We have bad news. Starting in October, the Google Chrome browser will display “Not Secure” errors for any site that doesn’t have an SSL certificate and https URLs.
What does that mean for your nonprofit?
If your site’s address looks like this:
Instead of like this:
people who visit your website and use a form through Google Chrome will notice an error message suggesting that your site isn’t secure, and they will be less likely to use your contact forms, email signup forms, and donation forms.
That’s some bad news! Especially considering other browsers probably aren’t far behind!
So what’s this all about?
That extra “s” on the end of https means that a website is delivered on a secure connection, thanks to a security certificate on the website’s hosting account.
For both you and your site visitors, this security certificate indicates that there’s a lower risk of being taken advantage of when data is transferred from one place to another, but it is especially important when applied to submitted form data: contact information, logins, email addresses, and donation forms.
Prepare for the Google Chrome Change
If your site isn’t already running on https, you’re going to want to fix that, pronto. Here’s how:
Contact your host to get an SSL Certificate
Of all of your technical support channels, your website host is best suited to address your questions about your site’s security and help you batten down the hatches.
For some hosts like DreamHost, this process is easy and fairly quick, but if your hosting is a little more complex, you may need to sift through a number of technical details before you can purchase an SSL certificate and apply it to your website.
Not sure where to start? Tell your host: “I want to get an SSL certificate to ensure that my website’s pages load from a secure url,” and they should be able to give you directions from there.
Not sure who your web host is? Type your URL into whoishostingthis.com to find out. You probably pay your host a monthly or annual fee to host your site, so you likely have documentation of your account somewhere.
Test your site
Once you have successfully implemented https URLs on your site, you need to thoroughly test the URLs.
Use https://www.ssllabs.com/ssltest/analyze.html to check your domain and make sure your SSL configuration is correct and optimized.
Don’t just test to make sure your home page loads! Use Chrome and make sure you click through your site to ensure that your paths to engagement work as smoothly as expected. Check a couple of other browsers besides Chrome to make sure those still respond correctly, too.
Finally, look through any recent email or marketing materials that you’ve shared through other channels to make sure that older links still work.
By taking the time to check your urls after your https updates, you’ll reduce the likelihood of your supporters finding any new issues before you do!
Prepare for increased complaints if you can’t get https
Ideally, you’ll be able to improve the security of your site before Chrome’s update is deployed, but if that’s not the case, more of your supporters may see “not secure” errors when using your site.
Make sure you’re prepared for their emails and phone calls by preparing a quick but informative statement. Every person on your team should have these details so that they can easily and quickly respond to your supporters. The more informed and prepared you are with your responses, the better you will foster trust and minimize stress for your supporters and your organization!
Frustrated with your host? Don’t know what to do next? Adding an SSL certificate to your site shouldn’t be stressful, and ideally, should be free! But if your host isn’t helping you out, we may be able to help for a (very) small fee. Get in touch.