The “NOT SECURE” warning will appear in Chrome for sites collecting any data from viewers or visiting the site via an incognito widow.
This will affect every site owner who collects emails via optins and all contact forms!
Google told us about this new penalty in April 2017, and they just announced that it will become effective as of October 2017.
More Penalties Coming
This is the second such Chrome penalty within a year.
The first was a February deadline for any sites collecting passwords, such as member site logins, and even admins logging in to their sites.
And this won’t be the last such penalty, nor the strongest measures Chrome will take to force site owners to get serious about converting their sites to HTTPS.
Why Free HTTPS Conversion is a Super Bad Idea
Some hosts offer HTTPS conversion for free. You’ll be sorry if you do that!!!
Free HTTPS is the duct tape / chicken wire method.
You’ll pay for it later, twice.
All you get are a couple of links changed and everything else is forced to comply by hoodoo.
Every single site element is redirected, not converted!!!!
Worse, some folks use plugins to do the forcing.
Ever had a plugin break or stop being supported? Right! Don’t do it.
If free HTTPS conversion worked,
I would have done it for my own sites and those of my clients!
Need more reasons? I’ve got the 10 top ones for you!
Get a Real Conversion
The short list on what it takes to be HTTPS for real
- Database actually converted in a WordPress-aware way
- A real green padlock – meaning browsers aren’t hiding egregious offenders
- Mixed media actually fixed, not swept along or redirected
- Full security headers
- Proper updates to Google Analytics and Search Console – no loss of tracking or SEO
- Acceptance on Chrome safe site preload list (that all other browsers copy)
Google already STRONGLY suggests that you get the HSTS security header on your HTTPS site.
(There are actually 7 security headers, and you bet more and more will be required over time, but only 3 are supported at this time across all browsers.)
Google is going to keep beating the drum on this HTTPS stuff.
And they are not alone. Every site security related entity is backing them up and bring reinforcements.
Get Your Site Converted to HTTPS
I stay booked with HTTPS and other site service requests.
Previous site audit clients will be given top priority.
BlogAid News subscribers will be given next priority. (Be sure to tell me you’re a subscriber in your HTTPS request)
October is right around the corner. Get on my schedule now. I have a team of webmasters to help with the flood of request, just know they are going to get booked solid too. So don’t wait.
Is Your Site Ready for the Coming Changes?
I’m so proud of the smart site owners who have been heeding my advice for the past year to get all of the foundation upgrades completed.
Their sites are running faster, safer, and they are making more money.
Site foundation upgrades include:
- Site audit for security and performance – Google is beating the drum on this too!!
- Switch to PHP 7 – plugins and themes are going to start breaking if you don’t upgrade
- HTTPS conversion – more penalties are coming
Most importantly, they are not sweating the new Google penalties or worrying about plugins breaking!
They’re breathing easy because all of this is off their plates and they are ready.
HTTPS is no longer an option.
Get it done right and be done with it. No gotchas later.
Want to Learn Real HTTPS Conversion?
See Level 3 of the Webmaster Training courses.
Learn how to fully convert sites to HTTPS the right way.