With the release of Chrome 56 (estimated for release January 31, 2017), Chrome will be tagging website pages with forms as “not secure” if they don’t have a valid security certificate.
If you’re not sure if your forms are secured, look at the address bar while on your website. If the address is preceded by a green lock icon and the word “Secure”, your site is already secured. However, if you see an icon with a lower case i in a circle the site is not secured. A site that displays both the “Secure” and the i icon is partly secured.
With the new Chrome release, the i icon will be replaced with the words “Not Secure” and probably look something like the image below.
To increase awareness and visibility. Any web page that collects information from a user should be secured. Without a security certificate there is increased risk of a website, and the information it collects, being compromised. This makes it easier for users to see if it’s safe to give their information to a website.
In 2014, Google announced it would be giving priority to to SSL enabled websites. This could seriously impact the rankings of any sites that are not secured.
As hackers and other online bad guys get more creative in their antics, it becomes more important to secure your website. It will probably become mandatory to have a security certificate in the not too distant future.
The “Not Secure” message is going to scare a lot of users. For your, and your users, piece of mind, you should seriously consider getting a security certificate.
You’ve been running WordPress (or any other online application) for years. You’ve never worried about doing updates, toughening up your password, or increasing your site security, and there have never been any problems. You’re fine, right?
Wrong… You’re just lucky.
You may not even be lucky. Some hacks can silently operate on your website and deliver malware to your users’ devices. This will get you blacklisted by search engines and blocked by anti-virus software, which will result in people seeing something like the image below when they try to go to your website.
Would you risk returning to a website if you saw this?
The fact is, if you are using an outdated online application, hackers will find you. It’s only a matter of time.
I’m not saying this to be alarmist, it’s just an unfortunate fact of life online. While WordPress, Joomla, and Drupal, are particularly targeted, due to their popularity, no program is immune. Applying updates when they are released, running regular backups, installing security, and using secure passwords are as important as locking your doors in a bad neighbourhood.
Unfortunately, too many people don’t realise the importance of maintaining their website security, aren’t sure how to tackle it, or they procrastinate.
If managing your site security seems daunting to you or you just don’t have the time, I offer a security maintenance packages that will take care of all that for you.
A while ago I had a couple of clients call me up, quite upset because their websites had been hacked. In both cases I had previously reminded them that their websites were overdue for security upgrades, which they had chosen to postpone. As it happened, both sites were also of a religious nature. The site owners were concerned that they had been targeted because of their site’s subject matter.
Given the climate around religion these days, I can understand their concern. When you invest a lot of time building up your site and content, it’s hard not to take it’s defacement personally. Hacking not only causes you stress and money, but it can impact your credibility with your users.
The one small bit of good news is, in most cases it has nothing to do with you personally, or your website. Unless you are a high profile target like a government or financial organization, chances are your website has been targeted because your content management system is either missing the latest security upgrades or has a vulnerable third party add-on.
Only a small portion of hacked websites are targeted because of who operates them or their content. The vast majority are hacked, simply because they can be.
A fair analogy would be a thief walking down a street trying all the front doors until they find an open one. That’s the house they’ll rob. They don’t know, or care, whose house it is. All they care is that the door is open. Hacks that resemble the example above are generally minor and the web equivalent of a “smash and grab”.
Regardless of the motivation of the hacker, it’s always a good idea to keep your website software up to date to prevent unwanted intrusions into your website. Hacking is stressful and it can sometimes be expensive to fix a hacked site.