Google forces websites to use https

‘For equal opportunity, preference is given to a https site’

Consciously or unconsciously, you increasingly see the so-called ‘green locks’ appear in the browser’s address bar when visiting websites. That green lock doesn’t just appear. You have to do something for it. MelisGS also offers a fast and cost-effective service to make your website compliant with Google’s latest requirements for secure data transfer between web server and visitor.

SSL/TLS has the wind in its sails. Let’s Encrypt hopes to make https big and accessible, and Web sites are being motivated on all sides to use encryption. Until recently, it was common to buy such a so-called SSL (Secure Sockets Layer) only from Web shops. That certificate served as the basis for the secure https connection. The variations in and prices of those SSL certificates made making a choice very difficult. The most commonly used version only gives what is called ‘domain validation’. This means that the existence of http://domein.xxx is validated and thus receives the’green lock’. The most extensive version asks for proof of registration with the Chamber of Commerce in addition to domain validation, and certain documents must be signed. Next to the green lock icon, the company name then appears. In all cases, there is an excellent working encrypted and thus secure connection. For the vast majority, basic domain validation is more than sufficient. This also applies to web shops and websites with forms that require entering personal data.

Why do it?

As of Jan. 1, Google has changed. Adjusted its algorithms for rating websites. It is up to Google to do that without further consent and consultation. After all, they own the algorithm, and they adjust it as they deem necessary or desirable. For example, a few years it ago the algorithm was adjusted by “checking” whether a website also offers a mobile view (the so-called responsive design principle).

Meeting Google’s requirement, of course, does not guarantee a (much) higher rating compared to a similar website without a secure connection. The algorithm is too complex for that. The argument for doing it anyway is mainly to offer a secure connection. That gives the visitor a sense of trust.

Right now, Google puts the word ‘Secure’ by the green lock in the Google Chrome browser. But there are plans to also start putting the text ‘Not Secure’ in red at Websites that do not offer a secure connection. And that will be considered unpleasant for virtually every website owner, and not least for potential visitors.

What costs?

Meanwhile, the use of a secure connection is becoming so commonplace that the cost of a basic certificate has dropped to €17 per year. (No paperwork required, Mobile support, No green bar in the browser)

However, the installation of the certificate and further adjustments to the website do involve costs. For an average website, count on about an hour of work for installation and adjustment of the http links to https. The latter can be done in the vast majority of cases by means of a so-called script. In some cases, manual adjustments must be made. Depending on your hosting agreement, the http/https conversion will be done or not.