Have you seen “Not Secure” warnings popping up in the URL bar? Are you aware of the security changes for internet browsers? What’s the deal?
As an everyday internet user, these security warnings can be helpful. A secure site connection is a great way to know whether or not you can trust the site you’re on or feel comfortable submitting your personal information to the site in forms. On the other hand, if you’re creating or curating a site, you want people to trust your site, right? Is your site safe, or is it showing “your Chrome connection is not secure” warnings?
Lately, there’s been a big step in the right direction when it comes to internet security. It’s safe to say these changes are for the better as we’re working towards creating a safer internet!
In the following sections, we’re going to cover everything you need to know to fix the “Chrome connection not secure” warning with SSL, and why this matters for your site’s success:
- What’s changing with Chrome and HTTPS?
- Google security and why it’s updating
- What is SSL?
- How to make your site secure with SSL
What’s changing with Chrome and HTTPS?
Back in October 2017, Google started flagging sites as “Not secure.” Since then, security measures have continued to progress.
As of July 2018, Google Chrome is now taking proactive steps to increase awareness about the difference between insecure and secure websites. Mozilla Firefox is joining the efforts as well. As it turns out, an SSL certificate is the number one requirement for both browsers, based on the updates released by Chrome and Firefox, which both aim to make the web safer for everyone.
Users can quickly see when an SSL certificate has been installed on a site by looking at the URL. In Chrome and Firefox, there’s usually a little green padlock with the word “Secure” next to it. Safari has a gray padlock next to the site name. You can also tell by looking at the beginning of the URL itself. A not-secure website will use HTTP while a secure site will use HTTPS (the “s” on the end means your connection is secure).
These connection messages are non-intrusive, and can establish a lot of trust with your users because they know their information is safe on your site! On the other hand, if you don’t install an SSL certificate, users will encounter some not-so-welcoming errors that might cause them to abandon your site. In Firefox, there are various icons for these site connection warnings, including a gray padlock with a warning triangle and a gray padlock with a red strikethrough. In Chrome and Safari, either an information symbol or a red warning symbol will pop up for not secure sites. Here’s what these “connection is not secure” warnings look like.
Google security updates
Let’s talk about the importance of online security. Many things have been moving the right direction in regards to internet security, from the Facebook court case to GDPR to SOC security audits. It seems everyone is calling for a safer, more trustworthy online experience.
As I mentioned, website visitors expect a great experience. Yes, they want to see a cool site, but more than that, they want to feel secure and protected.
No one wants to fill out a form on an insecure website — that’s a bad digital experience. Especially in today’s digital age, everyone is more aware of the security they should expect online, even if they don’t know all the nitty-gritty details. People are really starting to take initiative, and eCommerce sites, as well as other sites that handle sensitive customer data, need to follow these security practices closely in order to comply with regulations.
Beyond creating a better client experience, there’s also some debate that better security practices and SSL certificates can benefit your site’s SEO. Google has been considering security in their ranking since 2014, and there’s lots of chatter about how current practices affect ranking.
So how are you supposed to implement all these security changes and fix that “not secure website” message in Chrome? The simplest means of securing your site comes down to a little three-letter acronym: SSL.
What is SSL?
We keep talking about SSL certificates, but what is it? SSL (Secure Sockets Layer) is a protocol used to secure and encrypt communication between computers. The protocol works by binding the identities of entities such as websites and companies to cryptographic key pairs using digital documents (known as X.509 certificates). Each key pair consists of a private key and a public key. The private key is kept secure, and the public key can be widely distributed via a certificate.
In simpler terms, an SSL certificate helps increase website security by keeping information safe, and it’s crucial for preventing the types of security warnings and errors detailed above.
How to make your site secure with SSL
We keep talking about SSL certificates, but what is it? SSL (Secure Sockets Layer) is a protocol used to secure and encrypt communication between computers. In simpler terms, it helps increase website security by keeping information safe!
Wondering what an SSL certificate costs? It all depends on what you’re looking for and how your hosting provider handles website security. You can get different types of SSL certificates in many places for many prices like Let’s Encrypt (for free) or DigiCert starting at ($157). It all depends on the information you’re dealing with on your site and how you manage it. For example, a simple design portfolio and a healthcare employee portal would clearly have very different needs.
WordPress hosting companies like WP Engine and Flywheel offer free SSL certificates. It only takes a couple clicks, and you’ll have that beautiful green padlock and no more red error messages in Chrome, or any other browser (not to mention a bunch of other built-in security best practices)! Want to learn how to install an SSL certificate on Flywheel? Just follow this simple, 5-step guide.
If your site isn’t on Flywheel yet, you’ll have to check with your hosting provider to see how they handle certificates. Typically, the process includes a little communication between your host and the certificate authority to get everyone on the same page. Check with your host to see if there are fees that come with adding an SSL certificate or if they have any recommendations on what’s best for you and your website.
To wrap it all up, if your site is currently not secure and doesn’t have an SSL certificate installed, you’ll want to fix that as soon as possible so the errors and warnings don’t affect your business, site traffic, or SEO.
While it may seem a little chaotic for web designers and developers, taking advantage of HTTPS is a really good thing in the long run. Half the internet is already secure, meaning we’re all moving to a better way of browsing the web and transferring data. And the best news is that it’s simple and easy to fix a failed secure connection, especially for designers and developers using a host like Flywheel. We’re all working towards a safer internet, one SSL certificate at a time.
This article has been updated from its original publish date on October 5, 2017. All imagery in the article was shot and created in-house at Flywheel.