Google Chrome SSL Security Update Affects Non-Secure Websites
In July of 2018, the Google Chrome update will cause non-secure sites (websites with no SSL certificate) generate a message that the site is NOT secure and make the visitor click to agree to browse the insecure site.
What you need to do to prevent the security warning on your site
While an SSL certificate is not required for your website to function properly, the Google Chrome security update will begin to highlight non-secure sites in a very blatant way that will make it look like your un-secured site is not legitimate.
To avoid the security warning that Google Chrome will display on non-secure sites, you’ll need to acquire an SSL certificate and install it on your site. Most businesses have one domain name and can purchase a simple SSL that covers a single site. If your site has multiple subdomains (shop.yoursite.com; files.yoursite.com; forum.yoursite.com) you’ll need a wildcard SSL that will cover all of the subdomains.
There are companies that offer a free SSL certificate that can be installed manually on some hosting sites. However, the free option is difficult to manage on some of the larger hosting company sites and needs to be updated on a regular basis.
SSL Costs and Installation
To avoid headaches, I recommend purchasing an SSL certificate directly from your hosting company (the company that you pay to “park” your website). An SSL certificate should cost between $75 and $150 per year for a single site. A ‘wild card’ security certificate that protects all of your sites subdomains starts around $225.
Some hosting companies like GoDaddy make installation easy; once you purchase the certificate you choose the site you want it installed on and all the coding work is done automatically. This is a huge time- and cost-saver over other hosting companies that require you to manually upload co
The manual work required with some hosting companies is something you’ll most want to contact your developer to handle for you. If your website is built in WordPress and has plugins installed, you’ll need to make sure the new secure pages are working with the plugin. In addition, if your site has any hard-coded internal links using ‘http’ in the address, an audit may need to be done to make sure the links are updated or are redirecting properly for the secure pages.
The free SSL Certificate 0ption
If you’re tech-savvy and want to try the free option for your SSL certificate, check out Let’s Encrypt (https://letsencrypt.org/). Depending on your hosting company, this could be a good choice, but be aware that sites hosted on some of the larger companies like GoDaddy don’t make it easy to use the free option. You should also expect to have to update the SSL certificate code on your site every 3-6 months when using the the free option.
SSL Certificates are intended to make the internet safer
Although it seems like it’s just another way for internet companies to make money, an SSL security certificate is designed to ensure that the data sent and received from your computer to the site you’re browsing is encrypted and securely transmitted. The web is full of malicious sites that look legitimate but are set up by illegitimate companies in an effort to capture your data.
Having an SSL certificate on the site not only encrypts the data being sent and received, but also ensures the site owners have gone through the process of applying for and implementing the security protocol. The Google Chrome security change will make it very obvious to visitors that the site they’re visiting may not be legitimate.
To avoid being classified as a potentially insecure site, get your SSL certificate installed on your site as soon as possible.
Having an SSL certificate correctly installed will give you an advantage over your competitors who don’t have theirs yet. Take action now so you don’t end up with visitors seeing site warnings when landing on your page.