HTTP "Site Not Secure" Labeling and Ranking Impact- Continued

As reported last year with the roll out of Chrome 62, Google was expected to ramp up their negative ranking impact on non-HTTPS websites, and expected to include some degree of "not secure" labeling of these sites that haven't yet had the data-encrypting SSL security installed (indicated by HTTPS). Most likely, these two impacts are integral, such that if the labeling is severe enough, it has Google's intended impact on bouncing traffic and therefore the site ranking, or Google might additionally just add the ranking impact to their algorithms for directly applying a ranking 'penalty' the site. Whatever their approach ... it's coming from Google's emphasis on improving browsing security, just as they have focused on mobile responsiveness and mobile speed, increasing ranking factor intensity for both.

And as we can expect from Google, we can't quite know exactly what to expect from Google, but as they announce a transition, we can expect .... something ... either suddenly or gradually. In this case, the "non-secure" impact has been gradual, and appears to quickly be ramping up.

Beginning last Fall with the roll-out of Chrome 62, you may have noticed, if you haven't migrated to HTTPS with an SSL security certificate (not just on your commerce/shopping pages, but your whole site), you have an "i" applied to your URL in the Chrome browser. This is the subtly ominous absence of the "lock" symbol we have become accustomed to equating with safe browsing.

Have you clicked on that little "i"? If you (or your visitors) do, you'll see the beginning of Google's transition to "not secure" labeling ... a message of caution that the site has not been secured with SSL for safe, data-encrypted browsing. Is this a Google search ranking impact? Yes ... to the degree that is causes cautiously bouncing traffic.

And now? you may have noticed on an infrequent basis (with the screen capture at right actually taken October 2017, but increasingly in 2018), some bold pop ups dramatically announcing that your connection "is not private" upon entering this non-HTTPS site. Because these warnings have not yet been completely consistent across all non-secure sites with every visit, you may have thought it was a virus or fake-news pop-up, etc. It's likely part of the transition, starting to prep internet users for a more consistent "not private", "not secure" message for every non-HTTPS site.

What next? "Not Secure" is expected to be much more prominent in Chrome Browser this July.

What do you do about it?

1. If you don't have HTTPS in front of your website address, check with your host. You may already have an SSL certificate included in your hosting package, but it's not turned on. This is very common. If it's included, ask your host and/or web master if they can apply the certificate and complete your HTTPS transition.
2. If your host or web master doesn't know how to complete an HTTPS transition (after applying SSL certificate), search the service, and let me know if you need help. HTTPS migration includes changing some admin settings in your site, and some redirects (from HTTP to HTTPS), as well as re-submitting a sitemap to search engines, and few other tweaks for assurance.
3. If you need both an SSL certificate and the HTTPS migration, search your options for SSL (not provided in your host agreement), and again let me know if you need any assistance, input, or would like a quote on an HTTPS migration package.

As with most major algorithm and browsing-experience changes from Google Chrome, the HTTPS migration is a reflection of growth and changes in the global experience of internet use ... such as previously the rapid migration to mobile browsing, the following demand for fast mobile browsing, and now the increased sensitivity to safe browsing with "fake news" and harmful sites becoming increasingly "normal" and "safe" looking.