Google has mandated HTTPS, so get SSL or watch your traffic plummet
Nobody likes to beat a dead horse (unless that’s your thing—which is… weird). But I feel like I would be remiss not remind you that Google is ramping up pressure on website owners who haven’t encrypted yet.
That’s right, coming next month Google will release Chrome 62, and with it comes a new HTTP warning. Whereas before, Google would mark any website with a password field as “Not Secure,” now Google will be warning users about any unencrypted website with any kind of text field on it.
Google Chrome 62 Will Mark “Not Secure” to All HTTP Pages.
Think about it, what if someone sat out front of your storefront and told everyone that was about to go in, “this place doesn’t have security?” You’d have no customers. Incidentally, I got a diner shut down in the 90’s by doing something similar. I… [Editor’s Note: We’re going to omit this portion. Let’s move along, Carl] …and that’s why it’s illegal to put more than two cows in a mobile home in Bulloch County.”
Anyway, Google isn’t messing around.
Why does my website say “Not Secure?”
Because you have a password field on your website and you don’t have encryption. Starting in Chrome 58 Google mandated that all websites with password fields must have SSL and be served over HTTPS. Without SSL encryption, a third party can eavesdrop on connections and steal information—like passwords.
Hence the warning.
And the warning is going to start affecting more websites soon. In Chrome 62 the warning expands to any website with a text field. That could be a subscriber field or a search field. Any website with any kind of field where you can enter text will receive a warning and be marked “Not Secure.”
Next year it’s going to ramp up again and Google will come after anyone without SSL. Any site still served via HTTP will be marked “Not Secure.” It’s the encryption apocalypse. Encrypti-. Enly-. Encropalypse?
How do I get SSL?
It’s not that difficult. Take it from me, I’m not a computer guy and even I can get it. You need to start by ordering an SSL certificate. Then you’ll generate a CSR and send it to the Certificate Authority you purchased the certificate from. They’ll validate you and send you the certificate within a few days.
After that, you’ll have to install it on your server. We have a guide here, or else you can ask one of our experts (I won’t answer – I promise).
Regardless of whether you get it from us, you now need an SSL certificate. Well, I guess you don’t NEED one. You can still have a website without one. But nobody will come to it because it says “Not Secure.” And if you’re running a business you’ll slowly bleed money until you’re forced to close. With no source of income your bills will pile up and you’ll be forced out of your home. Within a few months, you’ll have sold your car and all your possession and you’ll be living out of a shopping cart and picking half-eaten sandwiches out of a gas station Blimpie’s trash can.
So get SSL.
Stay cautious, my friends.