Late in 2016, while most people were in a mental state of Holiday Mode, Google quietly published a heads up to web creators on its security blog that it was going to start forcing the security issue with websites.
The #1 topic we web creators talk about with each other is the latest hack attempt, the malware trying to attack websites of every size, and what tactics we’re finding useful to protect our clients’ web properties. In short: Web security rules the day.
See, you likely hear/read stories from big news media sources about big hacks and attacks. Target® gets hacked. The DNC gets hacked. Yahoo® gets hacked.
But what is not reported are the hundreds of thousands of small – much smaller – websites that also get attacked day after day, every day.
This is not new. Over on DanCrask.com there’s a post about Brand Shepherd’s 2012 misery, where our website was subject to a server-level attack. We lost all of our SEO equity from that attack because, at the time, search engines labeled us as a “potentially harmful” website. The kicker was that the vulnerability was with our hosting provider, so even when our website was locked down tight, the bad guys had a back door we did not have access to.
So what does this mean to Google?
Google believes encrypted websites are safer websites. After all, encryption is the requirement for all eCommerce transactions, and it’s done through a Secure Sockets Layer or SSL.
You know what this is already. It’s the little green lock symbol you see on your favorite store’s website. In some browsers, it says “secure” or may just use the lock icon. It means that everything going on within that website is secure through SSL.
We are practitioners of our own guidance.
Perhaps you’ve even noticed that when you copy and paste a link from a secure website, there’s a small change to the web address. It includes the letter “s” at the beginning: “https://“ This added “s” means the website is secure.
Google is now forcing the issue.
In a recent update to their Chrome browser, Google now tells people when they are on a non-secure website with a startling “Not Secure” label located right before the web address (URL).
This is going to spook a lot of people as Chrome automatically updates to its latest release! Your customers and clients are going to see “Not Secure” next to your website if it lacks SSL, and they may get so spooked they may even close the window. Who wants to be on a website that’s “not secure”?
The new normal: Get SSL on your website. Now.
Here’s the info and sales part. SSL is relatively easy to install. Most hosting providers have a 1-click installation process, and some leaders in the hosting industry are even including SSL for free with all of their hosting packages.
What they might not tell you, though, is that by adding that little “s” in your URL, it actually makes every page, photo, video, post, product, button, etc. on your website have a new location to search engines.
There is a fair amount of back-end work needed to reconfigure the location of assets on your website so that visitors and search engines alike see the secure versions, and not the non-secure versions.
After all, why spend the money and time on SSL if Jane Doe still gets “Not Secure” on a product page or blog post?
Brand Shepherd can help. We can implement SSL on your website, plus take care of the back end assets too.
And did we mention that search engines have factored SSL into SEO for years? It’s true. Now that SSL is being forced as a standard thing, websites that don’t use it should expect to see lower SERP rankings.
Contact us right now so we can assess what shape your website is in, and what we need to do to get SSL implemented for you. Security, SEO, and good user experiences are demanding that this happen sooner than later. Let’s talk.