Google’s downgrading of HTTP sites in Chrome
As of July 1st 2018, Google’s Chrome browser will see sites without TLS security built in as ‘not secure’ and rank them below sites that do have security. Those sites’ URl’s start with HTTPS vs HTTP. Data sent using HTTPS sites is secured using Transport Layer Security protocol (TLS), which provides three kinds of protection: Encryption, Data integrity, and Authentication. There are other reasons they’re doing this, but it’s primarily for the protection of Google’s users.
Is your site “secure” in Google’s eyes?
If you’re not familiar with what I’m talking about, do a search right now. Just put Google.com, Facebook.com, any well-known established site address in the search bar and notice the s after http in the URL where you end up. That s means there’s encryption going on in the background that makes data on that site much safer, much harder to hack or steal. Now look at your site and see of there’s an s in your website address. If not, going forward Google will treat your unsecured site less lovingly in the rankings.
How do you get an SSL?
First, talk to whoever is hosting your site and ask for it. If you’re with a good hosting provider they have already done it for you. Some will make you pay for your SSL, some won’t.
The primary problem I’ve seen people have when adding encryption is broken links. Because your address changes from HTTP://www.youraddress.com to HTTPS://www.youraddress.com some links may have been broken. That’s less prevalent than it was a year ago, but it can still be a problem. It all depends on the platform your site is built in, the size and complexity of your site and who is hosting it.
So after you’ve added the s, make sure your links are all working. A great free tool for that is SEO Spider from ScreamingFrog and I have a link to that in the text below. I also included a couple of links to other articles on the topic in the text below.
It’s not a force field
Remember that this change vastly improves the security of the data going into and out of your site. It’s not a force field around your site. Your site is still vulnerable to a wide range of attacks.
Thank you for watching. I am looking forward to talking to you again soon.