We at NNE Digital (and by use of the royal we I primarily mean our chief technologist and artisanal coffee expert, Chris) have spent the first half of this year ensuring that all our of our newspaper websites – and all of our customer websites – have been transitioned to HTTPS in advance of the impending release of Google Chrome 68. What’s Chrome 68, you ask, and what does that have to do with HTTPS? And should I be concerned about this for my website? The answer to that last question is emphatically yes. Let’s unpack the other questions in hopefully painless not-too-technical detail.
Google Chrome
Google Chrome is the web browser developed by Google, competing with other web browsers such as Firefox, Safari, Opera and Microsoft Edge/Internet Explorer. Odds are good you’re reading using Google Chrome right now.
Just as Google’s search engine dominates the market over competitors (72.21 percent, via Netmarketshare) such as Yahoo and Bing, Google’s Chrome browser is used by the majority of people in the world right now. According to Statista, by May of 2018 Chrome has achieved almost 66.9 percent of global market share. To put that massive ownership in context, the next most popular browser, Firefox, has only 11.5 percent.
This means that when Google changes the way Chrome interprets websites, developers must follow suit. It It’s similar to search: given the huge Google market share, search engine optimization experts have to worry about making Google happy first.
So What Will Chrome 68 Do Differently?
When Chrome 68 is released this month, it will explicitly mark non-HTTPS sites as “Not secure.” You can see the difference in this image from the Google Security blog:
Now this doesn’t necessarily mean that people won’t visit your website if it’s using HTTP – but it does add a hurdle to their trust in you. Imagine having a police-issued notice on the front door of your shop: “Danger, enter at your own risk.”
Why is Google Doing This?
Google cites three primary reasons for, in essence, forcing sites to switch to HTTPS.
First, HTTPS prevents hackers and other intrusive companies (including ISPs) from tampering with your site – injecting ads or malware for example.
Second, HTTPS helps protect the privacy of your visitors by shielding the information they are sending to or receiving from your site from snoopers.
Finally, HTTPS is required for a number of emerging interactive web technologies that require explicit permission from the user to execute.
At the heart of it, most folks agree, it just makes sense. Especially since the cost of a secure certificate (more on that in a minute) has fallen dramatically over the past decade.
Okay, So What Is HTTPS, Anyway?
Let’s start with HTTP. This stands for Hypertext Transfer Protocol. It’s the way data has long been transferred across the web, allowing both the server and browser to understand each other. You see it at the beginning of a URL: http://www.example.com.
HTTPS is an extension of HTTP that uses a secure layer to encrypt information going back and forth. Currently that encryption is done by Transport Layer Security (TLS). In the past this was handled by Secure Sockets Layer (SSL).
So How Do I Get HTTPS?
The basic steps to migrating your site to HTTPS include getting a public and private key pair, requesting a certificate from a certification authority, and installing the certificate on your server. This grossly oversimplifies the process, but it’s a start. From here, if you aren’t tech support, I’d recommend asking your website provider or hosting provider how you can get started. Some hosting providers help to streamline the process for you. Just be aware that certificate prices can range from free all the way up to several thousand dollars. Doing your research is critical in understanding what you need, what you don’t, and what you should be doing for yourself and what it makes sense to hire out for.
But no matter what certificate authority and service provider you decide on, the decision to move to HTTPS is one you can’t avoid. You don’t want to scare off customers with a warning sign before they have even walked through the front door.
Get A Free Web Health Checkup For Your Business Site
Just provide your website URL and we’ll send you a free report that shows how the web sees your site, and your brand. From reviews and ratings to website speed and mobile optimization, you’ll find plenty of great information to help improve your business’ online reputation. No commitment, no credit card required.