This is a quick post to let you know about an important change that Google are making to their web browser Google Chrome. You may have noticed the new Not secure notice at the top of your browser in the url bar on some websites:
Chrome’s latest updates adds the notice to all pages which have a login area, request passwords or take credit card details. Ultimately Chrome will show all websites as non-secure that don’t have a security certificate regardless of needing a password. Chrome is the most popular web browser with 73.7% of all web traffic being viewed on it but It’s quite likely that the other web browsers will also follow suit in the near future. You can read more about the change on Google’s blog.
To secure your website and remove the Non-secure notice you will need to install an SSL security certificate.
What exactly is an SSL security certificate? I hear you ask. SSL certificates are little data files that connect a cryptographic key to an organisation. When installed an ssl security certificate activates the https:// at the beginning of your domain name and allows secure connections from a web server to browsers. Generally SSL is used to secure things like credit card transactions data transfer or logins, you often see them used on social media sites and when you make a payment via Paypal.
Websites without SSL security certificates will continue to work as normal but the non-secure notice may put people off of login in. Even though most eCommerce stores use payment gateways like Paypal which navigate clients away from your website to take payment on their own secure server and don’t store credit card or payment details on your server that nagging notice may put people off from getting that far. It will also effect membership site and blog comment login areas.
SSL security certificates normally cost around £30 a year +, however the non-profit Internet Security Research Group (ISRG) have started https://letsencrypt.org/ where you can get a free SSL security certificate.
You will need to make some alterations to the .htaccess file to force browsers to use the secure route and insure the site is only accessible through the secure gateway. You’ll also need to update the path to all media files and images throughout the site. When everything is done correctly your site will appear with a Secure notification and a little green padlock like this:
If you’re interested in installing a security certificate for your website and would like our help we can manage the process for you for and are currently offering the service for a one of fee of £50 to our existing clients. If you’re not already one of our clients but would still like our help get in touch we’ll take a look at your site and quote you a one off fee.