Google Chrome to highlight insecure websites with forms in October 2017

Published by Jim
on September 12th, 2017

Late last year, Google announced their mission to make the web more secure in their Security Blog post Moving towards a more secure web.  Google has been promoting the security, speed, and SEO value of Secure Socket Layer (SSL) for over a year and are now using the Google Chrome browser to further awareness.

In a post on the Chromium Blog titled Next steps toward more connection security, they stated:

"Beginning in October 2017, Chrome will show the “Not secure” warning in two additional situations: when users enter data on an HTTP page, and on all HTTP pages visited in Incognito mode."

    If your site has any sort of form, even a simple contact form, or if users are logging into your site using the Chrome browser, this affects you.  They continue:

    "Eventually, we plan to show the “Not secure” warning for all HTTP pages, even outside Incognito mode. We will publish updates as we approach future releases, but don’t wait to get started moving to HTTPS!"

    We have moved a majority of our clients to HTTPS.  We'd love to help you get moved over too!

    Recommend Options for an SSL Switchover

    Switching over to HTTPS from HTTP is relatively easy:

    1. Acquire an SSL certificate from an established authority.
    2. Configure the SSL certificate
    3. Add a global redirect from HTTP to HTTPS and make necessary adjustments to your CMS.
    4. Test.
    5. Crawl looking for HTTP hard coded links and images and correct.
    6. Update external links that you have control over to HTTPS to maximize SEO.

    Options for getting an SSL Certificate

    1. Get an SSL Certificate and install on the server
      Costs will include the certificate, installation of the certificate, testing, and reporting.
    2. Free Shared Certificate from CloudFlare
      By adding any level of CloudFlare to your site and moving the DNS server to CloudFlare you gain a shared SSL certificate for your sites.  This has no certificate cost and a monthly charge only if your needs require a paid CloudFlare plan for particular features. There is some testing and reporting required for this transition.
    3. Free Shared Certificate from Let’s Encrypt
      Let’s Encrypt is a free, automated, and open certificate authority brought to you by the non-profit Internet Security Research Group (ISRG).  This requires root access to the server or a host that provides support for Let's Encrypt and involves installing the certificate on the server and updating that certificate every 90 days.

     

    Contact us today to switch your site to SSL

     

     

    Photo by Tabby Guarnieri on Unsplash

    Google Chrome to highlight insecure websites with forms in October 2017

    In October 2017, the Google Chrome browser will begin to show the "Not secure" warning when a user enters any type of data on an HTTP page.  This includes search forms, login screens, contact forms, etc...  The time is now to switch to HTTPS if you haven't already!

    Work with Xeno Media

    We know you'll judge us by the company we keep. That's just the way we like it. We would love to hear from you. If you would like to discuss your project, please call us at 630.599.1550 or fill out our Contact Form.

    Contact Us

    18W100 22nd Street
    Suite 128
    Oakbrook Terrace, IL 60181
    630.599.1550 View Map

    Signup for our Newsletter!