This is REALLY important if you run a WordPress e-commerce shop.
Today, Google updated Chrome to version 56 (and Firefox to 51). They both display a “Not secured” message to every website that collects passwords and credit cards but doesn’t have HTTPS (or as you may have heard it called – an SSL Certificate). It looks like this in Chrome:
The idea is for Chrome to display a warning sign on any page which collects and stores passwords and credit card info that doesn’t have an SSL certificate aka HTTPS protocol. And that’s just the beginning. In the coming year, “Not secure” will be displayed on any website which doesn’t have HTTPS (SSL Certificate).
You’ll probably first see this at the WordPress login page. Because it has a password field, Chrome will look for HTTPS (SSL Certificate). If it doesn’t find one it’ll show the “Not secure” warning.
How do I fix this?
1. Ask your hosting provider for an SSL certificate
Here’s a list of quick links to popular hosts and their SSL certificate
GoDaddy SSL Certificate. Cheapest is £43.99/year.
Blue host SSL Certificate. Be careful: the “self-signed certificate” option they offer won’t work.
Hostgator. It’s messy. Chat with their support and ask how to get a certificate, or how to install one you already have.
eHost. You can buy one directly from eHost or install your own.
Siteground. They let you install an SSL certificate from Let’s Encrypt.
A2 hosting. There’s a quick way to install an SSL certificate from Let’s Encrypt, just contact A2 support.
2. Don’t feel like paying? Get an SSL certificate at Let’s Encrypt.
Depending on your host, you might be able to a install an SSL Certificate you got from somewhere else. We recommend you get one from Let’s Encrypt. It’s a free and trusted place to get a proper SSL certificate. You can also search for other internet authorities which issue SSL certificates.
What about Themes Kingdom Managed?
You’re all set. You automatically get an SSL certificate with Themes Kingdom Managed and we handle everything. So, you don’t have to do anything or worry about anything.
Why is this important?
Well, as Google explains it:
- Intruders both malignant and benign exploit every unprotected resource between your websites and users.
- Many intruders look at aggregate behaviors to identify your users.
- HTTPS doesn’t just block misuse of your website. It’s also a requirement for many cutting-edge features and an enabling technology for app-like capabilities such as service workers.
Finally, here’s a half-hour explaining exactly what HTTPS and SSL Certificates are, and why they’re super important.