Google recently began contacting website owners directly through Search Console (formerly Google’s Webmaster Tools) with a somewhat cryptic message about Google Chrome security warnings and SSL Certificates.
Several of our clients who received these notices have reached out to ask us if they really are necessary and worth the cost.
The short answer to that question is yes, and we are urging all of our clients who do not already have a valid SSL certificate to acquire one this summer.
Initially intended for e-commerce sites which collect customer payment information over the web, SSL (Secure Socket Layer) has evolved to be a validation that your site is not only secure, but legitimate and safe for visitors to interact with. Since 2014 Google has stated that they will give a slight ranking ‘bump’ to websites with a valid SSL certificate. (HTTPS vs. HTTP)
Below is the actual email you might receive from Google. They are thoughtful enough to include a sample of specific URL’s on your website that will be impacted by this change in October.
The majority of our clients make use of a 3rd party to collect and process hotel booking and payment information, and those services would already have a top-level SSL certificate in place, as required by the credit card companies.
However, it’s still important to install at least a basic SSL certificate on your own website. In addition to the SEO value, it’s a sign of trust and will continue to grow in importance as data security increasingly becomes a global concern. Google has stated that come October all forms on your website will display a “Not Secure” warning in Chrome if you do not have SSL. That will include contact and RFP forms.
There are different levels of encryption available, but unless you are directly collecting credit card information on your website there is no reason to purchase a high-level certificate. Many web hosts provide an entry-level certificate free, or for a small annual fee. I recommend checking with them first to see what they offer, but be careful of being ‘over-sold’.
When it comes to installation and migration of your website over to HTTPS it’s important that it’s done correctly. A misstep here could render elements or sections of your site inaccessible, and could even have a negative impact on your SEO. We recommend leaving this to either your web host, developer, or experts such as Wallop.
To learn more about SSL is and how it functions, there is a very detailed Wikipedia article on the subject.