Those of you who have been reading this blog regularly will have seen us discuss SSL on numerous occasions in the past, but this may be the most important announcement yet. And clients of ours who are members of our private mailing list will have recently received a notice that almost makes us a look like Nostradamus as we impressed that SSL was going to be something that Google was going to push hard for 2017. And, then, out of the blue Google started to send notifications to non SSL based sites!
Nonsecure Collection of Passwords – Chrome 56
Some of our clients haven’t yet purchased SSL certs and so Google are starting to push out notifications via Google Search Console warning webmasters that:
Beginning in January 2017, Chrome (version 56 and later) will mark pages that collect passwords or credit card details as “Not Secure” unless the pages are served over HTTPS.
This move from Google will surely kick off the Great SSL Panic of 2017 which will probably have shades of the “Mobile-ageddon” a few years ago when Google started to penalise sites that weren’t fully responsive. This quickly moved the market and WordPress development trends to be fully responsive and the same will probably happen here with SSL.
Why SSL? Why Now?
This move by Google to display warnings for non secure content isn’t surprising as as far back as 2014 having an SSL cert could give a boost to your site rankings and to a degree this is a continuation of that. Google want to have confidence that if they are routing traffic from their search engine that the site they are sending browsers to is secure as there should be a higher probability of browser satisfaction. At present the non secure warning will only display if:
The URLs include input fields for passwords or credit card details that will trigger the new Chrome warning. Review your site to see where these warnings will appear, and so you can take action to help protect users’ data.
however we believe this in time will expand to be any page that isn’t served via HTTPS. We have been beating the drum about SSL for about 2 years but now the chickens have really come home to roost and it’s time for all sites to move to SSL.
Moving to SSL
We have done up a quick guide on how to move to SSL here and a post with lots of useful info about SSL setup which will hopefully help get you on your way to implementation. To get started you will need to purchase an SSL cert and then it’s a case of configuring the site to use HTTPS. If you need help in deciding which SSL to choose or in getting your site fully SSL’d then get in touch with us now.
We’ve been configuring SSL certs on client sites for years and will be able to get the SSL in place for your site. Get ahead of the Great SSL Panic of 2017 and contact us to secure your site now!