06 Sep Google Warnings for Non SSL
Google Warnings For Form Input Over HTTP Coming in October
For years, Google has been actively seeking ways to encourage website owners to implement SSL certificates. SSL allows websites to be accessed over HTTPS, which encrypts information sent between the visitor and web server.
Recently, we discussed how Google is moving from a reward system to a punitive one. Websites using SSL continue to get an SEO boost since it became a confirmed ranking signal in 2014, but we noticed a few months ago that Google was blacklisting non-HTTPS websites that allowed password fields and credit card forms to be filled.
In just over a month, Chrome version 62 will be released, and websites with any kind of text input will require an SSL certificate if they want to avoid a “Not Secure” warning in the address bar.
It’s unclear at this point if this is a step toward blacklisting sites that take form input without SSL. If so, it makes sense from Google’s perspective. As more sites adopt SSL, the remaining websites will require additional incentive to make the switch. We’ve seen Google ramp this up continuously, and we don’t expect any change in pace.
Users, as we know, often don’t notice the “Not Secure” warnings. The onus is on service providers and website owners to protect their users from unknowingly sending sensitive information to their servers, and Google is taking on the role of policing this.
Is Your Site Affected?
Here are a few questions to ask yourself:
Does your site take any text input? This includes contact forms, search bars, login panels, etc.
- Is your website using HTTP:// in the address bar?
- If you answered “yes” to both of those questions, you need to implement SSL to avoid showing a “Not Secure” warning in visitor’s browsers.
- You should also be forcing HTTPS on your site to avoid having users accidentally access the non-encrypted version of your site.
For hosting clients we have set up a simple Order Your SSL Certificate Here link: https://www.paulbarrs.com/shop/web-design/ssl-certificate
Though if you have multiple sub-domains, you’re more likely to need an Wildcard SSL Certificate.
Read More: SSL Basics (Video)
Article by Tony Perez https://twitter.com/perezbox
This article was first published at https://blog.sucuri.net/2017/08/google-warning-text-input-forms-october-https-ssl.html