All HTTP Sites Will Be Marked Non-Secure on October 27
Posted Oct 6, 2017 by Matt Kuritsyn, Ecwid Team

All HTTP Sites Will Be Marked Non-Secure on October 27  Here’s What You Should Do

On October 27, a new version of the Chrome browser will be introduced. Google warns that they’ll further develop the “not secure” warning for HTTP pages. You’ve probably seen this warning already.

Since January 2017, Google has been working on making Chrome safer for its users. The warning tag already applies to all HTTP pages that contain password or credit card fields. Now more pages will be affected.

In the new version, you’ll also see the “not Secure” warning on HTTP pages when:

  • You interact with any input field.
  • The page contains a password field.
  • You are browsing in Chrome’s incognito mode.

If any of these conditions is met, the page will get the warning badge.

For online store owners, it reads like that: If your website or some of its pages run on HTTP, your customers will see the warning. This might make them feel doubtful about making a purchase. Remember that Chrome remains the most popular browser, so a lot of your customers can see the badge.

Will my website get the “not secure” Chrome badge?

Open Google Chrome and enter your website URL address. If you see the “secure” badge, you’re fine. That means your website runs on HTTPS, and all data that your website sends to the server and back is encrypted, i.e secure. You’re fine.

If you see http:// (without “s”) in your site address and do not see the “secure” badge — you are affected. Continue reading to find out how to react.

Does Ecwid work on HTTPS? Is it enough?

Your Ecwid store is protected in a number of ways:

  • All store pages run on an HTTPS connection. Store data is transferred using an encrypted protocol.
  • Ecwid doesn’t store credit card information itself. Instead, it’s integrated with reliable payment gateways.
  • Ecwid is PCI DSS certified. It is the gold standard for e-commerce solutions worldwide. Large banks have a certificate of the same level.

Ecwid works on HTTPS

However, if you’ve installed Ecwid on your website that runs on HTTP, the “not secure” badge will still appear. It happens because the browser sees your site as an HTTP non-secure site, even though the customer data is processed via HTTPS.

With the new rules getting stricter, we recommend you to switch to HTTPS as soon as possible, particularly as it’s more affordable than ever before.

How do I avoid the “not secure” Chrome badge on my website?

To make your website look and work securely, you need it to run on HTTPS. Depending on the type of website, you can do it several ways.

Ecwid Instant Site: The entire website is already on HTTPS. You’re fine, no action is required.

Sitebuilders like Wix, Weebly, Squarespace: Enable your SSL certificate in the settings. You can refer to the sitebuilder documentation or support to find out how.

Self-hosted websites (WordPress, Joomla, or custom-built website on your own server). You have two options:

More resources on HTTPS

Earlier on the blog, we published a detailed blog post about HTTPS. It covers:

  • How exactly HTTP and HTTPS work
  • What types of SSL certificates exist and what the difference is between a $60 certificate and a free one
  • Other benefits of HTTPS

Even if you don’t have a tech mind, this guide will make sense. 😌

Read the post here: HTTPS: How to Increase Search Engines’ and People’s Trust

About the author
Matt is a product manager at Ecwid. He works with the Ecwid dev team and helps them shipping the right features for Ecwid merchants. Outside of work, Matt likes travelling and climbing the mountains.
We use cookies and similar technologies to remember your preferences, measure effectiveness of our campaigns, and analyze depersonalized data to improve performance of our site. By choosing «Accept», you consent to the use of cookies.