HTTP websites are soon to be marked as non-secure

Blog | 06 Feb, 2017

Google has already started marketing all websites that collect log in or payment information that aren’t yet in HTTPS as non-secure.

It all started last September when Google formerly announced:

"Beginning in January 2017 (Chrome 56), we’ll mark HTTP pages that collect passwords or credit cards as non-secure, as part of a long-term plan to mark all HTTP sites as non-secure."                                       

It will impact Firefox as well as Chrome and will negatively affect your SEO if you meet the below criteria, but haven't yet become SSL Certified

What does this mean?

In Google’s wording, “Websites use certificates to assert to users that they are legitimate, so browsers need to be able to check whether the certificate that you’re being presented is valid and appropriately issued.” Makes sense.

The roll out will consist of things like Chrome alerting your website visitors to security concerns in more and more obvious ways over time to encourage HTTPS adoption.

In short, that if your site is not SSL Certified and it should be you will be penalised by user behaviour (lack of trust) and that will start affecting your SERP ranking. 

Some people may overlook this as it doesn’t appear to have a direct impact on SEO from the outset, because at first glance it will affect signals like site engagement, bounce rate, and time on site. 

However, SEO Manager, Josh Salvage doesn’t mince his words in issuing a stark warning to marketers, eCommerce managers and webmasters about its long term impact: 

“If you are in the group that need to, and have not yet updated to a secure HTTPS site, expect less site engagement, lower click through rates and conversions - which in turn will lead to a drop in organic rankings and lower revenue. This is not one to ignore."    

Who will it affect?                      
Below are the four types of HTTP pages that will be affected by these browser updates:

  • HTTP pages that collect payment info (warning for Chrome only)
  • HTTP pages with dropdown or embedded login information
  • HTTP pages with JavaScript pop-up modals for login or something similar
  • Dedicated login pages that are not on HTTPS

Want to learn more?

Here are some useful articles.

Moving towards a more secure web

Enabling HTTPS on Your Servers

Chrome & Firefox Updated Security Alerts for HTTP Pages

Please enter a valid Name.
Please enter a valid email address.
Please enter a valid Phone.
Please enter a valid Company Name.
  • Select Service
  • Analytics
  • Brand
  • Consultancy
  • Conversion Rate Optimization
  • Display
  • DoubleClick Partnership
  • Email
  • PPC
  • SEO
  • Social
  • UX
  • Video
  • Websites
  • All Services
By providing your email address you are allowing Jellyfish to send you email communications in accordance with our Privacy Policy and Terms and Conditions