For the past several years, Google has been pushing site security to webmasters. HTTPS has been an organic ranking signal since at least 2014. When browsing on an HTTP website, instead of HTTPS, a third-party can insert ads that aren’t on the original webpage, inject cryptocurrency mining software (here is a popular example of this recently), or redirect you to a different site in order to steal your username and password.
HTTP Not Secure Warning
Starting July 24th, along with the launch of Google Chrome 68, Chrome will display “Not Secure” on the left of the address bar for non-secure, HTTP sites. This is like how they’ve been displaying “Secure” for HTTPS site. Here is an example Google gave in their preview of the update back in February:
What You Need to Know
It’s time to move your HTTP site to HTTPS, if you haven’t done so already. Doing so will serve as a safety measure that can protect your website from attacks and give your website visitors confidence that your site is authentic and trustworthy. To get started on the process, read our post about migrating your site from HTTP to HTTPS here.
Google Chrome Not Secure Warning Examples
Below are a few live examples of the Google Chrome 68 Not Secure warning:
ESPN Not Secure Warning:
BBC Not Secure Warning:
IGN Not Secure Warning:
FedEx Not Secure Warning: