Google is increasingly proving that it is consistently moving towards marginalising sites that are not secured with SSL certificates. Since the I/O conference in 2014, the giant has been pursuing a strategy that aims to "encrypt the entire internet". This is about nothing less than increasing the security of the web and its users.

Emily Schechter, who is responsible for the security of the Chrome browser, wrote on her blog something like this: "Users should feel that the web is secure by default and that they will be warned of potential problems if necessary. The moment we start marking all HTTP sites as unsecure, we will have taken a big step towards security." And this is what is slowly becoming a reality.

What does an SSL certificate offer?

First of all secures the communication between the web browser and the serverThe security of the website you are currently browsing is ensured by a web browser. This security, in simple terms, consists in encrypting data sent e.g. via enquiry forms, contact forms, login forms, registration, ordering, etc... If the website is not secured with an SSL certificate, any data we send, e.g. via forms, flies in the net in open text, which means that they can be "overheard" and used.

Google aims to keep the number of such sites as low as possible. Some time ago there was information about better positioning by the search engine of sites which use the mentioned certificate. It partly brought an effect to the more aware owners of websites who care about the highest possible positions, but not enough. Google, taking advantage of the huge popularity of its Chrome browser, decided - and rightly so - that they would be more likely to convince site owners to secure their sites if very specific messages appeared in the browser warning them that the site was or was not properly secured.

If you now glance at the address bar in your browser you will see a message that my blog page is Safe:


However, if you open any page that does not have an SSL certificate this information looks like this:


You have a clear message that the page you are currently on is an Unsecured page, and this can create negative associations in many people, and your image and business will suffer if the page is of this nature. This message already appears in the latest versions of the browser. But it does not stop there. The browser in version 70, which is scheduled for release in October 2018 will show us an even more striking message than the one we can currently see. The message about the unsecured website will change to a red background and an exclamation mark will appear next to it. This form of presentation will probably not escape the attention of any visitor to an unsecured site. Perhaps it will look like this:

unprotected page - chrome 70

Nothing to add.

What does this practically mean for you and your website?

Nothing else but the need to invest in an SSL certificate. Otherwise Instead of attracting customers, your website will drive them awayAnd investments in, for example, Google Ads campaigns, SEO or other marketing activities will generate much lower conversion rates. In other words, you will be burning through your budget. Buying an SSL certificate is not a big expense. 59 PLN net per year or even 100 PLN net per year is not an amount that is not worth spending in order not to lose potential customers for the whole 12 months. Some hosting accounts As those recommended by me have in standard a certificate at no extra charge (RED and PURPLE plans) to other plans you can activate a certificate for the mentioned 59 PLN net per year.

Until recently, people for whom I created websites very often told me that they do not need a certificate, that their site is small and certainly (from their point of view) no one will break into it "because what for". Sometimes it is hard to convince the interlocutor that the purpose of hacking is not only to make a mess on the site, or extract valuable data from it. Usually the one who breaks in uses the hosting account "quietly" to attack other, perhaps more greedy morsels on the web. This often goes on for months without the slightest suspicion from the owner of the attacked site. However, we tend to prefer not to spend anything on our own website, so if we hear that we still need to buy a certificate, we often consider it an unnecessary expense, and some even think that operators and certificate providers want to extract money from them for nothing. In the case of website security and your own business, including its reputation, such thinking is unlikely to generate anything good.

I'm sure that all those who today ignore the need to purchase an SSL certificate, when they see a red alert on their site or worse learn about it from their own customers, will immediately invest in an SSL. Do not overlook the topic. If you have any questions, write.


See also

HTTP headers

HTTP and WordPress security headers

Using WordPress security headers, is one of the many safeguards you can support your site with. What many people appreciate about them is that they help

Free information on JZS news

I invite you to become a subscriber! Thousands of readers already subscribe to news from JZS.

You can unsubscribe at any time. Your address is safe here.

Featured LifeTime Offers!

WooFunnels ltd

Sales funnel builder for WooCommerce and automation processes in one.

PayForm lifetime offer

Generate quick payment forms. You can increase your conversions with this tool!


Create your own online course platform using the Courseware plugin

One Comment

  1. I used to have a certificate and then didn't renew it, but I guess I'll have to revisit the subject. The only thing that scares me is the installation, because I remember that it was not easy.

Leave a Reply

Your email address will not be published. Required fields are marked *