Google To Punish HTTP Web Sites

We all understand that HTTPS site are “secure” and HTTP sites are not.  Google has been urging web site owners and managers to covert their plain HTTP sites to HTTPS for several years now, as part of an industry wide plan to use encryption in more places.  Coming by July 18 of this year, Google’s browser Chrome version 68 will be flagging HTTP sites as “not secure.”  If this is you, you can expect to see a drop in page rank and search results, and possibly a drop in site traffic as a result.

This effort has resulted in significant change already.  81 of the top 100 websites use HTTPS, and, depending on the platform, between 65% and 75% of Chrome traffic is using HTTPS already.

If you are one of the laggards, you might want to get the conversion scheduled.  It is not as difficult as you might think, and if you use Let’s Encrypt, the price for the certificate will be free.

Most of the large hosting companies that offer the popular and inexpensive shared hosting platforms do offer security certificates for your website, at prices that range from free to $75.00 per year.  So there is not a lot of incentive to avoid moving to HTTPS.  We converted our site over a year ago, and it was quick and painless.  We recommend that you go and do likewise.

More information:



About the Author:

Cybersecurity guru to business owners in the St Paul, Minneapolis, and western Wisconsin area. Computer security and hacking have been a passion of mine since I entered the computer and networking business in 2000. In 2013 I completed a course of study and certification exam to become a Certified Ethical Hacker (CEH). In 2016 I was certified as a Certified Information Systems Security Professional (CISSP). As Cybersecurity Analyst at The WyzCo Group, I help our clients experience high levels of computer security, network security, and web site security. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also provide Cybersecurity Awareness Training for clients and their employees. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. The views expressed on this Web site are mine alone and do not necessarily represent the views of my employer.
  Related Posts

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.