News Courtesy of wpbeginner.com:
Do you want to get a free SSL certificate for your WordPress website? You need a SSL certificate to accept online payments and secure your website. Starting today, July 1st, 2018, Google Chrome will show all websites not using SSL as insecure. In this article, we will show you how to easily get a free SSL certificate for your WordPress website.
What is SSL?
SSL stands for Secure Sockets Layer. It is an internet protocol for securing data transfer between a user’s browser and the website they are visiting.
Every internet user transfers information when they visit websites. This information can often be sensitive like payment details, credit card information, or login credentials.
Using the normal HTTP protocol means this information can be hijacked by hackers. This is where SSL or HTTPS comes in.
Websites using SSL need a SSL certificate issued by one of the recognized certificate issuing authority. This certificate is verified and highlighted in user’s browser address bar with a padlock sign and HTTPS instead of HTTP.
I’ve been pretty adament in several blog posts over the last 6 months about this ‘doomsday’ Chrome update. I felt like chicken little screaming that the sky is falling but no one took me seriously. Now the time has come where Google could drastically affect user experience. Not through an SEO algorithm change, but their own browser. The majority of people won’t realize that they’ve been browsing http (not secure websites) for ages now. Those two little words in the address bar will bring that reality to light.
Last year, Chrome slowly began to implement the “Not Secure” message on non-https websites. Specifically, where a contact form was present. Now, no matter what page a user is on in Chrome 68, that message will be clearly visible. Thankfully, it isn’t as shocking as some predicted. There is no giant red x or stop sign next to the warning. I think that visual cue alone would have even made a bigger impact.
A lot of websites are claiming July 1st as the change for this policy. I have the Chrome 68 beta, but on my stable version, I haven’t received an update push yet. I have no doubt that it will roll out this month. There has certainly been ample notice for webmasters to get an SSL certificate. In fact, since my initial post on the subject back in November, CNN has finally installed an SSL certificate on their website. The influence Google has had with this SSL push has been pretty incredible to watch. Search results show much fewer http websites in the top pages than this time last year. I don’t believe it is due to a ranking issue, rather webmasters not wanting to risk losing visitors and opting to comply instead.
Over the next few years I expect http to become very much extinct. Let’s Encrypt allows websites to installed SSL for free. There really is no reason to not switch over. That little secure green padlock gives assurance to visitors that data submitted is encrypted and safe from sniffers.