Google Chrome and Recognizing HTTPS
Starting in this July, Google’s Chrome browser will show a warning on all HTTP sites designating these sites as not secure according to The Verge in its new Version 68. Currently, the browser signifies all sites that are HTTP as a neutral information, but starting in July it will provide an extra notification in the address bar. Furthermore, according to the verge Google has been inching users away from using insecure sites and they forcing customers to do so.
The Chrome team announced that 81 out of the Top 100 sites are using HTTPS secure encrypted sites. That means that there is still 19% of the top 100 sites that are not providing a secure experience when a user is visiting their website.
Why is it important to use HTTPS?
Internet privacy is the topic of the year when it comes to users logging in online and making sure that their browsing is secure. Over and over again users are hearing that their data and their information is not secure while they visited a website. HTTPS encryption protects the channel between the users and the website and makes sure that no middle man can enter the channel while they are visiting the website.
If a user has access to the ISP and the Router than they could have access to the user’s computer and implant malware or collect information according to The Verge. So ultimately this new forced HTTPS on Chrome could potentially be a positive thing for users to be able to browse securely on the Internet.
July is Coming Up!
If you are currently using an ecommerce solution or Internet Service Provider that does not offer HTTPS, you are going to have to migrate to an ecommerce service provider that provides the option to migrate over and change your HTTP sites over. Remember that if your customers come to your website starting July they will receive a warning signal. Switching over immediately is pretty vital for your customers to remain loyal and continue trusting using your service.
If your customers believe that they will no longer be able to trust that their information is secure when making a purchase with a credit card than they will be not complete a conversion. Furthermore, if Google is stigmatizing those sites with HTTP than they will not rank those websites as high in their rankings.
If your website is not ranked as high in the search process than you will receive less visitors on your website. Google in their announcement provided a program called Lighthouse to help users migrate over. For our existing SearchFit customers below we have the directions to migrate over your sites to secure HTTPS.
Migration
These are instructions to convert a SearchFit site from HTTP to HTTPS:
- Review active templates and CSS for hard coded calls to HTTP sources. This step can be done manually or by a SearchFit administrator can run a database review. This includes search templates, checkout templates, main templates, product templates, CSS, mobile templates, etc. This review looks for any internal or external hard coded calls to HTTP.
- Review active custom pages for hard coded calls to HTTP sources.
- There may also be a custom js or php script that calls HTTP that will trigger an error after the switch.
- At this point, all HTTP calls should be known and you can move forward changing http calls to HTTPS.
- Keep a copy of the HTTP version of the XML site-map saved somehow as a custom page. This will be sent to Google Search Console.
- Set up redirects. This can be used:
RewriteEngine on RewriteCond %{HTTP_HOST} !^www.yoursite.com [NC] RewriteRule ^(.*)$ https://www.yoursite.com%{REQUEST_URI} [R=301,L] RewriteCond %{SERVER_PORT} 80 RewriteRule ^(.*)$ https://www.yoursite.com/$1 [R=301,L] - You can rewrite and existing 301 redirects that point to HTTP to point to HTTPS.
- Change the destination paths in the User from HTTP to HTTPS.
- Generate the site in HTTPS.
- Set up a new site in Google Search Console for the HTTPS site.
- Send both XML site-map versions. The old version will still have HTTP URLs in it. The new version will have HTTPS URLs in it.
The final step is to contact SearchFit support to request that your config file be switched to HTTPS.
