Welcome to WebmasterWorld Guest from 54.227.48.147

Forum Moderators: open

Featured Home Page Discussion

Chrome 68 will mark all HTTP sites "not secure"

     
8:51 pm on Feb 8, 2018 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month

joined:Sept 25, 2005
posts:1671
votes: 239


For the past several years, we’ve moved toward a more secure web by strongly advocating that sites adopt HTTPS encryption. And within the last year, we’ve also helped users understand that HTTP sites are not secure by gradually marking a larger subset of HTTP pages as “not secure”. Beginning in July 2018 with the release of Chrome 68, Chrome will mark all HTTP sites as “not secure”.
Source: A secure web is here to stay [security.googleblog.com]

No surprise here, of course. For those still on HTTP, you are now a minority [httparchive.org] (at least in the Alexa Top 1M).

A decent checklist for moving to HTTPS can be found here: HTTP to HTTPS: An SEO’s guide to securing a website [searchengineland.com]
10:12 am on Feb 13, 2018 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month

joined:Sept 25, 2005
posts:1671
votes: 239


Looks like Cloudflare has a feature called "Automatic HTTPS Rewrites" that avoids mixed content and presumably also rewrites internal URLs from HTTP to HTTPS. Not a bad offering, but again you'd come to depend on them and their connection with your server remains insecure.
This 31 message thread spans 2 pages: 31