Chrome users will soon say ‘fare-thee-well’ to the green padlock signaling secure sites. Google has announced that Chrome will eventually deprecate the green padlock, eventually opting for no symbol. The company feels it has won the https everywhere campaign, and that secure sites are now the norm, not the exception. True or not, the consequences could be dire for website owners who still don’t have https. Instead of highlighting secure sites, Google will bring more attention to insecure sites.
TLDR: Make Your Site Secure Already!
If you don’t have an SSL, now is the time. The key with this change is that there’s no exception. We can’t think an SSL doesn’t apply to us simply because we don’t get high traffic volumes, collect user data, sell online, etc. Google wants this to be a thing, and because of their market share, you have little choice but to comply.
Any hosting provider worth its salt will provide one for free at this point. I use BlueHost and stopped paying for the SSL more than a year ago.
SSL and WordPress
Adding an SSL to your WordPress website may not fully satisfy Chrome, Firefox, and the others. You may very well access your pages through https, but you don’t get the green padlock. Fear not, there are two plug-and-play plugins that will help you secure your site. I recommend these two plugins be used in tandem:
SSL Insecure Content Fixer: I’ve added my certificate to my domain with the help of my hosting provider. I navigate to my site, this time using https, and I don’t see the green padlock. What gives? Usually, in my cases, the images are causing issues. This is where the SSL Insecure Content Fixer comes into the mix. Once you install it, go to Settings > SSL Insecure Content. The plugin author recommends starting with the simple fix level, but I have always found that the content fix level or above must be selected for the site to be secure.
WordPress Force HTTPS: Let’s say you’ve stored your old url (http) in your browsing history and accidentally go there. What do you see? Did your WordPress website load with http or did it redirect to https? If it’s the former, you have an issue. Cue this plugin. It forces your visitors to access your website via https. And there’s nothing you have to do once you activate it.
If you like our jaded opinions, check out this one on the feckless nature of bar, number, and circle counters.