On 8 Feb 2018, Google made clear its intent to formally mark websites lacking SSL as “insecure”. In other words, the site would be reflected as insecure in the browser address bar (Chrome) and also within Google generated dearch results.

Google confirmed a date of “early July 2018” as the start date although we still see no apparent activation of this policy yet. They have also disclosed how they will alert web surfers of the non-HTTPS status of such sites. Websites that remain on the non-secure protocol will be flagged with a warning in the URL bar of the surfer’s browser. We are unsure, at this stage, whether it will also be colour-coded red, which may put some people off visiting such a site (regardless of the fact it may be perfectly safe to do so).

But It is relatively safe to assume that a security warning on a website could lead to drastic fallout, including an increased bounce rate, less time spent by a user on the website and other factors – all which could eventually penalise a site’s ranking in the Google world.

Whilst we are not in a position to comment on the validity of any of this concern raised in various forums, it’s worth pointing out that, if we are hosting a domain and the nameservers are pointing to us correctly, we will be able to install Let’s Encrypt SSL certificates free of charge – including validity for any subdomains that may also exist on that account. Don’t panic, in other words – we have you covered.