On Tuesday Google rolled out the previously announced update to its Chrome browser which means that sites using http rather than the more secure https are marked non secure.
Many high profile sites have been affected including the huge news site MailOnline, and Sky Sports:
and other household names such as top retailers Argos and ASOS, as well as government, academic and utility sites.
The website Why No HTTPS launched by security researcher Troy Hunt, lists the world’s top 100 websites, also broken down by country, which haven’t yet switched over to HTTPS. Hunt says this represents 20% of the world’s 502 largest websites.
Google has long been encouraging webmasters to change to HTTPS as a standard, with the encryption in HTTPS affording higher security in serving web pages. This change was announced back in February, allowing webmasters time to make the switch. However, hefty sites with a large infrastructure may need more time to implement this.
HTTP sites are no less secure than they were before the Chrome change, they're just being marked as less secure than those which are using HTTPS.
In further planned updates, Chrome 69 due in September will drop the Secure marking, treating this as the default position. In October with Chrome 70, red 'Not secure' warnings will be displayed for HTTP pages.
For help in switching to HTTPS see our Essential Guide to Migrating your Website to HTTPS.
