Have you seen one of these pop up when you click a link to visit a website?
I sure have.
And the latest Google Chrome 79 update comes down even harder on these unsecured sites, called “mixed content.” More on that in a second.
Here’s the TL;DR: If your site is still hosted only on http:// (not https://) or links to http:// sites in hyperlinks, read on. Google recommends taking steps “immediately” to avoid broken links and ravaged user experiences. These extreme steps are starting in February 2020.
Google Chrome 79 dropped; the internet responds
Hot news, hot news.
Not this week, but last October. But we’re just starting to feel the effects as seriously implemented in the update Google pushed just last month, in December 2019.
Not that exciting to you? Not exactly the same effect as a new Rihanna or Kendrick Lamar album dropping, is it?
Well, you best read on and rethink.
What is mixed content?
As a digital marketer, content marketer, leader in marketing as a digital agency…you should care. Chrome 79 has impacts that are extremely important and far-reaching, namely for content and domains that are still on http:// instead of https://, but also those entities linking to http:// sites in their own content.
Well, that last point about includes most of us.
In short: Google products are beginning to depreciate mixed content (anything requiring http:// to load), now imposing physical limits of visiting those sites, throwing a huge snag in the UX to sites lagging to get their domains secured. While it isn’t directly impacting search engines *yet*, this move is considered by many experts to be directionally where Google is headed in the nearer-term.
Google cares a lot about keeping people safe and ensuring that clicks from their search engines results will result in content that a) both serves their search intent, but also importantly b) is secure and safe for the searcher.
Which brings us to mixed content.
Sure, it doesn’t *prevent* you from visiting that site, but it may as well. Dropoffs after these messages are displayed are a death sentence for *any* piece of content.
It may not apply to your domain directly, but if you link to any sites in any of your content that are still at http:// only, your users receive similar messages to these to links that you’re associating with by hyperlinking them.
From Google with the Google 79 launch,
HTTPS pages commonly suffer from a problem called mixed content, where subresources on the page are loaded insecurely over http://. Browsers block many types of mixed content by default, like scripts and iframes, but images, audio, and video are still allowed to load, which threatens users’ privacy and security. For example, an attacker could tamper with a mixed image of a stock chart to mislead investors, or inject a tracking cookie into a mixed resource load.
Okay, but Google rolls out updates like this all the time. How is this different?
While as with most software rollouts with Google, it’s unclear how much we can assign to the algorithms behind closed doors, but with this, it’s clear that Google has begun a depreciation of http:// pages, i.e. mixed content, in favor of its more secure https:// counterparts.
Google has stated that by Chrome 81, rolling out starting in February 2020, it will begin BLOCKING mixed content, not just displaying these warnings.
Chrome is a big browser now, but Google will likely rollout these sorts of behaviors/favorings of secured sites to other browsers for their search engine as a result.
Boom, internet at large impacted.
What can you do?
Check your site for mixed content. Migrate that mixed content to https:// , in the words of Google, “immediately to avoid warnings and breakage.” More technical info and resources here.