As of 2 weeks ago, GOOGLE CHROME 56 has begun rolling out across the entire internet; on Windows, Mac and Linux.The latest version of the world’s most used browser brings with it a number of new security features. One of these “security features” may pose a serious threat to your website.
If you are not using the HTTPS protocol (also known as SSL), the new security feature may confuse your website visitors (and surprise you if you’re not expecting it). Any site that is not running HTTPS will have a message appear in the location bar of their browser that says “Not Secure” on pages that collect passwords or credit cards.
It’s A Bigger Problem Than Just Passwords and Credit Cards
“So what”, you say? You don’t collect passwords or credit cards on your website (or on most of the pages of your website)? This still applies to you! Read on.
Reason #1 to Pay Attention
You site actually MAY be set-up to collect secure data even without your knowledge. Many websites have an option to “turn on” user accounts, secure logins, etc. Even in the “turned off” mode, Google Chrome MAY flag your page/site. If so, this may cause your website visitors to mistakenly believe there is some sort of security risk on your website when they see this warning.
Reason #2 to Pay Attention
This is just one more step in a staged rollout which will eventually label ALL non-HTTPS pages as “Not Secure”. Google has not announced a date for this yet … but it is coming.
A Special Warning to WordPress Site Owners
Many wordpress sites use a variety of plug-in which may be running code in the background that will trigger this behavior – whether you are collecting secure information or not. At this time, there is no way to “fix” this issue in WordPress and, if history can be our guide for how and when this will be resolved … it’s going to be a problem for quite some time. This, essentially may force the hand of all Worpress site owners to purchase SSL certificates or be flagged as Not Secure.
So What Is The Solution?
It may be time for all businesses and organizations to launch an encrypted SSL certificate to protect your website and your website visitors. DotCom, of course, will be happy to get this set-up for you. Pricing is somewhat variable as there are often promotions on SSL certificates which can save you on set-up fees and/or annual costs. Additionally, depending on the configuration of your website, some recoding of the site MAY be required. It is best to contact us to get a quote for your specific situation.