Having a non-HTTPS website? Be prepared to get penalized.

Google Chrome, the most popular web browser in the world, is going to mark all HTTP websites as “Not Secure” starting this Summer. In other words, if you don’t have an SSL certificate installed on your website, Chrome will greet your visitors with “not secure.”

Google plans to release this update beginning July 2018, with the launch of Chrome 68.

This change has been expected for a while. Over the last two years this has been one of Google’s crusades, and this is just the final step. Emily Schechter, Chrome Security Product Manager, announced this to the world on Google’s official blog.

“For the past several years, we’ve moved toward a more secure web by strongly advocating that sites adopt HTTPS encryption. And within the last year, we’ve also helped users understand that HTTP sites are not secure by gradually marking a larger subset of HTTP pages as “not secure.” Beginning in July 2018 with the release of Chrome 68, Chrome will mark all HTTP sites as ‘not secure,’” she wrote.

What exactly is HTTPS? Why does it matter ?

HTTPS is a web protocol through which data transfer takes place between web browsers and web servers. You may have noticed HTTPS in front of a website’s URL. HTTPS is a secure version of HTTP, one of the original web protocols. The difference between the two, as you can see, is the “S.” This “S” stands for secure. It means that the connection between the website and its users is securely encrypted. When the site is HTTPS-enabled, it shows certain signs that vouch for a secure connection.

This secure connection thwarts attempts at eavesdropping and data-tampering by malicious 3rd parties. This means that the data sent back-and-forth between the two sides remains protected.

This is how Chrome is going to warn the visitors on HTTP sites.

If you run a website – for whatever reason – you need to see this.

chrome 68 http error

As shown in the above image, as soon as a visitor lands on your site, he/she will see “Not Secure” in front of your URL.

Now put yourself in a user’s shoes for a minute and imagine coming across this “Not Secure” message. You wouldn’t trust the site with your confidential information, would you? Many of you might even discontinue browsing on that site.

Kind of a big deal, isn’t it?

Here’s how to migrate to HTTPS

If you want to (why wouldn’t you?) get HTTPS and want to stay away from Chrome’s warnings, you need to install an SSL certificate on your website. Before you go and buy a certificate from us (we have THE cheapest certs in the industry), you should take a look at what type of website you want to secure and how many domains-subdomains you have.

Concluding Thoughts

This move by Google is undoubtedly going to have a major impact on almost half of the websites in the world. Make sure your website isn’t one of them.

Related Sources


Welcome to Savvy Security, a blog focused on providing practical cybersecurity advice for website owners and small businesses. Our team brings you the latest news, best practices and tips you can use to protect your business...without a multi-million dollar budget or 24/7 security teams.