In a post today on the Google Security Blog, the Google team announced that beginning in January 2017 the Google Chrome browser will start showing a security error on all unsecured websites. This is a pretty huge deal…
What exactly does that mean? Let me break it down for you.
Why should you secure your website?
An unsecured website transmits data over the web that can be intercepted and “read” by the interceptor. Take your username and password, for example. If a hacker were savvy enough to hack a site like, say, amazon.com. And if amazon.com were using an unsecured website (they don’t, their site is very very secure), millions of passwords could be intercepted and hijacked every day. This is possible because, on an unsecured website, the data is basically being transmitted in plain text. Here’s a graphic to help understand this concept:
At any given moment a malicious hacker could potentially grab the text out right out of the air and wreak havoc.
When you secure your website, you change all of the transmissions from plain to encrypted text. The updated graphic for a secured site might look like this:
Google really loves a secured website
A while back, Google made it clear that having a secured website would help increase the ranking position of your website. Here’s the post where they explain it all. So not only are you going to be making your (and your user’s) data more secure, you also derive a ranking benefit. Win win? I’d say so.
How do you know if your website is secured?
It’s relatively easy to know if your website is secured or not. A secured website will have a couple of obvious features, starting with the URL.
If your URL has https:// in front of the domain name, you are in luck. Your website is already secured!
If your website is missing the “s” on http:// then you will likely need to setup an SSL certificate.
You can also look for the little green lock symbol next to your domain name, just like this website has:
How much does it cost to secure a website?
If you consider yourself a pretty nerdy fellow, you’re in luck. Using sites like letsencrypt.org, you can get your site secured for a few hours of time and a whopping zero dollars. There are some caveats, a major one being that you have to renew your security certificate every 90 days. This can be done manually, or if you’re slick you can setup a cron job to renew the security certificate automatically for you.
Other than that, prices can go up to $300 for a wildcard certificate, and you may have to pay a developer to set it up for you.
What is a wildcard certificate?
If you use more than one subdomain on your site, and you want to secure them all, you’ll need a wildcard certificate.
Can securing your website negatively impact your search engine rankings?
You have to be really careful when setting up your security certificate. You are essentially moving your site to a new domain, and when that happens all of your old backlinks will break UNLESS you have proper redirects in place. It’s a bit much to explain in this post, but when you take the plunge, make sure this is taken into consideration.
Other than the possibility of losing backlink juice, your site should only have a positive reaction in the search engines.
When should you secure your website?
You need to secure your website right away! There is no time like the present, so look into adding this feature to your website as soon as possible. And of course, if you need help with the process, we’re here for you!