WARNING! Your website is “Not Secure”

January 17, 2017

This is a very quick blog post but an important one.  A few minutes ago I got this delivered in my inbox:

What's Going On?

Well, the information above is from WordFence, the security plugin. They really know what they're talking about, so it's a trusted source with trusted advice.

For a while now, Google have asked that people requesting any information has what's known as an SSL certificate. I actually wrote about this about 7 hours ago in my earlier blog post, before I had this information and it now looks like the clock is ticking on websites that don't secure themselves.

What's happening is that Google is placing the message "Not Secure" in their Chrome browser if you have not secured your site with an SSL certificate and you direct a user to a page with a 'password' field or 'payment information' field.

The certificates have been used for years to make sure users are secure when they are shopping online. You'll probably know it best as the little padlock that appears on browsers when you're shopping.

Until recently, non-shopping sites really didn't need them as there was little interaction between the user and the website, with most sites being brochures for the businesses involved. But, with the increasing collection of personal information, those barriers are breaking down.

What does this mean for me?

If you have a website that people can log in to, you need to make sure it has an SSL certificate. If you are collecting payment information, you need to make sure you have an SSL certificate. If you are requesting a password for any other reason, you need to make sure you have an SSL certificate.

My personal feeling is that every site now really should have an SSL installed so that you are future proofing your site from any ramping-up of this practice.

Must I, really?

Well, it's up to you. I'm really talking about best practices here but I would recommend it to anybody having a new site done because it can all be done as part of the process.

Isn't it expensive?

No... It used to be but recently Let's Encrypt has come along, offering free SSL certificates. These certificates are also supported by CPanel, Plesk and increasingly the third party hosting environments. It should be relatively cheap and stress free.

In Conclusion

The clock is ticking on this a little faster than I first thought it would be in my other article today.

Taking the bull by the horns now is worth while, even if you don't currently have those facilities on your website because it makes sure you're secure for the future. It won't hurt you doing this either way and it will make your visitors more secure.

Most importantly, talk with your web designer. They will have a much better idea of your setup and can advice further but don't wait until it's too late!

Sign-Up To Receive News & Special Offers 

Mailchimp Signup
You're signing up to receive news about digital marketing from me. I will also send out information about products if I think there is something you would be interested in, or a special deal. Full disclosure, those emails will have my affiliate links in but I promise all products will be properly vetted. You'll be able to unsubscribe at any time using the link in each email. Check out my privacy policy for more information.

Steve Mellor