Is your website content secure?
The latest release of Google Chrome includes a feature which may give users a warning when they visit a web page that it deems not secure.
But first, some definitions to put this in context.
HTTP is the protocol over which data is sent between your browser and the website that you are on.
HTTPS is the secure version of that protocol that guarantees the communication between your browser and the website you’re on is encrypted.
A website needs to have an SSL certificate installed on its server to activate the https protocol. An SSL certificate is a small data file that binds the domain name of a website to the organisation with a cryptographic key.
Look for the green padlock in the browser bar, next to the website address.
OK. So, what are these warnings about then?
Chrome already gives a security warning for HTTP pages with password or credit card fields. Since the release of Chrome 62 it will now show the warning when users enter data on any HTTP page, and on all HTTP pages visited in Incognito mode.
Here’s what a security warning will look like for a user:
In response to this, we’ve been examining all our client sites and making appropriate updates to ensure content is secure and users are not affected.
Eventually Chrome will mark any HTTP pages as insecure so now is the time to get your website checked, updated and all functioning on HTTPS.
If you’ve got a website with a form on it, we recommend getting your whole site scanned for insecure content and implement recommended updates as good housekeeping.
You’ll be amazed what can be uncovered with a scan, not just old http pages but lurking 404s, untidy old redirects and more. It’s a great opportunity to give your website a through health check and clean up.