Google’s HTTP Security Warnings are Coming in October – Here’s What You Need to Know

12 Sep 2017

There’s nothing quite like a security warning to stop a user from putting their payment information into your website, is there?

But if your website is not using SSL across the whole site (not just the check out process) then that might be about to happen to you.

Back in April this year, Google announced that it would start to show security warnings on Chrome from October 2017 when a user visits an unsecure URL with any sort of form or input field on it – not just password or credit card fields as is currently the case.

Which sites will be affected?

Google intends to show users a warning when they’re:

  • Using Chrome
  • On a non-SSL url (one that starts with http as opposed to https) with any sort of form
  • On any http URL in incognito mode (regardless of whether it has an input field)

A ‘form’ even includes a search box. It’s basically anything at all where users would put data in.

In other words, if the homepage, category pages or product pages on your website are not on https URLs and you have a contact form, search form or something similar on the page, users casually browsing will be told by Google that their data isn’t safe on your site.

And before long, Google confirmed that these warnings will show for all users of Chrome, even outside of incognito mode, on all http URLs:

“Eventually, we plan to show the “Not secure” warning for all HTTP pages, even outside Incognito mode. We will publish updates as we approach future releases, but don’t wait to get started moving to HTTPS!”

In other words, if you’re not using https URLs all the way across your site, then a portion of your users are going to be advised not to enter sensitive information in the near future.

What will the warnings look like?

Google’s post suggests the warnings are going to look like this:

ssl warnings chrome october 2017

What will this do sales on your website?

The percentage of users on Chrome varies site to site. But for any user on Chrome, if they go to type anything into a search field, they’re essentially going to be told that their data is not secure.

While we don’t have any data as yet about the impact that will have on sales on e commerce websites, you need only ask yourself:

Would you put your credit card details into a site you were told is not safe?

No. Us neither.

Search Console Warnings

If you’re a Google Search Console user, you may already have had warnings through the platform like these:

https url warnings chrome october google

If you use Search Console, check inside your messages to see whether you have one. If you don’t use the platform, then it’s well worth signing up for information about how Google is seeing your website.

How do I make the switch?

Assuming you’re running your online shop with a hosted provider, you’ll need to speak to them. Some providers are charging fairly significant fees for the switch.

As this is an absolutely essential security measure, we don’t charge any extra!

SSL as Standard on Shopblocks

We include SSL as standard on all of our packages.

You won’t be charged any extra for https URLs. It’s an essential security measure to protect the data of your customers and as such, we think it should be completely standard across the board.

Time to make the switch?

If you’re struggling getting your ecommerce website on https, perhaps it’s time to make the switch! Sign up with Shopblocks and your site will be entirely https on launch with no extra charges.

Latest from the blog

View all news »