Google marking things unsafe 1

Google and Firefox decide "everything" is unsafe

We have been warning you since early 2016 that SSL security and HTTPS encryption was a must. The day has now come where Google and Firefox are marking websites as unsafe if you do not have an HTTPS encryption. emyspot has given you all the tools to ensure that your website is secure and displays as safe when you have subscribed to the domain name subscription and the pack SSL. And we strongly encourage you to invest as changes are coming fast and hard.

Google and Firefox plan to mark all HTTP pages as insecure. The two web giants have decided to go a step further and warn users about data security and privacy issues, which in itself is a great initiative and informs users that entering information on websites that are a simple HTTP connection does not protect information from getting to a third party. It is now clear that your data exchanged on HTTP websites is not secure! This is extremely important to warn users, but can negatively impact websites that do not have HTTPS and may not even need it.

Examples of data exchanges are names, passwords, emails, credit card numbers, or account information.

Google feels that when there is no data security, the browser should explicitly display that, so users can make informed decisions about how to interact with it... and this idea has been in the works since 2014. So if you do not have an SSL connection your site will be perceived as unsafe by your users, and your website may be shamed for it by users and by the Firefox and Google search engines.

To be honest not all websites need an SSL secure connection, and in reality a Google audit shows that 79 of the web’s top 100 non-Google sites don’t use HTTPS by default, or offer none at alI! If your website is simple clear text, with some images then HTTPS is not always a feasible affordable option. As soon as your website exchanges or asks for data from a website user then you should strongly consider getting HTTPS.

So now not only are websites being marked as unsafe, but Google and Firefox have gone a step further and added a security warning to logins or entry fields, as well as limiting the use of certain feautures. “It’s easy for sites to convince themselves that HTTPS is not worth the hassle,” says Willis from Google's HTTPS evangelist, “but if you stick with HTTP, you may find that the set of features available to your website will decline over time.” For instance, saving passwords with Google passwords, or google maps geolocation API can only be used over HTTPS.

Sites that haven’t updated to HTTPS are out of luck, and their user experience will suffer. This step towards informed security by Google and Firefox is gallant, yet for the webmaster's out there it adds an extra step to creating a successful website and being found on the web.

Https broken 1

Https broken

Https broken 3

So what should you do to ensure your website is marked as safe by Google and Firefox

Get an SSL certificate that will ensure that your website is displayed proudly as an HTTPS website. Sounds easy enough. Go here for more details about the Pack SSL at emyspot. Know that you will need to have a domain name in order to place an SSL certificate on your website. You will also need to ensure that all links and images are pointing to the https address and no longer referencing the HTTP address. This part of the process takes a little time, but the benefits of user confidence far outweigh the extra time it takes to change your website from HTTP to HTTPS.

Domain NamePRO

30£40$ year

Get an easy-to-remember address for your website, and manage your domain and emails right from your site manager, to complete your end-to-end online communications and marketing strategy.

Find out more

SSL : Give your site the power of https

40£ year

Ssl offer

Propose a secure connection with an SSL certificate, free installation, and the label https. Ensure the safe transfer of all information on your site. Not only will this advance your site's reputation but also advance your ranking on search engines. Take your site to the next level and get SSL.

More info

security firefox site perception SSL google

Comments

  • Safari Browser Tech Support
    If you are getting any issue with your web browser such as javascript error, browser add-on/extension problem, flash is not installed, browser antivirus toolbar like AVG. So, you can contact Mozilla Firefox Customer Support
  • John Pellow
    • 2. John Pellow On 05/06/2017
    Very fantastic and good news that google and firefox decide everything is unsafe.
  • michelle
    Yes Mary, it definitely does up your position in the search engines to have an SSL certificate, you are absolutely right.

    Brandon, we love having you here and we truly do care about our webmasters and hope to offer the best support and web features. This Google and Firefox update has rather harshly treated websites that don't need SSL protection, as honestly not all sites do. Hoping that you can expand and we are here to help. Just contact the support team and we will see what we can do.
  • Brandon McLean
    • 4. Brandon McLean On 23/03/2017
    IP doesn't save our passwords either. They haven't for a long time. We aren't looking to create a huge website so the price is a bit shocking when we don't need extra protection. This a hospital using your services and so it will probably grow into multiple clinics using this same type of website I created. Problem is I am paying this out of my pocket not my company. Once the ball gets rolling then our huge company is probably going to invest more as long as I can show what I can do with your site...
  • Mary-v
    Some of you guys don't realise that google sends more traffic to websites that have ssl certificate and also check other hosting providers how much they charge for a security certificate, it costs more with Godaddy and the support is crap.
  • michelle
    There is another workaround as well for your particular situation which is to switch browsers. Do not use Google or Firefox. While these are the two most oft-used browsers, there are many others like Vivaldi, Opera, Brave, or Edge.
  • michelle

    Unfortunately, the requirement of an SSL certificate is from Google and Firefox, this is not a requirement for making an awesome website just strongly recommended if your website visitors will be using Google and Firefox

    At emyspot the prices rest extremely competitive. While most other web hosting companies require a monthly payment we require a yearly payment. When transferring a domain name, you are not only hosted but have access to the emyspot website builder tool, therein is the added value. So while this cost may seem shocking all at once, when broken down to a monthly fee, it becomes not only affordable but less expensive than competing website builders.
  • Brandon McLean
    • 8. Brandon McLean On 21/03/2017
    There is a work around if your website doesn't have information that is personal. Like my website we just have information on how to run our clinic. There are no personal information, credit cards etc. We just run a informational website. We do have a password protection so we can keep the way we run our clinic personal. If we were to be hacked, they could do absolutely no damage since it is not information they would be able to use. Useless. If your website doesn't need the "https" there is a work around to disable to warning message so that it stops blocking your password save. Of course Emyspot didn't let me know about this since they are going to profit off of Google and Firefox's changes. This will save you $100.00 a year:

    Firefox disable Password Warning

    Open a new tab, paste about:config into the address bar and hit enter.

    If you see the “This Might Void Your Warranty” page, click the blue “I accept the risk!” button. Understand we are manually modifying Firefox’s default settings.

    In the Search box at the top, paste insecure_field_warning.contextual.enabled



    Double click the setting to change it to “false”, to disable Firefox’s insecure password warning.

    Done! Now when you visit pages with HTTP login forms, the warning will no longer appear.



    If you also want to restore autofill functionality, so that your saved login/password automatically populates in an HTTP form, keep the configuration page open and follow the next step.



    Optional. In the Search Box on the about:config page, paste signon.autofillForms.http



    Double click the setting to change it to “true,” this will enable autofill.
  • Brandon McLean
    • 9. Brandon McLean On 21/03/2017
    Wow. Now we have to pay another $70 a year on top of our $70 package for SSL and then another $40 a year because you have to switch your domain name over (usually $5.99 - $15.99 at other providers) on top of your package just so the website can save passwords.. Guess we will keep entering passwords.

    Rip off.

Show more comments

Add a comment