Google reminded website owners that, starting in October 2017, non-HTTPS pages with any kind of fields, like contact forms or search boxes, will display a “Not Secure” warning in the address bar of Google Chrome. This will be warning visitors of HTTP websites that any sensitive information they enter on that site could be stolen by attackers, like in this example from DVWA (Damn Vulnerable Web Application), a website created solely for learning purposes:

Non-secure HTTP website (without an SSL)

Eventually, all pages without an SSL will show the “Not Secure” warning. In order to make an HTTP website secure, you need to switch to HTTPS, by activating an SSL certificate.

 

What is an SSL certificate?

SSL (Secure Sockets Layer) certificates are small data files that establish an encrypted connection between a browser and a web server. They activate the HTTPS protocol and the padlock icon, telling visitors that the website is secure, and so they enhance customer trust and increase the SEO rank.

Secure HTTPS website (with SSL)

 

Where can you get an SSL certificate?

I will focus here specifically on websites created with Squarespace and WordPress, since this is my specialty.

Squarespace website owners – good news! Any Squarespace plan includes an SSL certificate, and here is how to activate it:

  1. Go to Settings -> Website -> Security & SSL:

2. Choose the Secure (Preferred) option:

3. Save and that’s it! Your website is now secure and will display the HTTPS and padlock in Google Chrome browser.

WordPress website owners need to buy an SSL certificate from the hosting company (I use GoDaddy), who will install it on your website but they will not redirect from HTTP to HTTPS unless and you pay them an extra fee. You can also do the redirecting the geeky way (I did that :)), which is modifying the code in the .htaccess file. Maybe other hosting companies offer an easier way to activate the SSL, so it’s always a good idea to check with their customer support first.

Is your website secure before Google’s October deadline? Do you have more questions or technical issues with the SSL? Let me know in the comments and I can help!

 

 

Reader Interactions

Leave a Reply