Plexus on Facebook Plexus on Twitter

Websites powered by 08697 buns since 1995chelsea

 

Google Chrome and SSL

Posted on

Google have recently been sending emails out to anyone registered on their Webmaster Tools system alerting them to upcoming changes to their Chrome browser.

If you've received one, it will have been titled something like
"Chrome will show security warnings on http://www.plexusmedia.co.uk".

These are genuine emails, if a little bit over-scary.

To understand what's happening here you need to know a little about SSL and HTTPS. If your website just has http:// at the front of its URL, that means any data transmitted between your visitor and your website is done in plain text. So if for instance you have a search box on your site and your visitor types "gateaux" into it, the word "gateaux" is sent across the internet to your website, and in theory could be seen by someone intercepting the traffic between the two devices.

If you have an SSL certificate for your website, then your address will be prefixed with https:// instead of http:// and will have a padlock in the address bar in most browsers. In this case, instead of "gateaux" being transmitted, the traffic is all encrypted, so if someone intercepts the data all they'll see is jumbled gibberish.

None of our clients' websites take credit card details - those which do accept orders pass visitors onto encrypted systems like Paypal and Sagepay for this - so financial data isn't at risk in this case. There are other risks though - your admin password, or if you take orders then perhaps your clients' home phone number and email address are being transmitted over http:// and so could theoretically be intercepted.

In practice the likelyhood of someone intercepting traffic between your visitor and your website is pretty small, but it's not zero. If your visitor uses an unencrypted WiFi network, or someone at their ISP or your web hosting service decides to snoop, then it could happen.

An SSL certificate will probably cost you around £50 per annum, along with a bit of our time as an initial cost in setting it up. It's your decision as to whether you want to do this or not. It's not impossible that some of your clients might be worried by the warnings that Google Chrome (and other browsers) show on your site and decide to go elsewhere. Or people in general may become blind to these warnings and pay them little attention.

This probably isn't a decision you need to take in a hurry though. Even once Google Chrome starts showing these warnings, yours will be one of millions of websites with them.

Nevertheless, SSL is a good thing - if you feel you can afford it you should probably go for it.

Testimonials

The site has great functionality and we have the ability to update and add content ourselves whenever we want. I would have no hesitation in recommending Plexus to anyone; their knowledge, service and enthusiasm is second to none. Read More...

Plexus Media Ltd, 2 Bank Street, Cromarty, Ross-Shire, Scotland IV11 8UY

Tel 01381 600818