With its latest update, Google Chrome 68 warns users about websites which are not protected by an SSL certificate. When hosting your website on sloppy.io you receive a Let’s Encrypt SSL certificate for free!
Google’s SSL policy
Chrome version 68 marks just another step in Google’s long-term approach of promoting SSL protection and demoting non-encrypted HTTP connections. In 2014, for example, the company increased the ranking for websites with SSL certifactes in its search engine.
So, with the new update, Google will highlight HTTPS websites with a green lock and warn of HTTP websites by calling them insecure. For future releases, Google has already announced that the Chrome browser will not highlight SSL certificates on websites anymore, taking HTTPS as the new standard.
SSL certificates for free
If you’re still running your website without an SSL certificate, even if you don’t handle sensitive data, you might have already suffered the consequences from downranking. Now every page of your website will be warned of and that will scare users away, thus increasing bounce rate.
In the past, buying an SSL certificate was a costly endeavour. The so-called Certification Authorities made a fortune in selling variations of SSL certificates with ever more shiny baubles attached. Want the whole address bar turn green? Sure, pay some 500 bucks more and you’re good. Browser companies were all to happy to oblige and indulge in this scheme.
Then came Let’s Encrypt. From the start, this new CA was built to make domain-validated SSL certificates widely available – without cost. Now funded by key players on the web, Let’s Encrypt has issued more than 100 million SSL certificates and keeps growing.
Automatically issued Let’s Encrypt SSL certificates
At sloppy.io, working with SSL protected connections has been our goal from the start. From testing environments in our *.sloppy.zone to live production and your own domain: All websites hosted at sloppy.io feature SSL protection, without additional cost.
To make use of a Let’s Encrypt SSL certifacte for your own domain, turn on the switch in the sloppy.io Web UI and that’s it! sloppy.io will handle the creation and renewal of your SSL certificate automatically.
Furthermore, with our load balancer settings, you can forward all HTTP requests with a 301 redirect to HTTPS. Also, by enabling HSTS you can protect your website against protocol downgrade attacks and cookie hijacking.
We want your websites to be safe, that’s why we’ve included these features in all of our plans. For further questions about Let’s Encrypt SSL certificates and SSL protection on sloppy.io, visit our Knowledge Base or contact our staff.
Featured image: CC BY 2.0, Blondinrikard Fröberg on Flickr