Why You (and Google) Want a Green Padlock On Your Website
The internet has been called the information highway for many years. Recently, Google (aka the Ministry of Highways) has decided to make (what you could call the equivalent of) seat belts mandatory on the information highway, to increase the safety of all who use it. How are they doing that? Well, they are making the green padlock a requirement on websites.
The green padlock is also technically known as an SSL Certificate. The job of the green padlock is to show website visitors that the information they enter into a website will be securely sent to the owner of that website and not to anyone else. For example, Facebook always has a green padlock. Your online banking will have a green padlock. Any online shopping sites like Amazon will have a green padlock. This will keep the sensitive information being sent between the visitor and the website protected from other people who would like to intercept that information (like a credit card number, password or an email address) during the time it gets sent to the website owner.
Ok, so your website isn’t a multi-national bank, it isn’t Facebook and you may not even sell anything on your website. So why does Google want every website to have a green padlock now? Google doesn’t want to send people to websites that are insecure, because anyone that visits an insecure site could have their personal information compromised. Of course Google wants to show your site in the results of a search where you are relevant and can help people. In fact, Google has said in the past that having a green padlock gives websites a little boost in their search engine results . Google wants everyone to have a safe experience on the internet. Because of that Google doesn’t want to promote websites in search results that may be dangerous for the visitors (and in turn reflect poorly on Google as a reliable search engine).
Google announced that by the end of 2017 they would start showing warnings on websites (via the Chrome browser) to visitors if the page wasn’t secured with a green padlock. These warnings would be shown if there is anywhere that someone can enter text like a contact form or search form. This can be scary for your visitors and quickly erode trust. Google said that they plan to show this warning to any page that doesn’t have the green padlock in the future (regardless of whether there are any text entry areas).
So, what can you do to build trust with your website visitors and Google? Get a green padlock (SSL Certificate) installed on your website! Getting a certificate isn’t terribly difficult, but the easiest place to start is with your website host. Check to see if they offer SSL certificates and if they will install them for you.
My preferred web host is Flywheel (affiliate link) and they have an easy way to add an SSL cert to your website. In your Flywheel dashboard go to the ‘Add Ons’ tab and activate the SSL Certificate. You’ll need to fill in a few bits of information and then you can activate it. To ensure that visitors can only access the green padlock versions of your pages, head to the ‘Advanced’ tab in your Flywheel dashboard and enable ‘Force HTTPS’. This is an important step because otherwise links that currently exist to your website without the green padlock can still be found by your visitors.
It will take a few minutes, but then your site will have a green padlock (in most cases). Now a few pages may not have the green padlock, and you will need to do a bit of detective work to see what is still being loaded without the green padlock (i.e. without https). This can be done with Chrome’s web inspector but another way is with a bit of software called ‘SSL Insecure Content Fixer’. Get this installed on your website and make any adjustments to the settings that you need, for example make sure the ‘Content’ button is enabled and then see if the insecure content error is still shown.
Since the green padlock changes the address of your site from http://mywebsite.com to https://mywebsite.com you need to be sure to add the new https version of your website and a new xml sitemap to Google Search Console or have your website administrator do it for you.
It’s important to note, that while a green padlock keeps your visitor information protected, it does not mean that your website cannot get hacked. Hacking comes from different types of problems. For more information on how to keep your website secure, please read our article on how to keep your website secure. Our Care Plans are designed to help with all these potential problems!
Have a question about any of this or would you like our help getting an SSL Certificate setup on your website? Be sure to contact us and we’ll help you out.