Google Chrome to highlight insecure websites with forms in October 2017

Published by Xeno Media Staff
on September 12th, 2017

Late last year, Google announced their mission to make the web more secure in their Security Blog post Moving towards a more secure web.  Google has been promoting the security, speed, and SEO value of Secure Socket Layer (SSL) for over a year and are now using the Google Chrome browser to further awareness.

In a post on the Chromium Blog titled Next steps toward more connection security, they stated:

"Beginning in October 2017, Chrome will show the “Not secure” warning in two additional situations: when users enter data on an HTTP page, and on all HTTP pages visited in Incognito mode."

If your site has any sort of form, even a simple contact form, or if users are logging into your site using the Chrome browser, this affects you.  They continue:

"Eventually, we plan to show the “Not secure” warning for all HTTP pages, even outside Incognito mode. We will publish updates as we approach future releases, but don’t wait to get started moving to HTTPS!"

We have moved a majority of our clients to HTTPS.  We'd love to help you get moved over too!

Recommend Options for an SSL Switchover

Switching over to HTTPS from HTTP is relatively easy:

  1. Acquire an SSL certificate from an established authority.
  2. Configure the SSL certificate
  3. Add a global redirect from HTTP to HTTPS and make necessary adjustments to your CMS.
  4. Test.
  5. Crawl looking for HTTP hard coded links and images and correct.
  6. Update external links that you have control over to HTTPS to maximize SEO.

Options for getting an SSL Certificate

  1. Get an SSL Certificate and install on the server
    Costs will include the certificate, installation of the certificate, testing, and reporting.
  2. Free Shared Certificate from CloudFlare
    By adding any level of CloudFlare to your site and moving the DNS server to CloudFlare you gain a shared SSL certificate for your sites.  This has no certificate cost and a monthly charge only if your needs require a paid CloudFlare plan for particular features. There is some testing and reporting required for this transition.
  3. Free Shared Certificate from Let’s Encrypt
    Let’s Encrypt is a free, automated, and open certificate authority brought to you by the non-profit Internet Security Research Group (ISRG).  This requires root access to the server or a host that provides support for Let's Encrypt and involves installing the certificate on the server and updating that certificate every 90 days.

 

Contact us today to switch your site to SSL

 

 

Photo by Tabby Guarnieri on Unsplash

Google Chrome to highlight insecure websites with forms in October 2017

In October 2017, the Google Chrome browser will begin to show the "Not secure" warning when a user enters any type of data on an HTTP page.  This includes search forms, login screens, contact forms, etc...  The time is now to switch to HTTPS if you haven't already!

Work with Xeno Media

We know you'll judge us by the company we keep. That's just the way we like it. We would love to hear from you. If you would like to discuss your project, please call us at 630.599.1550 or fill out our Contact Form.

Contact Us

18W100 22nd Street
Suite 103A
Oakbrook Terrace, IL 60181
630.599.1550 View Map

Signup for our Newsletter!