Maybe you got this letter from Google warning you that come October 1, 2017, your website visitors who are using Chrome browser (58% of market) will see a warning that your website is not secure on any page that has an input form. This can be an email subscription form, a Contact form or even your checkout.
This warning sounds scary. Google is adamant, it wants searchers to find the right content they are seeking and to have a positive experience once they find it. Delivering the level of website visitor satisfaction that Google wants is good for your business. Here’s what this letter means and what you need to do about it.
How important is this?
Your site has done just fine without an SSL, your checkout is actually secure, how important is it that you handle this issue now? Won’t it cost you money? It is important for you to secure your site. If you are using lead forms or selling product, it can be critically important.
One of the biggest determining factors as to whether or not someone will buy on your website is how trustworthy your site appears. “Appears” being the operative word. Site visitors don’t really know how secure or trustworthy your site and business are. They do know whether or not your site looks trustworthy or sketchy. Your sales will suffer dramatically if your site doesn’t give every impression it’s secure.
In addition the SSL does make a difference in your search rankings and is considered to be an SEO factor, though historically a minor factor. There is every reason to believe Google is favoring secure websites. Since this is an easy and low-cost change, we recommend it for SEO reasons as well.
Most of the hosted shopping cart and website hosting companies are aware of this new requirement for SSL. The better companies are offering a basic SSL certificate for free. There are often other minor costs involved and some sites need more than a basic, shared SSL certificate. However, most small businesses can make this change for very little cost.
Your website needs a Secure Socket Layer (SSL) certificate now
Otherwise your site visitors, and most importantly those who want to do business with you, may see this warning:You probably don’t want your customers to see this warning. If you’re selling products and collecting credit card information you do not want any indication that your site is not safe and secure. The lack of an SSL is already visible in Firefox, sans the warning popup. See this green lock? That means this page is secure.
While most (Software as a Service – also known as a hosted platform) SAAS shopping cart software, such as BigCommerce or Shopify, secure the checkout process on all accounts, this is not the same as having your entire site secure. If you’re using a payment gateway plug-in such as PayPal, Amazon Pay, or Stripe, the payment collection process is secure already, but that doesn’t mean your site is locked down.
Additionally, the checkout process for checkout may only be secure if it takes the customer off your domain. For example, while the customer is browsing your website, they are on https://YourSite.com. If your entire site isn’t on the same SSL, your checkout may look more like this: https://X48BeC.mybigcommerce.com. If your customer notices this change, it may confuse them, or worse cause them to leave. Keep in mind that when your checkout is the only secured section, your contact forms and email subscription forms are not secured and may be subject to a “not secure” warning.
Sounds Simple. Is it?
Sort of. Purchase an SSL certificate and add it to your website. In some cases, your site host or shopping cart software may provide a basic SSL for free. If you use a Content Distribution Network (CDN), they may also offer a free SSL. Just flip a switch and it’s done. Or is it? Sometimes, yes.
More often than not, no.
Your site can still be accessed as a non-secure site. Try it now. You can access your website with either http://Yoursite.com or https://Yoursite.com. Google will see this as two sites. That can create a duplicate content problem, which will hurt your search engine visibility. In addition, your customers may not realize your site is secured.
Google needs to be told your site is secure and non-secure pages need to redirect to the secure version of your website. Canonical links need to tell search engine crawlers which version of the page is the original or “primary” page that should be indexed.
You may need to change your fetch URLS for both search engine crawling and advertising accounts.
Your SSL certificate may not cover all your content
Lastly all of your website resources must be secured under your SSL. If you have images hosted off-site, they may not be secure and may cause your page to display a “not secure” warning even though all your customer information gathering is actually secured.
If your shopping cart and blog are hosted separately, for example your blog may be hosted on WordPress but your shopping cart software is on SAAS, you will almost always have a separate domain or sub-domain for your blog. While it is not required for your blog to be secure, it will still be at risk for warnings if there’s an email gathering or contact form on it (and there should be both). Your best bet is to secure this too.
If you several sub-domains or even multiple sites under your control, you may need more than the basic SSL certificate.
Getting it right
If you have some technical knowledge, you may be able to handle this on your own. Just make sure you address all the issues above and be sure you haven’t created new problems with the change.
Alternatively, you can have your web developer do it. Just be sure they are aware of all the points that need to be addressed that are listed above. Most web developers are not marketing or SEO savvy and as a result, may not touch on all the finer details that need to be addressed when adding an SSL to your website.
Redline Minds is making this easy and painless
Redline Minds is offering a SSL Installation Service promotion right now. We’ll do it right for $199 plus the cost (if any) of the SSL certificate. Let us remove this stress from your calendar and make sure your site is secure for your customers.