How To Avoid the “Not Secure” Warning In Chrome Browsers

how to avoid not secure warning lock

If you woke up last Friday to a message in your inbox from Google Search Console warning that “Chrome will show security warnings on” your website, the first thing you need to know is don’t panic, but be ready to do some work.

We’ve received emails from our clients asking what this email is about and how it will affect them. Here’s what it all means.

What Does It Mean to Be “Not Secure”?

Websites are served up over a protocol called HTTP, which stands for “hypertext transfer protocol —this is a standard way your computer communicates with the website you’re viewing. A secure site uses a security certificate called SSL, which changes the URL to HTTPS. This added security basically protects your computer’s communications so that it’s harder for other people to listen in and figure out what you’re doing or get the information you’re sending online.

What Does “Chrome Will Show Security Warnings” Mean?

Here’s a screenshot of the email users received:

It gave the warning and then an example list of URLs on your site that would be affected by this change. Note that this change is set to occur in October 2017.

These “Not Secure” warnings are something Google has been telling users they would be moving toward for quite some time now. This next step in their process is focused on pages on which a user has to input information (e.g., forms pages).

Currently, Google shows an “information” button that must be clicked on for more details (which will tell the user they’re on a non-secure site):

Starting in Oct 2017 they plan to do something like this in the URL box:

Regular pages whose URLs begin with HTTP will be similar to the existing look (i.e., the simple “i” button), but any pages that have forms or require a user to input information will have the “Not Secure” message next to it. Additionally, all pages that are on HTTP will show the “Not Secure” message when viewed in incognito mode.

Eventually, Google plans to make a much more obvious warning that may look like this:

This Only Applies to Chrome Browsers

If a website visitor is using Firefox, Safari, or even Internet Explorer they won’t see this same exact message — other browsers display something similar warning a user they’re on a non secure site, but for the purpose of this update it only applies to Chrome browsers.

Keep in mind that Google’s Chrome browser is the king of the hill—it crushes its competition for market share. According to Net Market Share, which tracks and reports on statistics for internet technologies, Chrome is the browser of choice being used by ~60% of people on the internet. No other browser even comes close to competing with Chrome for user share:

How The “Not Secure” Warning Can Affect Your Site

One of the ways it could affect your sites is by raising users’ concerns about the non-secure nature of your site or forms. Anyone concerned about protecting their privacy and information online would likely be leery to input information on your forms. Additionally, a “not secure” warning could lead users to believe your site is hacked or, rightfully, view your site as vulnerable. Either way, user experience will likely be affected. Another way your site could be impacted is in its rankings—Google wants site owners to have a secure certificate and views HTTPS as a ranking factor.

How to Address This and What You Need to Be Aware Of

The only way to solve this issue is to get a security certificate via your hosting service and migrate your site from HTTP to HTTPS. At the very least, you should ensure any page that has forms for users to input information is served over an HTTPS connection.

Ideally, you would migrate your entire site to HTTPS and not just specific pages. it would make more sense to have a secure certificate for the entire site—but that also brings its own issues.

Some of the most important things to be aware of when you decide to migrate to HTTPS are:

  • There is a cost associated with purchasing an SSL certificate. Although it’s usually fairly inexpensive, it is an additional cost added on to the hosting of your site.
  • When you change from HTTP to HTTPS you are making all new URLs. Google treats this as a site move. That means you could see traffic and rankings decline as Google crawls your site and reindexes the new pages.
  • You could end up with a lot of broken links. Because HTTP to HTTPS is a completely new URL, any links (internal and external) need to be properly 301 redirected to their corresponding new HTTPS URLs. These 301 redirects should be put in place as server-side redirects.
  • You may lose data from Google Search Console. If you don’t add the HTTPS property to your Search Console you will lose data. Search Console also treats HTTPS as a separate entity, and the data is not shared in Search Console.

Ultimately, it’s our opinion that it’s in your and your users’ best interest for your site to have a secure certificate and be served over HTTPS. And it’s better to be ready now and work through any potential issues rather than scrambling to get things fixed when Google rolls out its changes.

Brian Valentin

Brian Valentin

Brian helps DAGMAR clients drive traffic to their websites with SEO and link development. He's an experienced SEO strategist, blogger and writer.
Brian Valentin
Brian Valentin

Brian helps DAGMAR clients drive traffic to their websites with SEO and link development. He's an experienced SEO strategist, blogger and writer.

Related Posts

Comments (2)

  1. Filip Zafirovski
    Sep 27, 2017

    Nice piece Brian, loving it.

    I want to ask you.

    What do you think, how will this affect the franchise business’ that have been preforming SEO?

    Kind regards,

  2. […] you launch your site, you want to use a secure certificate. Google will be providing warnings on all sites in Chrome that do not have a secure certificate (i.e., have HTTPS:// in their domain). So you will want to make sure your site is using SSL which […]

Leave a Comment

Your email address will not be published.