All HTTP Sites Will Be Marked
Non-Secure on October 27 — Here’s What You Should Do
On October 27, a new version of the Chrome browser will be introduced. Google warns that they’ll further develop the not secure warning for HTTP pages. You’ve probably seen this warning already.
Since January 2017, Google has been working on making Chrome safer for its users. The warning tag already applies to all HTTP pages that contain password or credit card fields. Now more pages will be affected.
In the new version, you’ll also see the not Secure warning on HTTP pages when:
- You interact with any input field.
- The page contains a password field.
- You are browsing in Chrome’s incognito mode.
If any of these conditions is met, the page will get the warning badge.
For online store owners, it reads like that: If your website or some of its pages run on HTTP, your customers will see the warning. This might make them feel doubtful about making a purchase. Remember that Chrome remains the most popular browser, so a lot of your customers can see the badge.
Will my website get the not secure Chrome badge?
Open Google Chrome and enter your website URL address. If you see the secure badge, you’re fine. That means your website runs on HTTPS, and all data that your website sends to the server and back is encrypted, i.e secure. You’re fine.
If you see http:// (without s) in your site address and do not see the secure badge — you are affected. Continue reading to find out how to react.
Does Ecwid work on HTTPS? Is it enough?
Your Ecwid store is protected in a number of ways:
- All store pages run on an HTTPS connection. Store data is transferred using an encrypted protocol.
- Ecwid doesn’t store credit card information itself. Instead, it’s integrated with reliable payment gateways.
- Ecwid is PCI DSS certified. It is the gold standard for
e-commercesolutions worldwide. Large banks have a certificate of the same level.
However, if you’ve installed Ecwid on your website that runs on HTTP, the not secure badge will still appear. It happens because the browser sees your site as an HTTP
With the new rules getting stricter, we recommend you to switch to HTTPS as soon as possible, particularly as it’s more affordable than ever before.
How do I avoid the not secure Chrome badge on my website?
To make your website look and work securely, you need it to run on HTTPS. Depending on the type of website, you can do it several ways.
Ecwid Starter Site: The entire website is already on HTTPS. You’re fine, no action is required.
Sitebuilders like Wix, Weebly, Squarespace: Enable your SSL certificate in the settings. You can refer to the sitebuilder documentation or support to find out how.
- Create a free account at Cloudflare and switch your site to HTTPS easily, or
- Buy and install an SSL certificate to your site manually. Learn more →
More resources on HTTPS
Earlier on the blog, we published a detailed blog post about HTTPS. It covers:
- How exactly HTTP and HTTPS work
- What types of SSL certificates exist and what the difference is between a $60 certificate and a free one
- Other benefits of HTTPS
Even if you don’t have a tech mind, this guide will make sense. 😌
Read the post here: HTTPS: How to Increase Search Engines’ and People’s Trust