Now it’s here – Google will warn all unencrypted web pages starting with http in the Chrome browser that they are not secure. Website owners should switch to a secure https connection. Unlike a few years ago, it is now easy and free.

From October, Google Chrome will start labeling all web pages that have not yet switched to secure encrypted data exchange, or HTTPS, as insecure sites.

Then why is Google so resolute?

The reason is simple. All information transmitted over HTTP, or an unsecured connection, can be intercepted on the Internet. In addition to filled-in web forms, where users’ personal data can be leaked, passwords are also sent publicly in the same way when an unsecured website asks for them.

So why hasn’t everyone switched to this secure HTTPS anyway?

Indeed, why? Apparently, the reasons are historical.

First, an encrypted connection requires additional resources from servers and computers for encryption and decryption. It used to slow down all secure connections.

Now you don’t have to worry about that anymore – the servers and computers are all fast and powerful enough that there shouldn’t be any performance problem with a secure connection.

Secondly, the necessary security certificates were expensive. They had to be purchased and renewed from the relevant authorities.

This concern has been resolved by now, because Veebimajutus.ee customers can turn on HTTPS on their website for free.

Third – It required complex setup and tweaking of the home page.

The obstacle has also been removed by now – it’s not complicated, you just need to turn on the security from the self-service and review the homepage so that everything works with the new security. If the website is made correctly, there should be no problems.

If you look around the web today, almost three-quarters of the web pages you visit already have an https, or secure connection, shows Google statistics on the use of Chrome browsers. The magical 50 percent mark was crossed a little more than a year ago. In the future, this percentage must move closer to 100 at an accelerated pace, driven by Google. The search engine rewards secure pages with a higher position in the search results.

Of course, other services should not be forgotten. All email traffic must also be encrypted. To do this, you need to configure your incoming and outgoing mail servers to exchange data securely with SSL or TLS.

How does Web Hosting HTTPS work at no extra cost?

This is done using the free service Let’s Encrypt, which issues free security certificates. Since 2016, an average of 50 million security certificates are issued per day, so the number of unsecured web pages is rapidly decreasing.

We have already blogged about how to get secure HTTPS working on your website in Web hosting self-service, but it is worth reminding you once again. Four simple steps are enough:

  • Order a free Let’s Encrypt SSL certificate from the “SSL certificate” submenu in self-service;
  • Once the certificate has been issued and installed (it takes about 5 minutes), you should set the homepage redirection HTTP -> to the HTTPS protocol – this ensures that all website visitors use the secure HTTPS protocol;
  • Check that all parts of the website work correctly;
  • On the “Domain Redirect” page, under “Redirect Type Custom Setting”, set persistent HTTPS redirection.

    • Source:https://www.veebimajutus.ee/blogi/google-http-hoiatus