Google has just announced that as of October 2017 it will be penalizing websites that aren’t serving their site through HTTPS alongside a valid SSL certificate. The move comes as Google and other search engines push websites to start taking website safety seriously and protecting their customers better.
Google’s Webmaster Guidelines were created and have been amended over the years to give search marketers an idea about what search engines like and what they don’t. Search engines release warnings and pieces of advice around what they want to see from a good website. Then eventually they add these specifications into the ranking algorithm. We’ve seen this before with things like “Mobilegeddon”, as it was named in the industry). In this case, sites were warned to become mobile friendly before Google eventually released a mobile-first indexing system.
This time around, the update is centred around site security. As of October 1st, Google will start adding warnings to sites that aren’t secured by a valid SSL certificate.
What will the new Google SSL Update do?
From what we can understand ahead of the update, the Google Chrome browser will be displaying warnings on forms across unsecure websites. This will include enquiry forms, contact forms, email sign-ups and the likes. The message will warn users not to enter any sensitive information and brand it as “unsafe”. Currently, the only information we have comes from Google itself, in the form of its webmaster tools. Until the update is rolled out, we’re unsure if the message will be displayed in the URL bar, as a warning on the page itself or in a pop-up form.
My site isn’t HTTPS secure – what does this update mean for me?
If your site’s unsecure, it’s bad news. Not only will your rankings drop due to not conforming to a new part of Google algorithm, it will massively put off customers from buying from you. New customers or clients who visit your site will see the warning and be put off immediately. They’ll likely never return to your site and assume you’re unsafe to buy from. Returning customers who come to your site may think you’ve been hacked, or come to the conclusion that you don’t care enough to make your website secure. And, again, they’re likely to bounce off your site. As well as your brand getting a bad reputation by having an unsecure website, your SEO will suffer too. Google is planning on massively de-ranking sites that aren’t secure, the same way they did with non-responsive sites. The quicker you react, the less likely it is that your site will suffer at the hands of this update.
What can I do to stop these “unsafe” warnings?
Simply put – make your site secure. There’s no outwitting Google and other search engines. If you want to stop the warnings about security, you’re going to have to make the transition from HTTP to HTTPS and purchase a valid SSL certificate. “HTTP” stands for HyperText Transfer Protocol, and HTTPS is the same except the little “s” at the end stands for Secure. This works as a trust mark to both search engines and users to reassure them that inputting sensitive information on your site is safe.
There are multiple free SSL certificates available, but with the push on site security I’d look for one with a bit of promise behind it. Like everything in life, you get what you pay for. A lot of free SSL providers aren’t globally trusted certificate partners, and as such the certificates aren’t very well encrypted. There’s a much higher chance of your certificate being revoked if you use an untrusted partner.
Google is already assessing SSL providers into categories and judging your site based on the quality of your security. Whilst we’re unaware if this affects your rankings and site health score at this point, I can only see security becoming stricter and the quality of your security being brought into play. In short, if you want to get ahead of your competitors and stop yourselves being penalized by the new Google security update then get in touch with trusted web specialist such as us today.