Is your website marked as ‘Not Secure’? This is what to do about it.

MarketingWebsite Design

In this article we explain why you are receiving the “Not Secure” error when browsing a site via Chrome and Firefox, what it means to you as a site owner and what you need to do to in order to secure your site.

Since the beginning of this year Google Chrome has started identifying and calling out sites that contain an unencrypted connection as “Not Secure” within the URL bar. According to WIRED this move has flipped the convention of how Chrome displays the security status of sites in its head. Previously, secure sites that used HTTPS would feature a green lock before the URL with the word “Secure” and HTTP sites had a small information icon which stipulated that “Your connection to this site is not secure – You should not enter any sensitive information on this site (for example, passwords, credit cards), because it could be stolen by attackers.” with the wording “Not Secure”.

This particular warning is definitely worth paying attention to seeing as any information, especially sensitive information can be “hijacked” by an attacker (otherwise known as a hacker). This is an important securirty risk to keep in mind as digital hacking is on the rise; The “Master Deeds” incident as reported by TimesLIVE in late 2017 exposed more than 30 million South African Identity numbers, names, ages, gender, ethnicity, home ownership, contact information and in some cases their estimated income, directorship and employer information. Earlier in the same year there was a hack of Ster-Kinekor’s website, which put more than 6 million accounts at risk, Business Day reported. Not to forget the Facebook/Cambridge Analytica data scandal which compromised 96,000 South African users. Other issues that arise when using HTTP encryption include lack of privacy, trust and occasionally penalties on SEO.

When coming to HTTPS sites however, you are being protected as an end-user and site owner as the HTTPS protocol protects the connection between you and the site, regardless of the content. Sites that are HTTPS encrypted not only protect your privacy, but they also protect your sensitive information by acting as a protective wall between you and the rest of the world. At Cognite, we have also found added benefits to having an HTTPS encrypted connection which include the fact that browsers and search bots favour HTTPS sites, benefiting the site owner through SEO.

We noted that with older websites, site owners are not armed with the information required to migrate their website over to this secure platform thus suffering under the pressure added on by Google and Google Chrome.

Thus, bringing us to the denouement of this article, as site owners you need to contact your service provider as you will require a security certificate that allows you to activate the HTTPS option for your site. Some hosting providers offer this certificate free of charge as part of your hosting packages, however others require payment for the certificate.

Once your hosting company has activated the security certificate you’ll need to jump into the nitty-gritty work that can make or break your site. You’ll need to force your site to display the HTTPS connection by redirecting all the URLS within the site to the new connection by the use of 301 redirects. Your service provider might be able to assist you with this particular step but you may need to request assistance from your website designer / developer if you’re not exactly tech-savvy.

The next step is getting the website verified by Google, you can do this through the Google Console platform by adding a new property with the site URL and request Google to crawl the site which tests to see if a Googlebot can access and scan your pages.

This process does impact the website’s traffic readings temporarily as it’s being migrated across to a more secure connection. The good news though is once the website has been transferred over then you will no longer receive the error that’s plagued you for some time.

It is in your best interest as a website owner to embrace the migration towards HTTPS encryption. You are not only securing your site and its visitors, but you will also be improving your ranking on google, no matter what browser people are using to visit your site. Get in touch today to see how Cognite can help you and keep you a step ahead of your competitors.