Google update for non-HTTPS websites

There has been a lot of noise recently regarding the changes that Google are making to Chrome, and that websites that are non-HTTPS will show as unsecure in the Chrome browser.

Website security is of vital importance and this move by Google seeks to protect website users.

The first stage in the Chrome update will be to flag HTTP websites that allow a log in (client area, payment etc) as not secure. All Ascensor websites where a log-in is possible have always been covered by a secure certificate, making them HTTPS.

During the course of 2017, Google will be rolling out further updates that will eventually mean that all websites must be HTTPS.

If your website does not allow log-in, or take passwords then there is no immediate panic – despite what some of the emails we have seen would have you believe.

Website security is important and we are now recommending that all website owners move to HTTPS, however this can be done as a staged approach over the next few months.

Here’s some more info on the update:

Google Chrome Update

At present, Google Chrome is using version 53 of their web browser however they are expected to release version 56 of the Chrome web browser by the end of January 2017.

This upgrade will involve a significant change in the way Google Chrome displays websites that are collecting passwords and are not https://... If your website is not https:// (including WordPress sites) then this updated version of Chrome will mean a message will appear in the location bar saying ‘Not Secure’ on pages that contain sensitive input fields that collect passwords or credit card details. This will have obvious implications to the website trust.

Google have said that this will also affect incognito mode, as people browsing Google Chrome in incognito generally have an increased expectation of privacy which is why all non-https pages will be labelled as ‘Not Secure’. The purpose of Google’s roll-out of this update is to encourage websites to increase levels of website security and protect users details.

If your site is not https and you have a log-in or payment facility…

By the end of January 2017 your website should be made secure to avoid the warnings – this does not affect any Ascensor clients.

If you do not have a log-in facility or take payments…

You should plan to move to HTTPS – Ascensor clients will shortly be receiving a notification email regarding this simple process.

If you have any concerns then please do not hesitate to Contact us today and speak to our support team who are on-hand to answer any questions you have.

Have you read...