adNET Academy Blog

URGENT! Google Chrome “HTTPS By Default D-Day” Is Today! (July 24, 2018)

Written by Ryan Howarter | Jul 24, 2018 8:37:00 AM

Why the big hubbub over HTTPS?…

Because from now on, users who visit HTTP sites will be hit with a BIG WARNING from Google. This will happen to anyone using Google Chrome version 68.

Google warns that you should have been protecting your websites with HTTPS for a while now. And this isn’t just for confidential communications. You need HTTPS on all your sites.

Why?…

HTTPS Prevents Intruders And Security Vulnerabilities

You certainly don’t want people (criminals or otherwise) tampering with the communications between your site and your users’ browsers. These intruders can be hackers or legitimate companies like Internet Service Providers (ISPs) that inject ads into your web pages. Did you know that some of these advertisements can block the user and create security vulnerabilities on your site?

HTTPS Protects Your Users’ Privacy

Every unprotected HTTP request to your website can potentially reveal your visitors’ private information, such as their browsing behaviors and even their identities. Some intruders gather bits of information and compile it into user “profiles” to steal their identities.

HTTPS also keeps intruders from listening to communications between your website and your visitors. This means if you don’t use HTTPS and you have an online help desk service with VoIP, someone else other than your rep and your client may be listening.

Intruders can trick your visitors into providing their confidential information or installing malware into your website.  They can access and exploit unprotected images, cookies, scripts, HTML … and they can do this at any point along the network.

This means that your users’ machines, a clients’ Wi-Fi hotspot, etc., could be exploited and you’ll be to blame.

HTTPS Is Required For Progressive Web Applications (PWAs)

What are PWAs?  They use modern website capabilities to deliver app-like experiences to your users.

Google likes PWAs because they: 

  • Load instantly, even when your visitors use uncertain network conditions. This is because they “live” on the user’s home screen. They don’t need to go to an app store for them. PWAs can also re-engage your users with push notifications. You can control how the app is launched and appear on your site.
  • Respond fast and smoothly. Did you know that 53% of users leave a site if it takes longer than 3 seconds to load?
  • Are engaging and provide an immersive user experience. You can pre-cache resources so you’re not so dependent upon the network.  It gives your users a more reliable experience when browsing your site.

Google Says That HTTPS Is The Future

In addition to the security benefits of using HTTPS, there are commercial benefits as well.  Browsers and search bots prefer HTTPS sites. Your site will be easier for visitors to find.

Today’s new web platform features allow things like taking pictures, recording audio and new geolocation APIs (Application Program Interfaces). They essentially provide offline app experiences. HTTPS is a key component to the permission workflows for both new features and updating APIs.

And take note! Watch for HTTPS warnings from Microsoft, Apple and Mozilla. They’ll be coming soon.

Keep Google happy and your users safe. It’s not expensive to switch to HTTPS and it’s certainly worth doing!