With the release of Chrome 68, Google started displaying a not secure warning for HTTP pages. You’ve probably seen this warning already.
Since January 2017, Google has been working on making Chrome safer for its users. The warning tag first applies to all HTTP pages that contained password or credit card fields. Later on, the following pages also started seeing the not Secure warning on HTTP pages:
- You interact with any input field.
- The page contains a password field.
- You are browsing in Chrome’s incognito mode.
If any of these conditions is met, the page gets the warning badge.
For online store owners, it reads like that: If your website or some of its pages run on HTTP, your customers will see the warning. This might make them feel doubtful about making a purchase. Remember that Chrome remains the most popular browser, so a lot of your customers can see the badge.
Will my website get the not secure Chrome badge?
Open Google Chrome and enter your website URL address. If you see the secure badge, you’re fine. That means your website runs on HTTPS, and all data that your website sends to the server and back is encrypted, i.e secure. You’re fine.
If you see http:// (without s) in your site address and do not see the secure badge — you are affected. Continue reading to find out how to react.
Does Ecwid work on HTTPS? Is it enough?
Your Ecwid store is protected in a number of ways:
- All store pages run on an HTTPS connection. Store data is transferred using an encrypted protocol.
- Ecwid doesn’t store credit card information itself. Instead, it’s integrated with reliable payment gateways.
- Ecwid is PCI DSS certified. It is the gold standard for
e-commercesolutions worldwide. Large banks have a certificate of the same level.
However, if you’ve installed Ecwid on your website that runs on HTTP, the not secure badge will still appear. It happens because the browser sees your site as an HTTP
With the new rules getting stricter, we recommend you to switch to HTTPS as soon as possible, particularly as it’s more affordable than ever before.
How do I avoid the not secure Chrome badge on my website?
To make your website look and work securely, you need it to run on HTTPS. Depending on the type of website, you can do it several ways.
Ecwid Instant Site: The entire website is already on HTTPS. You’re fine, no action is required.
Sitebuilders like Wix, Weebly, Squarespace: Enable your SSL certificate in the settings. You can refer to the sitebuilder documentation or support to find out how.
- Create a free account at Cloudflare and switch your site to HTTPS easily, or
- Buy and install an SSL certificate to your site manually. Learn more →
More resources on HTTPS
Earlier on the blog, we published a detailed blog post about HTTPS. It covers:
- How exactly HTTP and HTTPS work
- What types of SSL certificates exist and what the difference is between a $60 certificate and a free one
- Other benefits of HTTPS
Even if you don’t have a tech mind, this guide will make sense. 😌
Read the post here: How to Use HTTPS Protocol and SSL Certificates to Protect Your Online Store
Do you want to learn more about cyber security for ecommerce?
- The State of Ecommerce Payment Security
- How to Use HTTPS Protocol and SSL Certificates to Protect Your Online Store
- 8 Steps to Protect Your Store Against Cyber Threats
- Your connection to this site is not
secure-What Does It Mean? How to Fix It?
- Ecommerce Fraud: How to Protect Your Store From Online Shopping Scams