Starting in October of this year, the Google Chrome browser (62) will be showing your visitors a “NOT SECURE” warning, when users try to enter any text into a form on your website that isn’t protected by an SSL certificate.
How do I know? Because email warnings started going out this week directly from Google Search Console to website owners, and they look like this…
Will you Be Affected?
It’s easy to figure out… When you look at your website, does the address bar show http:// or does it show https:// ?
If you type in https:// before your domain name, does the site still load fine? If not, then yes, you’ll be affected, and so will your visitors.
Is SSL Even Necessary? Is Anyone Really Being Protected?
That’s really a moot point, isn’t it? If Google Chrome is going to start warning people off your site, then Firefox and other browsers won’t be too far behind. If people are going to see warnings telling them that your site is insecure, then you bet it’s necessary! Here’s what Google says about SSL
What Should You Do?
The only “solution” is to get a security certificate installed on your website, and to do it before October. Depending upon your webhost, this process might be simple, but it also might not, so you should begin the process right now.
Contact Your Web Developer
Most web designers have known this day is coming for a long time, and should have a quick answer for you as to how much it might cost, and how long it might take them. Contact them now though, so they can complete the job before their warnings begin.
Contact Your Web Host
If you maintain your own site, and you don’t have a developer, you should give your web host a call on the phone. Different hosts have different implementation options and prices. Depending on their own infrastructure, some web hosts might help you enable SSL over the phone with one of several Free SSL providers. Others will have a complicated process that can cost a few hundred dollars. Either way, you need to find out now, so you can either implement SSL on your current host, or move your site before October.
Do it Yourself
If you’re the DIY type, you should know that it’s easy – really easy – to set this up if you know exactly what you’re doing. As long as you have an email address in that domain, even in the most complicated hosting environments, you can do it yourself in under an hour once you know the steps.
- Generate an SSL request from your current web host.
- Use one of many SSL providers to obtain the certificate.
- Install the SSL Certificate at your web host.
- Make the necessary changes to your website.
If that doesn’t sound too intimidating, then good for you. If you have an hour or more to spend working it out, then I’d urge you to take action today.
Use Cloudflare SSL For Free
If that DOES sound intimidating, AND you use WordPress, AND have access to your domain registrar, there’s a very easy way you can do it in just a few minutes. It’s with a free service called CloudFlare, and these are the steps.
- Get a free Cloudflare account.
- Install the Cloudflare Flexible SSL plugin.
- Change your Name Servers at your domain registrar.
- Use the Better Search replace plugin to change the database
Rather than go through all the steps, here’s a 5 minute video…
Change to a Web Host Offering Included & Installed SSL
The last option, and maybe the easiest, is to actually move your website onto another web host that offers free SSL included with your hosting account. There are quite a few, including InMotion*, Bluehost* and my personal favorite, WP Engine*.
Now is The Time to Get Secure
This move is *not* a surprise, and we’ve known for years that this was coming. Google even announced their intention way back in 2014. Now, that time has arrived, and you MUST take action. You simply can’t wait any longer.