HTTP is Becoming a Thing of the Past

Google Chrome to mark all HTTP pages "Not Secure" starting July 24th

The web browsers want the entire internet encrypted immediately. And they're using a number of initiatives to accomplish that. Back in February of 2016, when this push began, just 3% of the internet was encrypted (per a Netcraft report). Today, Google measures encrypted traffic at around 80%. That's serious progress, but still a long way from complete encryption.

So hurry, starting July 24th, 2018 Google Chrome will show a "Not Secure" warning on all HTTP webpages.

Secure Your Site Now

HTTP is Becoming
Gray Browserbar

Encrypt every website with SSL/TLS

The browser community is not messing around when it comes to its push for universal encryption. Though the browsers originally started by incentivizing HTTPS, today they are actively penalizing websites that are still served via HTTP.

Early in 2017 Google began warning users when websites had insecure login fields. Then in October, the warning expanded to any insecure text field. In July, Google Chrome will mark all HTTP webpages as not secure. Later in 2018, Google plans to make the Not Secure warnings more forceful, as they push for all websites to switch to HTTPS.

Secure Your Site Now


Warnings for any non-HTTPS site—Coming July 24th

The most aggressive step to encourage all sites to encrypt is actively warning visitors when they visit a web page that doesn't have SSL/TLS configured. The goal of this initiative is to clearly display to users that HTTP provides no data security whatsoever. If you don't hurry up and add SSL, Google is going to interrupt your customers just to tell them you're not secure.

Google boosts ranking

Boost SEO Rankings with SSL/TLS

Google actively ranks websites with encryption higher than websites without it. Back in late 2014, Google announced SSL would be a ranking signal and the power of that signal has only grown since then. This is just one of the benefits of SSL.

Think about it. Search engines want to send their users to the best possible result. So if one result is more secure than another, it's going to rank higher. Encrypting your communication is just good security hygiene.

Secure Your Site Now

Chrome makes features only available via HTTPS

Google Chrome is also only deploying certain popular and powerful features to sites with SSL/TLS. One of these features is Geolocation. With version 50 and beyond, Chrome will no longer support obtaining a user's location on HTTP sites. Another popular feature is device motion & orientation, so if you want your site to respond accordingly, you must install an SSL certificate.

Chrome features

HTTP/2 traffic only being served over HTTPS

HTTP/2, the first major revision of the HTTP protocol since 1997 has recently been ratified by the Internet Engineering Task Force (IETF). Currently, HTTP/2 represents about 18% of global traffic and will continue to rise exponentially. We're talking better speed, better performance. It's like going from a propeller to a jet engine. But, browsers will only be serving HTTP/2 over sites with SSL. This is yet another sign that the future of the internet is fully-encrypted.

Gmail marking emails

Gmail marking emails that are sent from non-secure mail servers

Per Netcraft, 82% of mail servers are not using a publicly trusted SSL certificate. In response to this, Google has started flagging emails originating from unsecured mail servers.

Once a mail server has an SSL certificate installed on it, Gmail recipients will be told that the email they open was delivered from an encrypted source, along with a link to learn more if they are unfamiliar.

Eye Towards the Future

The time to encrypt is now!

The internet is moving towards universal encryption. SSL is no longer just for businesses, it's a requirement for every website. It's a new web standard. While this is ultimately a good thing for the entire Internet and the SSL/TLS industry, hosting companies and other IT service providers need to be pro-active and move fast to ensure all of their customers are using SSL/TLS before these browser changes are fully rolled out.

Secure Your Site Now

Web Security Made Simple.

Subscribe Now