fbpx

Source: This article was published searchengineland.com By Barry Schwartz - Contributed by Member: Olivia Russell

In addition, Chrome will mark all HTTP websites as not secure.

Google announced it is making changes to how Chrome, their web browser, labels HTTPS and HTTP sites in the future. Starting in September 2018, Google will be removing the “Secure” wording and HTTPS scheme in Chrome version 69. Plus, in July 2018 in Chrome version 68, Chrome will mark all HTTP sites as “not secure”.

Here is how the Chrome treatment for HTTPS pages will change:

Then in October 2018 with Chrome version 70, Google will start showing the red “not secure” warning when users enter data on HTTP pages. Google said “previously, HTTP usage was too high to mark all HTTP pages with a strong red warning.” But the pendulum has swung to HTTPS, and now it feels comfortable going forward with this change.

Here is a GIF of this in action in Chrome 70 for HTTP pages with user input:

Categorized in Search Engine

On Friday, Google security team announced that they finished implementing HSTS support for all the company's products running on the google.com domain.

The move comes after months of testing to make sure the feature covered all the services, including APIs, not just the main Web interfaces.

HSTS stands for HTTP Strict Transport Security and is a Web security protocol supported by all of today's browsers and Web servers.

HSTS protects HTTPS against several SSL attacks

The technology allows webmasters to protect their service and their users against HTTPS downgrades, man-in-the-middle attacks, and cookie hijacking for HTTPS connections.

The protocol prevents users from going back to an HTTP connection when accessing Google over HTTPS, and forcibly redirects them to HTTPS connections when possible.

The technology is widely regarded as the best way to protect HTTPS connections against the most common attacks on SSL but has not been widely adopted.

95% of HTTPS websites still don't use HSTS

A study from Netcraft conducted last March showed that 95% of all servers running HTTPS either fail to set up HSTS or come with configuration errors. As such, Google's team has spent a great amount of time testing.

"Ordinarily, implementing HSTS is a relatively basic process," Google's Jay Brown, Sr. Technical Program Manager, explained on Friday. "However, due to Google's particular complexities, we needed to do some extra prep work that most other domains wouldn't have needed to do. For example, we had to address mixed content, bad HREFs, redirects to HTTP, and other issues like updating legacy services which could cause problems for users as they try to access our core domain."

During HSTS tests, Brown says that the team managed to break Google's famous Santa Tracker last December. The problem was fixed, but this only comes to show the wide spectrum of products the engineers had to ensure were working properly after HSTS deployment.

http://news.softpedia.com/news/google-adds-hsts-support-to-google-com-search-engine-506816.shtml

Categorized in Search Engine

Two years after Google announced HTTPS would become a ranking signal, Dr. Pete Meyers of Moz has put together a study with revealing new findings about the adoption rate of HTTPS since the announcement was made.

When Google made its official announcement regarding HTTPS, some were quick to make the transition, while others believed the effort wasn’t worth the potential reward. Some have avoiding transitioning to HTTPS because they believe there are possible risks associated with doing so.

Dr. Pete Meyers has put together the data which suggests Google is slowing but surely accomplishing its goal of having more HTTPS sites on the web. Here is a summary of his finding.

The Findings

Before Google’s HTTPS algorithm update, Moz’s data showed that only 7% of the pages featured on the first page of Google’s search results were HTTPS. A week later, that number rose to 8%.

Two years later, that number has multiplied to over 30%:

“As of late June, our tracking data shows that 32.5% (almost one-third) of page-1 Google results now use the “https:” protocol.”

The fact that the increase has been a gradual progression leads Dr. Meyers to believe it was not purely the result of algorithm updates alone. Rather, the increase in HTTPS sites on the first page of Google’s search results is an indication that Google’s PR campaign is working.

Dr. Meyers predicts than in a another 1–1.5 years we will 50% of first page search results being comprised of HTTPS sites. When this time comes, Dr. Meyers also predicts that Google will strengthen the ranking signal.

 

The Risks

Google has been downplaying the risks of migrating to HTTPS, Dr. Meyers argues, as there is risk associated with any kind of sitewide change to URLs.

Before migrating to HTTPS, it’s recommended that you weigh the time, money, and possible risk against receiving a minor algorithmic boost. With that being said it’s still difficult to convince website owners that converting to HTTPS is worth it.

Dr. Meyers’ final recommendation is, if you’re still not sold on HTTPS, then at least be aware of how many sites in your industry are making the switch. Stay alert for another HTTPS algorithm update which could be coming within a year’s time.

https://www.searchenginejournal.com/30-search-results-now-https-according-moz-study/167515/

Categorized in Search Engine

airs logo

Association of Internet Research Specialists is the world's leading community for the Internet Research Specialist and provide a Unified Platform that delivers, Education, Training and Certification for Online Research.

Get Exclusive Research Tips in Your Inbox

Receive Great tips via email, enter your email to Subscribe.

Follow Us on Social Media