What are these Google HTTP Security Warnings?

If your website is on HTTP, you will be receiving warning notifications from Google Search Console of the imminent security warnings which will be shown against your website in Chrome 62.

Read this post to find out the information on the warnings, what triggers them, how it will impact your website and users, and, importantly, what you can do about migrating to HTTPS.

Contact me for help migrating your site from HTTP to HTTPS. I have helped many clients successfully migrate to HTTPS for the last 5 years.

#SEO #HTTPS #GoogleSearchConsole #WebsiteSecurity #GoogleChrome


Google Sending HTTP Warnings As Of Now

Summary:

  • Google is now sending out notifications of the Chrome “NOT SECURE” warning, which will start showing in Chrome 62 in October 2017.
  • The warnings are  in the Messages section of your Google Search Console dashboard.
  • The warnings are also being emailed to the owners of the property listed in Google Search Console.
  • It appears that the warning is triggered if you have an HTTP property listed in GSC, and there is no HTTPS version listed in the console. If the HTTP version is not listed, but does exist, you may not get a warning.
  • I discussed this in The Week In Search May 5th 2017, and in The State of SEO Mid-2017.
  • See the warning notification beneath, and the schema for how Chrome will treat HTTP pages in Incognito and outside of Incognito.
  • Being HTTP only does not demote rankings yet. But it is possible that at some point in the future, it will.

 

Google Search Console Chrome HTTP Warning

Example Google Search Console HTTP Warning

 

Google Chrome Not Secure Warnings

What HTTP warnings will Google Chrome show?

Actions to take:

  1. It is now critical to change to HTTPS and 301 redirect from the HTTP version to the HTTPS version.
  2. Migrating to HTTPS is not difficult, but it can be very easy to make silly mistakes and lose rankings, especially if you do not have a sensible SEO Migration methodology in place.
  3. Google views this more as a protocol change, so all value stored in the original HTTP URL is transferred to the HTTPS URL, providing the migration is done correctly.
  4. Don’t wait until Chrome 62 rolls out and users start being warned that your site is Not Secure.
  5. Contact me for help migrating your site from HTTP to HTTPS. I have been helping clients successfully migrate to HTTPS for the last 5 years.

Discussion:

Having a Not Secure warning against your URL in the world’s most popular browser is not a good thing. It affects the user experience, it erodes trust in your website and services and affects your brand.

Google has long advised websites to be on HTTPS, but even before that, it was a good thing to have your website on the secure version of HTTP. I did my first big corporate migration to https in 2012, and even that was after a number of other big sites had gone down that route.

I should note that https does not “secure” the backend of your website. It establishes a secure transport layer between the user’s browser and your webserver, so that intermediaries on the traffic route cannot read what is being sent and “sniff” data which may be sensitive. In terms of the new “forms” requirement, sensitive data could be your name, email address, postal address, phone number, password, credit card details etc.

Time to go HTTPS, eh?

More info:

Return to Top


The State of SEO Mid-2017 Released

The State of SEO Mid 2017

We recently released the super-exciting The State of SEO in mid-2017. Read it now.

Return to Top


TL;DR

Thanks for reading. If you would like to discuss what these changes mean for your web property, or would like to know how to implement them, please feel free to contact me.

Return to Top