UPDATE — JULY 24, 2018: Today Google began rolling out Chrome 68. Now, Google's browser will display a "Not Secure" warning next to the website in the address bar if the site is not secured with HTTPS. Many website owners are now wondering what does it mean when a site is not secure. Let's explore the change and what it actually means to website owners and marketers.
The internet. Such a beautiful thing. Yet, like a wild animal, it can sometimes be dangerous. If you’ve been online for even a short amount of time, you probably know that sometimes bad things can happen to good websites.
What does it mean when a site is not secure?
If you’re seeing the warning “Not Secure” in front of your domain name, you might think your site has been compromised. However, it may just be that your website’s security isn’t up to Google’s standards.
Sometime in July, Google will release the newest version of Chrome. As explained in this article on securing your website, any website accessed with this version of Chrome will display a “Not Secure” warning if it does not use a secure connection (HTTPS). This is part of Google’s initiative to make the web more secure.
If you’re seeing the Not Secure error, it likely means that your site doesn’t have an SSL certificate and is not using the HTTPS protocol. The notification does not mean that your site is compromised or not functioning correctly. For more information on the difference of websites with or without an SSL certificate in place, read our article HTTP vs. HTTPS.
FAQ about Google's not secure warning
Is SSL only for eCommerce sites?
It used to be that only websites that handle payments need SSLs. However, SSL encryption protects all information that passes through the browser to the server, including logins and passwords, and even web admin credentials. With Google’s announcement of the Not Secure warning, it doesn’t matter whether the site takes data. All websites need to use encryption by SSL to ensure secure transfer of information – sensitive or not.
Can I use a free SSL certificate?
As long as your hosting provider allows you to install them, yes, absolutely. Keep in mind that there are differences between free and paid SSL certificates. For GoDaddy hosting, you would be able to install free certificates on our VPS plans. It is also possible to install them on our cPanel Hosting plans.
Is this just Chrome or will Firefox and other browsers do this too?
Currently, only Google has officially announced this change to happen in July. We have not seen communications from other browsers such as Firefox or Safari. However, what we have seen in the past is that the browser community follows Google’s lead. A year ago, shortly after Google implemented the warning in Chrome on sites that have intake forms but no HTTPS, Firefox, IE, Safari all followed in Google’s footstep.
Does the Not Secure warning only affect GoDaddy websites?
No, Google Chrome will be marking all websites as not secure no matter where your site is hosted. You can get an SSL certificate from GoDaddy and on our Help Center you can find more information about how to download the SSL files and install the SSL as well.
I have multiple websites and cannot afford to buy that many SSL Certificates.
Customers with multiple websites can consider the multiple domains SSL certificate, also known and SANs (Subject Alternative Names) SSL Certificate. This type of certificate lets you buy a single SSL but can protect multiple websites. It saves money and time. You only need to manage one SSL for all your websites, not many.
How is GoDaddy’s SSL different from free SSL solutions?
The key differences between free and paid SSLs are customer support and range of certificates available. Most free SSLs are DIY solutions. This means you need to install and troubleshoot on your own. Because SSL is not easy for everyone, you could end up spending hours or days to get the SSL working properly.
GoDaddy not only provides 24/7 hands-on help, we also automatically install the certificate for you if your site is hosted with us. This saves customers a lot of time and hassle. We provide a full range of SSL certificates, depending on your website needs; you can always find the right certificate with us that comes with full support. Also, all certificates issued by GoDaddy offer up to one million USD in liability protection.
Why doesn’t GoDaddy offer free SSL with its Hosting services?
We believe in safe Internet and support every website to be secure. We include SSL in multiple hosting and website services. These products are GoDaddy's website builder, WordPress Hosting (select plans), and Web Hosting Plus products. In fact, our SSLs are fully integrated, so there is little to no work to install them. The minute you publish your site, SSL is enabled and your site protected. We’re working to integrate SSL in more hosting products.