Google To Punish HTTP Web Sites

We all understand that HTTPS site are “secure” and HTTP sites are not.  Google has been urging web site owners and managers to covert their plain HTTP sites to HTTPS for several years now, as part of an industry wide plan to use encryption in more places.  Coming by July 18 of this year, Google’s browser Chrome version 68 will be flagging HTTP sites as “not secure.”  If this is you, you can expect to see a drop in page rank and search results, and possibly a drop in site traffic as a result.

This effort has resulted in significant change already.  81 of the top 100 websites use HTTPS, and, depending on the platform, between 65% and 75% of Chrome traffic is using HTTPS already.

If you are one of the laggards, you might want to get the conversion scheduled.  It is not as difficult as you might think, and if you use Let’s Encrypt, the price for the certificate will be free.

Most of the large hosting companies that offer the popular and inexpensive shared hosting platforms do offer security certificates for your website, at prices that range from free to $75.00 per year.  So there is not a lot of incentive to avoid moving to HTTPS.  We converted our site over a year ago, and it was quick and painless.  We recommend that you go and do likewise.

More information:



About the Author:

Cybersecurity analyst, pen-tester, trainer, and speaker. Serving small business owners in the St Paul, Minneapolis, and western Wisconsin area since 2001. Cybersecurity and hacking have been a passion of mine since I entered the computer and networking business in 2000. I hold several cybersecurity certifications including Certified Information Systems Security Professional (CISSP), Certified Advanced Security Pratitioner (CASP), and Certified Ethical Hacker (CEH). Other computer industry certifications include A+, Network+ and Microsoft Certified System Engineer (MCSE). As Cybersecurity Analyst at The WyzCo Group, I help our clients experience high levels of security on their computers, networks, and websites. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. We also provide Cybersecurity Awareness Training for clients and their employees. I am a frequent speakers at cybersecurity conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference, the (ISC)2 World Congress, and the ISSA International Conference, and many local community organizations, Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2008.
  Related Posts

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.