| Table of Contents |
|---|
...
HTTP is the protocol used to transfer a websites data from one computer (the web server) to another (your web browser) over the Internet.
HTTPS is a secure or encrypted version of this protocol; Where the transfer of website data from one computer (the web server) to another (your web browser) over the Internet, is secure or encrypted and private. In order for a website’s data to be available via HTTPS, something called an “SSL certificate” which is provided by a 3rd party company called a Certificate Authority, needs to be purchased and installed on your web server. This certificate is used as a form of ID, for you to check and prove the website you are visiting is the real website you were expecting to visit, and not a fake one set up by hackers.
...
Your website’s security has not changed recently, but the messages about security being displayed in your web browser has. Specifically, Google Chrome and Mozilla Firefox are both is reporting “not secure” messages on any non-HTTPS page, whilst Mozilla Firefox reports the message on a HTTP page where a “password” field exists. This may be your home page if you have a login bar, a separate login page or your registration page.
Additionally, this message will be displayed on all HTTP pages where Credit Card information is entered, although this is not relevant as your Straightsell website Credit Card entry page is already served via HTTPS, and is secure, encrypted and private.
...
- https://security.googleblog.com/2016/09/moving-towards-more-secure-web.html
- https://security.googleblog.com/2017/04/next-steps-toward-more-connection.html
- https://blog.chromium.org/2018/02/a-secure-web-is-here-to-stay.html
Mozilla Firefox®:
...
We are aware of these changes and are investigating what is involved in being now able to offer our customers full site HTTPS, to be able to which will serve every page of your website securely with encryption, and plan to have this in place by October 2017.Whilst we work on this, we have come up with an optional interim solution that reduces the “not secure” messaging from being displayed on your website . This involves creating new login and registration pages that are served via HTTPS, securely with encryption. You can see an example of this on the Standard ‘Responsive Web Design’ eCommerce demonstration websites, available from our website here, http://www.straightsell.com.au/site/pages/standard-design-eCommerce-website.php. Test it out by loading any of the websites in the Chrome or the Firefox browser and viewing the login and register pages, noting they are shown to be secure, encrypted and private.
If you would like more information on having the optional interim solution full site HTTPS put in place on your current website, please log a service request in the Straightsell Help Centre and we will be in touch.