www.mywebsite.com/page.html
- You should then be automatically redirected to the secure version of the URL, and see the following confirmation:
- If you have not yet properly secured your website, one of two things can happen. Either you will see an “info” icon in front of your address:
- Or you will see a red warning such as:
- If you suspect there may be an issue with your SSL encryption and HTTPS setup, you can investigate the problem at: https://www.ssllabs.com/ssltest/. This Qualys tool will help you identify further actions that you can take in order to properly secure your site.
Google offers some guidance on how to do a migration. As Emily Schechter, Chrome security product manager, notes on the Google blog:
Chrome is dedicated to making it as easy as possible to set up HTTPS. Mixed content audits are now available to help developers migrate their sites to HTTPS in the latest Node CLI version of Lighthouse, an automated tool for improving web pages. The new audit in Lighthouse helps developers find which resources a site loads using HTTP, and which of those are ready to be upgraded to HTTPS simply by changing the subresource reference to the HTTPS version.
Google has good reasons to enforce SSL encryption. It protects users’ privacy and confidentiality. So, although securing your site adds one more task to your to-do list, it is in your and your users’ best interest to implement it.
Act on Google’s mandate now and project yourself and your site visitors. If you need more guidance, contact SIM Partners. We’re here to help.