Google Search Console Alerts & Chrome Security Warnings for HTTP URLs

Matt Crowley - August 18, 2017

Last night (8/17/17), Google sent out a large number of emails that look like the following. These notifications were distributed to the email list tied to Google Search Console accounts that may be impacted by new security warnings in the Chrome browser. In this post, we’ll briefly address what this means and what you should do about it.

If you received one of these emails, they are intended to notify you that Google will show a “Not Secure” warning to any of your website’s visitors that browse the site using Google Chrome. These security warnings will trigger in Chrome if:

• Any page on your website contains a form field (any form field) and is served to a user over an HTTP connection. This will impact most websites, as your website likely has a form field for email capture, contacting your organization, or even performing an internal site search.
• Any page on your website, with or without a form, is served to a user over an HTTP connection while the user is browsing in Incognito mode.

The following two screenshots highlight the specific warning that will be shown within the Chrome browser:

Google has continued to make it clear that they want all websites to be served over an HTTPS connection, and have stated explicitly that “The new warning is part of a long term plan to mark all pages served over HTTP as ‘not secure.’”

In order to avoid these warnings, websites will need to move from HTTP to HTTPS. However, it is important to note that there are many considerations that should be accounted for when making this transition. Considerations include web development time and knowledge, costs that may be incurred, and SEO (making sure that you don’t lose organic rankings and traffic during the move).

If you will be making this transition, we highly recommend reaching out to MoreVisibility to begin discussing best practices for the transition and how we can help.