Google Chrome and Firefox marking regular HTTP sites as insecure or otherwise alerting the user the connection is not encrypted has been in the works for a while. I never paid much attention to the proposal until noticing Chrome showing a little information alert icon next to regular HTTP pages instead of the usual globe icon.
For reference here are the icons:
Old globe icon.
New info icon for HTTP sites.
This is the standard green pad lock for HTTPS sites.
Eventually standard HTTP sites will have this icon.
As a webmaster it feels a bit heavy-handed. However moving over to SSL is a good idea in general. The more regular people are aware of secured vs unsecured sites the better off we all are in general.
You can get 100% valid and trusted SSL certificates for free these days from Let’s Encrypt. One of my hosts, MDD Hosting (affiliate link) includes a cPanel plugin to generate your own free Let’s Encrypt certificates for any domain or sub-domain hosted with them. It’s point and click simple. There’s no excuse not to do it.
Let’s secure every website and service we can with SSL certificates. What do you think about ‘warning’ people they’re browsing a standard HTTP site?
Our friends at Cloud Living have written up a great tutorial for migrating WordPress to SSL. It’s very easy to follow similar to the method I’ve used for multiple clients over the last 18 months. Do give it a read.