The knowledgebase is a categorized collection of answers to frequently asked questions (FAQ) and articles. You can read articles in this category or select a subcategory that you are interested in.
No: your registrar, host, or web designer hasn't let you down. No, your website didn't suddenly become some massive security risk (it is what it has been, and it very well could be a risk already if it's not with us, we can't be sure). No, there isn't some massive flaw that's going to cost $$$$ to fix. No, Google didn't join the dark side.
You wake up one day after July 24th, 2018 to frantic phone calls about "I wanted to go to your site, but something's wrong!" or "OMG, you're hacked!". It's NOT the web apocalypse. It's not time to jump ship on whomever you have services with. Here's the lowdown, there are basically 2 types of websites HTTP and HTTPS. The "S" stands for "secured". A purchased SSL certificate installed for your URL makes it secured. If you have a website that handles money, accepts input of ANY private information - you should already be running as HTTPS, shame on you if you're not!
There are plenty of websites out there that are just content only, and as long as they are coded and configured properly, there's actually not any need for an SSL certificate installed (Yes, we said it, but not everyone will agree!). But isn't a secured site better/preferred/less-of-a-risk? ABSOLUTELY! But for someone who is posting vacation photos or writing about every meal they eat - from a solid authoring platform, SSL hasn't been a necessity. Until now...
Any site, SSL or not, can be compromised if poorly authored. What to do from here depends on how you want to portray yourself to visitors. The general public probably won't understand that your NOT SECURE website is fine to visit. Are you confident that visitors are willing to ignore, or that they understand what the NOT SECURE means? Do you want your visitors to see that you readily took available measures to value their security?
So what happened? For some time now, Google has ranked HTTPS higher than HTTP sites, so there have already been advantages to having an SSL certificate. Should the internet be made more secure without hindering the share of information? Well yes.
July 24th, 2018 Google released an update to it's Chrome browser that among other things, shows a "NOT SECURE" notice to the left of a HTTP URL instead of the usual "i" inside of a circle. That's it, earth shattering wasn't it?
Google's stance on the matter is that it will encourage a more secure internet - any they're not wrong! In the long game, it's actually a move to your benefit. For many, an optional SSL certificate purchase will now be considered a nominal cost-of-doing-business.
There will be web companies that call folks saying "We saw you are unsecure, your web company failed you, pay us and we'll fix all your problems." It's very likely that whomever you are already with can sell you and install an SSL certificate for your domain. If you operate with subdomains, that will hit your pocketbook a little more. Is your current web provider going to make a fortune selling SSL certificates? Well, the honest ones won't. However if you feel your provider is treating your lack of an SSL certificate as a cash grab, it doesn't take much Googling to see how their prices line up, you have the power to keep them honest, or to go elsewhere.
Depending on your hosting platform, SSL certificate installation may not be for the faint of heart, so know that there may be costs involved for the installation by your provider. Also SSL certificates do not get "renewed", new ones have to be purchased and installed before old ones expire, and then the old ones uninstalled. So that cost of certificate and installation will come every term, annually or whatever term purchased.
Are SSL secured HTTPS websites better than HTTP ones? Yes. Is a secured site less likely to become compromised? You betcha. Should you get an SSL certificate? Probably. Will other browser vendors follow suit and modify their "notices"? VERY likely. Now that you know what's up, and also know that the most of your visitor base may not understand the NOT SECURE warning, will you get an SSL certificate for your domain? That's entirely up to you.
Contact your Dollar A Day Websites & Marketing independent sales representative, or visit https://dollaradaysites.net to see how our offerings can be a fit for you.
We are a no-contract company, we have to earn your business on a monthly basis.
The names Google & Chrome are the property of Google, Inc. used for educational purposes.
EDIT: Google had originally planned to also make the Chrome NOT SECURE notification in red, but at the moment, they decided not to do that - yet.