Beginning in July 2018 with the release of Google Chrome 68, Chrome will mark all HTTP sites as “not secure“.
This is according to Google’s official statement from February 8th, 2018.
What’s the difference between HTTP and HTTPS?
To keep it short, the HyperText Transfer Protocol (HTTP) sends data between the website (server) and website visitor in clear text which can be easily monitored and/or tampered with.
HTTPS is HyperText Transfer Protocol Secure. Nothing really changes for most people, you simply have to type an extra S.
Websites that go through the HTTPS protocol are encrypted, which makes them less susceptible to certain types of hacks. Think of all the times when you use public Wi-Fi networks to access non-secure websites.
With HTTPS, even if someone malicious is monitoring network traffic and gets between the sender and the recipient of traffic, they would still not be able to decipher the content.
Should I really care about using HTTPS?
The short answer is YES.
A really good article about why you should care about HTTPS was written by Chris Hoffman for How-To Geek.
Even worse, HTTP allows your Internet service provider to tamper with the web pages you’re visiting, if they want. They could add content to the web page, modify the page, or even remove things. For example, ISPs could use this method to inject more advertisements into web pages you visit. Comcast already injects warnings about its bandwidth cap, and Verizon has injected a supercookie used for tracking ads. HTTPS prevents ISPs and anyone else running a network from tampering with web pages like this.
Hotel Websites and HTTPS Adoption Rates
According to Google, over 68% of Chrome traffic on both Android and Windows is now protected. But what about hotel websites?
I would like to share some stats that haven’t been included in The Current State of Hotel Websites (September 2017) report.
Here’s what I came up with after analyzing over 1 million websites in the lodging industry (hotels, motels, bed and breakfasts, resorts, campings, etc.) from all around the world.
Only 22.47% of lodging websites (all types of accommodation) are using SSL/HTTPS
Israel is leading the chart with an impressive 45.3% HTTPS adoption rate (949 out of 2095 lodging websites).
Serbia, Poland, Czech Republic, South Korea and Turkey are at the bottom of the chart with less than 11% of lodging websites being secured with HTTPS.
You Might be Losing Customers
Hotels and other accommodation websites deal with sensitive customer information. Even if you think that you’re not a target for hackers and other malicious individuals, you shouldn’t assume the same about your guests.
What do you think that happens when a potential guests comes to your hotel’s website and sees a “Not Secure” warning? Some might not notice it, some might not care about it, but some most definitely will move to a competitor’s website.
In less than 5 months from now Google will make an even bigger issue out of this, so there’s really no reason to ignore it any longer.
How to Switch a Website to HTTPS for Free?
I know that many people are discouraged by the price of a SSL certificate, especially when some of the providers charge up to $500 per year.
Thankfully there’s a great free alternative: Let’s Encrypt.
Let’s Encrypt is a free, automated, and open certificate authority brought to you by the non-profit Internet Security Research Group (ISRG).
There is a list of hosting providers that support Let’s Encrypt available, so check it to see if your hosting provider is there. If it’s not then considering getting yourself a new hosting provider.
Need Help Switching to HTTPS?
Feel free to get in touch if you need help upgrading your website from HTTP to HTTPS, while minimizing website downtime and decrease of ranking in search engines.