Day by day, we are moving toward a more secure web as website owners are now adopting HTTPS encryption for their websites. Previously, the HTTPS was used for several purposes like payment transactions, emails, account login etc. But over the last year, HTTPS has been used more often by websites to keep communications and personal information transmission secure. Google is encouraging the use of HTTPS and releasing new updates frequently on their Google Chrome web browser.
Let’s analyze the recent Google reports to know the usage of HTTPS on Google Chrome.
As per Google’s recent progress reports, following growth has been identified in the HTTPS usage.
- Over 68% of Chrome traffic on both Android and Windows is now protected
- Over 78% of Chrome traffic on both Chrome OS and Mac is now protected
- 81 of the top 100 sites on the web use HTTPS by default.
HTTPS is now becoming a normal than an exception. In Google’s opinion, the users should expect that the web is safe by default and they should be warned if there is an issue.
What Changes has Google Chrome introduced?
Google is planning to remove Chrome’s positive security indicators so that the default unmarked state is secure. In order to encourage the site owners to switch toward the HTTPS, Google starts marking all HTTP pages as “Not Secure” from July 2018 (Chrome 68).
Google will roll this out over time, starting by removing the “Secure” wording and HTTPS scheme in September 2018 (Chrome 69). Eventually, in October 2018 (Chrome 70).
(Eventually, in Chrome 70)
Google will start showing the red “not secure” warning when users enter data on HTTP pages.
What should you do to switch your website to HTTPS?
To switch your website to HTTPS to avoid “Not Secure” Red padlock in Chrome, you should install SSL certificate for your website. You can purchase an SSL certificate from here
Actions after the installation of an SSL Certificate:
After installation of the SSL certificate, you should make some changes to avoid a bad impact on the website traffic or Google ranking.
Use Redirect Rules:
Redirect all HTTP requests to the HTTPS permanently (301 redirects) for your website by the redirect rules in web server. Please refer to this article.
Set HTTPS as a default protocol for your website:
In CMS and eCommerce based websites like WordPress, Joomla, Magento, Drupal, you need to set the default website URL with HTTPS. All content must be referenced via the HTTPS.
To add images, CSS stylesheet, etc. on your website, use Relative URLs for the internal data references in your code. But if you are using Absolute URLs, make sure that all of them are referenced by the HTTPS URLs only.
<img title=”Example Image” src=”web-images/ram_flat.png” alt=”Example Image” />
<img title=”Example Image” src=”https://www.example.com/web-images/ram_flat.png” alt=”Example Image” />
Update meta tags and all the links:
Ensure that all the canonical tags and hreflang tags are pointing to the correct HTTPS URLs
Update all the Internal links and other links you can control such as Social media profiles, to point directly to the HTTPS website.
Google is aiming to provide a safe browsing to the users and HTTPS is a secure way to avoid data manipulation or theft over the internet. Google’s remark is highly considered by most of the Internet users. So, you should update the website with SSL certificate and be ready when Google Chrome 70 rolls out.
Get SSL Certificate on your website before it is too late.