WP Engine [an excellent website host I’ve recommended in the past] sent this to their newsletter list earlier in July.
It’s one of the most straight forward I’ve seen that essentially says, if you don’t have https before your website, Chrome is going to start labeling you as NOT SECURE loud and clear to all visitors. Many other browsers have already begun or will do this soon also.
You don’t want your site seen as insecure. You will lose traffic, lose customers, and potentially be targeted for hacking.
We’ve written posts in the past about how important SSL is, and methods for how to get a certificate for free, which is largely accepted now as common practice, but the work afterwards of implementing and updating an existing site is where most website owners struggle.
That is where the actual work comes in when configuring an SSL, making it work with your site on all pages and with all elements, ensuring that “lock” icon that shows on most browsers.
Take heed, if you don’t have an SSL, and your site is not loading over HTTPS, now is the time to act!
Another item you may have started receiving emails about is TLS.
If you’re using a website host that is generally reactive and not proactive about your website, you may have some issues receiving payments on your site due to this TLS update soon.
Essentially, an older version of what’s used to secure transactional data is being retired, and if your current website host isn’t using the newer forced version, 1.2 or above, your plugin, code, API key, whatever you use for sending that data around, will begin to fail.
Most commonly this is going to show up in your PayPal plugins and Stripe Plugins [because those are the most popular] that you haven’t updated in months or years.
The fix? It can be a painful one, it involves contacting your host and asking them to update your server environment, or having someone do it on your behalf. IT Arsenal recently ran into this for a client using Gravity Forms, Stripe, and the website host Site5.
How can you check what version of TLS you’re using?
Download this WordPress plugin and run it [it’s outdated but still works as of now].
You can also click the lock on your browser and inspect the certificate, it might not explicitly use the letters TLS but it will tell you what encryption is involved and you can do some Googling from there.
If you have questions about SSL, or TLS, or anything technical for your website, we’d be happy to answer them.
-> Drop us a note, make a comment below or hire us to get your site updated and switched over!