HTTP has had its day

Written by:
by Lucie Sadler
Date Posted:
16 February 2018
New Tech

Google is cracking down on HTTP sites. Finally.

Crack down
It’s been a lengthy process. Back in 2015, Google announced that plain HTTP URLs would be down ranked in search results to favour more secure sites. And last year they started to label sites that took payment information or log in credentials without the HTTPS as ‘not secure’, as a warning to users.

Named and shamed

In July 2018 Google are finally releasing an update of Chrome where all HTTP sites will be named and shamed. So rather than wear the badge of shame, it’s now in the hands of the website owner to make their site secure. Or face the wrath of Google – though really shouldn’t these sites be temporarily banned until they adopted HTTPS, if they were taking security seriously?

Google said “Chrome’s new interface will help users understand that all HTTP sites are not secure, and continue to move the web towards a secure HTTPS web by default.”

Not all on board
More than 68% of Chrome traffic on Android and Windows is currently protected, and over 78% is protected on Chrome OS and Mac. Out of the top 100 sites on the internet, 81 are encrypted and using HTTPS. Surprisingly, some big sites such as the BBC apply it inconsistently. They use HTTPS for the homepages, but drop back to HTTP for content pages. Not the best practice.

Look for the padlock sign
In case you didn’t know why HTTPS is so important, it protects the channel between your browser and the website you’re visiting, making sure that no one in the middle can spy on what you’re doing. It’s super important for any sites that take payments or include sensitive information. Always look out for the little padlock at the top of your browser.

As Google offer a free to use security audit tool called LightHouse, developers can work out which website resources still load using insecure HTTP. Which is hella useful if you find yourself in a BBC situation.

Rating: 5.0. From 2 votes.
Please wait...

Leave a Reply

Be the First to Comment!

Notify of

Hyve are 100% carbon neutral. We use carbon offsetting to balance out the release of carbon dioxide from our offices and infrastructure.