Why is my Website “Not Secure”?

secure-website-Minneapolis-SSL.jpg

If you are browsing the internet or have your own website, you might have noticed that Chrome has started warning you when a website is “not secure.” After your brief flurry of panic, you see that you can still access the site and not much has changed. So, why is does it say the website is not secure? What does it mean? How can I make my website secure? Keep reading to have all of your questions answered.

What does secure and not secure mean?

Since 2014, Google has been looking into security for the websites listed in their searches. Testing out security started to change in 2016 with a new update to differentiate between sites that were deemed “not secure” (labeled as http://) and sites that were deemed “secure” (labeled as https://). This security update was designed to warn customers about their connection to an insecure website. Secure websites authenticate the information you give them by using codes and encryptions, making it close to impossible for hackers to intercept and decipher the information. Websites that are not secure either are not known to use encryptions, or don’t use them at all, making it easier for someone to steal the information you give to that website.

What do http and https mean?

At the very beginning of a URL, or the link assigned to your website or the one you’re visiting, it will either have “http” or “https” before the link information. The first, http, stands for Hypertext Transfer Protocol. It basically allows communication from your device to a database holding the website information. Websites that start with “www,” which stands for world wide web, are usually under this first hypertext, but now Chrome and other browsers will let you know for sure by saying that it is not secure. The second, https, stands for Hypertext Transfer Protocol Secure. This means that the website you are visiting is certified to be secure through an application process and tests done by Google administrators. When your website is verified, you will receive an SSL, Secure Sockets Layer, to secure your website. The SSL is a protocol that uses two keys to encrypt and secure information between the website viewer and the website host. You can secure a website by obtaining an SSL certificate through your hosting company.

How will “not secure” effect my website views?

In recent surveys, website visitors have become skeptical of websites labeled as “not secure.” They often lose trust in the website, therefore lowering website views. Trust is an important connection between the provider, your website, and the consumer. We recommend you secure your website, especially if you want to build that trust with website visitors. Other perks to a secured website are higher rankings in search engines and increased credibility to your website!

Minneapolis-website-security-SSL.jpg

How can I secure my website?

Securing your website ranges from easy to painful. If your hosting company can provide and install the SSL certificate for you, you’re golden (sometimes). However, non-secure embedded content can create errors. Also, some certificates have been blacklisted by browsers because of past issues.

Here at One Wheel Marketing, your SSL certificate comes standard with every Squarespace website design. SSL stands for Secure Sockets Layer, which creates a secure bond between your website server and the viewer’s computer.

There are three main types of SSL certificates including organization validation, domain validation, and extended validation. The best certificate depends on your type of website. Domain validation certificates are for pages that are connected to a domain registry, like WordPress. Organization validation certificates are investigated before granting to validate information about legitimate business information. It validates large organizations and businesses and the information about them. Extended validation is the most secure certificate a business or organization can get. They are used for many online shopping websites to provide secure transactions. Search engines do not show which SSL certificate the website has, but providing that information could build even more trust between you and your viewers.

Is there a way to make it more secure?

Yes, there is! Another layer to add on to SSL is HSTS, which stands for HTTP Strict Transport Security. HSTS adds to SSL by taking the browser only to the secured version of your website. If a customer has visited your website before, it will automatically direct them back to your website when they type in your URL. This way, if anyone tries to copy your website with the same URL, just unsecured, your customer won’t fall into the trap set up by the hacker. They will be automatically redirected to your secured site they’ve been on before. Squarespace offers this feature to any website with an SSL certificate with them.

Whether you’re just making a website or want to build consumer trust, securing your website has many benefits and builds credibility. If you are ready to secure your website, we’re ready to help. We know websites and want to help you build your best website ever.