Do you need HTTPS on non-ecommerce websites?


HTTPS (Hyper Text Transfer Protocol Secure) has always been deployed on e-Commerce website as soon as the customer goes to the lower funnel in the checkout process. Primarily, the role of HTTPS was to protect credit card and other prominent personal information transmitting via a form by encrypting in the e-Commerce environment. Yes, that made perfect sense to secure your sensitive personal data from the prying eyes. HTTPS is also a factor on SEO for higher rankings.

HTTPS and Non E-commerce Websites

On non-ecommerce websites, forms are used to transmit personal data (such as name, address, phone numbers etc) however there is no credit card involved so the need to have a secure protocol of HTTPS has been optional so far. Yes, it’s a good practice to maintain HTTPS however, it has NOT  been a requirement. Until October 2017!

What is happening on HTTPS on October 2017?

Starting October 2017, Google on Chrome (v. 62) will show a “NOT SECURE” warning when users enter text in a form on an HTTP page, and for all HTTP pages in Incognito mode.

Any text input fields (such as < input type=”text” > or < input type=”email” >) will trigger the new Chrome warning.  Google is forcing all webmasters to use SSL wherever every form is involved so the users’ data is protected.

Chrome HTTPS security warning starting from October 2017



Solution: Migrate to HTTPS and Immediate Headaches for Small Businesses

Clearly, to avoid the warning on Chrome, now migration to HTTPS is a MUST. This is going to be a major issue for all small to medium websites. Beyond October 2017,  if you have any form on your website including Contact Us form, you need to have HTTPS. Here are some factors to ponder upon:

  • Cost: SSL cost range from $69 and upwards. This is an annual overhead cost.
  • Technical Application of SSL: Purchasing, and applying SSL certificate is a technical task. Not all small business owners may be able to handle this on their own. While moving to Secure HyperText Transfer Protocol, this HTTPS migration list needs to be reviewed?
  • Complexity of migration: Once the SSL is applied. you’ve to make sure all websites are now only in HTTPS. If you’ve both HTTP and HTTPS versions with 200 OK, then you would have these issues which will hurt your existing SEO.
  • URLs, Re-directions, and data integrity: Finally, the impact of HTTPS on GA data needs to be analyzed after all marketing URLs need to be updated to HTTPS version. This may cause a lot of redirection issues as well as this GA data issue.

Once a website is fully on HTTPS, it’s all good however until that happens this new HTTPS move will force many businesses to invest time and money into migrating from HTTP to HTTPS. Security has price!



About Ujjwal Bhattarai

Ujjwal is an engineer by education, a programmer by hobby, and an internet marketer by choice. Other than 1 minute chess, and biking, his passion includes SEO, SEM/PPC, CRO, and Web Development. As a lifelong student of Internet Development, he is hopelessly addicted to Internet, and sincerely believes after fire, wheel, and decimal point, internet is the fourth most important invention in the human history. Catch up with him on Twitter at @uj2wal or at his Google+ .

Leave a Reply

71,628 Spam Comments Blocked so far by Spam Free Wordpress

HTML tags are not allowed.