Does your website collect sensitive visitor information such as passwords, credit card details and other personal data? If so, Google may be flagging your website as unsafe. As of October this year, websites without HTTPS and SSL are being penalised and marked as non-secure on Google Chrome – even if they don’t collect sensitive information.
So, what is HTTPS?
The protocols for passing information, such as login and credit card details, between web servers and clients, is known as HTTP (HyperText Transfer Protocol) and HTTPS (HyperText Transfer Protocol Secure). With a standard HTTP connection, it is possible for unauthorised parties to hijack and observe the data being transferred between your visitors and your website. An HTTPS connection, on the other hand, will encrypt the data using an SSL certificate (Secure Sockets Layer) preventing it from being visible to any third parties – keeping both your visitors and your website safe.
What does this mean for your website?
If you do not have an SSL certificate, your visitors will receive a notification warning them that your website is not secure and their data is vulnerable to attacks – this isn’t a great way to keep visitors coming back! Likewise, it means you are also vulnerable to attacks by third parties, and the data you store on your website could become compromised.
How can you secure your website?
There are two easy ways you can check your website to see if it is secure:
- In the URL bar, there will either be a padlock or the word ‘Secure’.
- The URL says, “https://”.
If your website is displaying either of these indicators, you and your visitors are safely connected through an HTTPS connection.
If your website isn’t showing any indication that it is using a secure connection, then you will need to obtain an SSL certification and enable it. You can contact your web hosting for more information on how to do this or feel free to reach out to us, and we can sort it for you.