Google strengthens security policy on sites with forms

Earlier this year, in an article titled SSL - an important change in the Google Chrome browser, we reported on the changes Google has made to its browser aimed at stigmatizing online stores, portals and websites that do not have SSL certificates despite the processing of information such as username and password in their formularies.

We thought such a step was very appropriate as we have been telling customers for years that it is worth investing in tools that improve the safety of their users.

By the other hand, what's happening now is that Google will display a prompt about the lack of SSL wherever a user submits any data via a form. 

The content of the announcement and an explanation below.

Fragment of Google's announcement

"Starting in October 2017, when a user enters text in a form on an HTTP page, Chrome (version 62) will display a warning that the site is DANGEROUS. The warning will also appear on all pages in incognito mode.

If the URLs on your site contain fields in which users enter data (like < input type="text" > lub < input type="email" >). Chrome will display a new warning on these pages.

(...)

The new warning is part of a long-term plan to label all sites that support the encryption-free HTTP protocol as unsafe.

To avoid showing Chrome users that a page is unsafe, move input fields to pages that support HTTPS." 

What does it mean?

This means that any site that has even the simplest contact form, search engine or newsletter sign-up form according to Google should have an SSL certificate installed on the server, encrypting the data sent between the user's browser and the server.

In the absence of an SSL certificate, the address of such a site will be marked as DANGEROUS.

Not sure how to switch to HTTPS?

If you need technical support related to SSL certificate implementation and HTTPS transition, please contact us.

Don't delay - the announced change goes into effect on October 1st, 2017.

Knowledge that we are willing to share!