Google Penalizing HTTP Websites as “not secure”

Beginning in October, the Google Chrome browser will begin informing your clients their data is “not secure” on any pages that have forms or login fields. This is part of Google’s long-term plan to mark all websites that still use the old HTTP protocol as “not secure.”

HTTP means HyperText Transfer Protocol. It is the protocol (or rules) used by the Internet to define how text and images are formatted and transmitted, and what actions Web servers and browsers should take in response to various commands. For example, when you type in


You are telling your browser to use the HTTP protocol to go to the Internet (a.k.a. World Wide Web, or www), find the page titled, and display both the text and images on that page on your computer screen.

Why the change?

HTTP has become so ubiquitous that no one even bothers to type it any more. Every browser assumes you mean HTTP, so they just put add it for you.

However, in addition to HTTP there is a second, less well-known protocol called Hypertext Transfer Protocol Secure. HTTPS is a variant of HTTP that adds a layer of security from the time you type something in your browser and a new page is displayed.

When you use HTTP, everything you type into a browser is send over the Internet in plain text available for anyone who has the right software to see. When you use HTTPS, everything you type is hidden online. This is why all banks use HTTPS when you use online banking.

What does this mean for me?

For photographers, the 2 places this will have an immediate impact is on 1.) contact pages and 2.) online customer proofing. Clients will be much less likely to contact you from your website if they see “not secure” or a warning message about security on a page.

How can I fix this?

It will be tempting for most photographers to simply ignore the problem. However, in the short term the proactive solution is to review every page that asks for some type of customer input.

For example, if you have a contact page with a contact form, you may have to upgrade your website from HTTP to HTTPS. This is especially true if you have a custom-made or WordPress website. Unless you are very technical, you will probably want to hire a contractor to make this change for you. While you could simply remove the contact form, it will lower the number of potential clients who contact you via email.

If you have an online proofing service, check with their support team to see if they have already upgraded to HTTPS. It may be as simple as changing the links to proof jobs on your website from HTTP to HTTPS in your website’s menu.

The good news is that if you have a cloud-based photography website like Smugmug or Zenfolio, all the work is already done for you. These sites are already upgrading their websites to use the HTTPS protocol.

What happens if I wait?

Like not having a mobile website, over time Google will penalize you if your entire website is not HTTPS. You may not notice it this month or next month, but over time it will decrease your SEO and lower the chances potential clients will be able to find you online.

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *