How To Fix the HTTPS “Not Secure” Message in Chrome

Fix the HTTPS Not Secure Message

Over the past few months, you’ve probably noticed that more websites are labeled as “Not Secure”. Last October, Google’s Chrome browser began labeling websites that have not yet switched from HTTP to HTTPS with this message.

HTTPS is the industry standard for encrypting data on the web. HTTPS offers an added layer of protection and is considered the best way to prevent unauthorized access of sensitive information. Using HTTPS ensures that your website visitor’s information is being sent across the web in a more secure manner. If you’re dealing with monetary transactions, HTTPS is a must.

Increasing Security on the Web

This change is part of a larger effort by Google to create a safer web. Last January, Google began using “Not Secure” notifications for HTTP websites that collected passwords or credit card information.

Google’s latest upgrade includes a “Not Secure” message when using Incognito mode or when inputting data on an HTTP website. This warning appears at the top of the webpage, immediately to the left of the web address.

This update is part of Google’s release of Chrome v.62. It is intended to prevent users from gaining access to sensitive information. However, even HTTP websites without security issues will be affected by this change.

How Chrome v.62 Affects Your Business

Google’s update creates a lot of problems for businesses. When visitors see that a website is not secure, they are less likely to stick around. This can lead to the loss of potential customers and revenue. In addition, losing traffic to your website can hurt your search engine rankings.

Google has stated that it gives HTTPS websites a ranking advantage in its search algorithm. Websites are being rewarded for implementing HTTPS site wide. The company plans to one day show the “Not Secure” notification on all HTTP websites.

Some Examples Of Sensitive Data That Should Be Encrypted:

  • Contact form data: name, address, e-mail, phone, etc.
  • Login data: username, passwords, and e-mail addresses.
  • Payment information: credit card numbers, banking information.
  • All website form data.
  • Customer documents.

Transitioning Your Website to HTTPS

Businesses looking to avoid customer loss and improve search engine rankings will need to transition from an HTTP to an HTTPS domain. This is the only way to fix the “Not Secure” notification. The process of switching to HTTPS is complicated and time-consuming. Inadequate execution can have a negative effect on existing search engine rankings.

The HTTP to HTTPS Transition Process

At a high-level these are the steps most websites need to take to implement HTTPS.

  1. Backup website. Whenever you make changes to your website, it’s always worthwhile to run a full back-up.
  2. Purchase an SSL certificate. You can get an SSL from your domain registrar (GoDaddy, Network Solutions, etc.)
  3. Install the SSL certificate on your website’s hosting account.
  4. Activate the SSL certificate.
  5. Make sure that any embedded website links are changed from http://www.yourdomain.com  to https://www.yourdomain.com so they are not broken after you changer over to https.
  6. CDN (Optional): Ensure your CDN supports SSL as well.
  7. Set up 301 redirects from HTTP to HTTPS so that search engines are notified that your site’s addresses have changed and so that anyone who has bookmarked a page on your site is automatically redirected to the https address after you flip the switch. No one likes clicking on dead pages in the search results.
  8. Update robots.txt file
  9. SEO: Update Google Search Console, Google Analytics and submit XML Sitemaps

Conversion Pipeline understands the complex challenges faced by businesses today. We are well prepared to help you make the switch to HTTPS. This frees up your time so that you can focus on other important aspects of your business. It also protects your search engine rankings, builds trust and credibility with your visitors. Please contact us to learn more.

Michael Delpierre