After all the times we’ve talked about HTTPS and Google in the past few months, I hope you’re all at least moving toward converting your own site to HTTPS. I know of quite a few people who have kept most of their websites the same, but converted their pages that include credit card transactions, passwords and the like. We thought that would be fine. After all, there are no red warnings showing up, so it should be safe, right? However, we’ve found something disturbing.
Chrome 56 is out right now, but I’m using Chrome 57, which is in beta. On it, you can go and see the red warnings when you come upon a site that isn’t secure. A big red ‘Not Secure’ will appear in the URL box if the site isn’t HTTPS compatible.
I did some searching around and found some surprising results. The US Army site was secure, as you’d hoped it would be, but the sites for the US Strategic Command, its Air Force and Navy all still show as not secure, as does the US Congress.
We’re in a similar spot here in Australia. Banks such as Suncorp, Bendigo Bank and Bankwest are not secure, as is the Australian Signals Directorate, plus our Royal Navy and Air Force.
Right now Google is showing some half measures in grey tags on some of the sites that have some of the pages secured, but there’s only one place Google can go from here. It’s going to go straight to marking every site with a red warning if any of its pages aren’t secure.
The bottom line? Even if you have a non-transactional site, it’s time to switch it over to HTTPS as all non-HTTPS pages will be targeted by Google in the future.
Google never gives schedule dates but is apparently planning to do it within the year, at the very latest.
This article was originally published on stewartmedia.com.au
Jim Stewart is a leading expert in search engine optimisation. His business StewArt Media has worked with clients including Mars, M2 and the City of Melbourne.