With 90% of households in the UK having access to the internet, the threat of online fraud and identification theft should not be taken lightly. That’s why Google are stepping up their online security measures.
Earlier this year, Google’s Product Manager of the Chrome Security team announced they would be marking non-HTTPS webpages as “Non Secure”
when a user enters data into a HTTP field or when browsing a HTTP site in incognito mode. That’s in addition to the original warning for when websites collect passwords and credit card details on HTTP.
Google have said that they won’t be stopping there. They plan to eventually show the “Not Secure” warning for all HTTP pages, even outside of incognito mode.
Aside from the obvious poor user experience resulting from the big red “Not Secure” warning in Chrome, Google have also hinted that they provide website’s using HTTPS with an advantage in search rankings. How much of an advantage is unclear, but as Google continues to roll out its “non-secure” plan, it’s very clear that the search giant takes security very seriously and its impact on search rankings may become even greater.
So, if you’re not yet SSL secure, it’s time to jump on-board the HTTPS train, or prepare to be left at the station!
Here’s how to make a website secure in Google Chrome in 4 steps…
1. Purchase SSL
An SSL certificate is a text file with encrypted data that is installed onto your website. This allows data, including user passwords, credit card details and more, to be encrypted and transfer safely between your customers and the website.
You will need to create a CSR (Certificate Signing Request) and purchase a certificate for your domain. These can either be single or multiple domain certificates. We tend to use either Nexcess
, however there are many other providers out there.
2. Install on the server
Once validated, your SSL certificate will be issued ready for it to be installed on your server. If you do not have sufficient web experience, we’d recommend seeking a professional to install on your website.
3. Force HTTPS across your website
To gain the benefits of an SSL certificate, you will need to enforce this across your entire website. Again, if you don’t have adequate web experience, we’d recommend seeking help from a professional.
Alongside changing your internal links and assets, you will also need to ensure that canonical tags are present in the head section of your website to redirect traffic coming in from http:// to https://.
For further details on how to effectively migrate your website across to HTTPS, you can read Google’s handy guide
4. Audit your site
As with all development work, you will need to test your website to ensure that all your web pages are secure. To do this, open chrome and go to your website. Navigate through multiple user journeys from start to finish (e.g. landing page, through to category page and product page all the way to payment), ensuring the green “Secure” label is present in the left-hand side of the URL box.
You will need to ensure that all links, images and files are not linking to the HTTP version, otherwise your page will flag as being unsecure.
And that’s it, your 4 step guide to installing your SSL certificate and making your website secure on Chrome.
If you’re looking to make your website secure and would like help installing your SSL, then get in touch with us today. We’ve got a team of experienced web developers and SEO professionals
to ensure your migration goes swimmingly.
Call our friendly team on 01604 696385 or email email@example.com
for expert advice.