Following the path of Google Chrome, Apple makes its mobile Safari on iOS 12.2 and up to show and give “Not secure” tag on websites that is still using “http” instead of “https”.
HTTP vs HTTPS
In case anyone here wondering what’s the difference between website using “http” compared to website that is using “https” (eg: http://jilaxzone.com vs https://jilaxzone.com):
“http” is short for HyperText Transfer Protocol, while “https” is short for HyperText Transfer Protocol Secure. Notice the additional “Secure” behind.
Websites that use “https” instead of “http”, the communication happens between the server and the browser – your browser – are encrypted – this is happening when you are opening the website and/or perform interaction within the website, such as clicking menus and login.
Showing “Not Secure” is a Good moves but devastating to website owner
For end users, browser showing “Not secure” when opening websites that are still using “http” instead of “https” is considered a good move as we – as end users – can quickly know whether certain websites we are visiting are secured or not.
However at the same time, the move of giving tag “Not secure” can be misleading to some which end up pretty devastating and bad for website owners who haven’t moved and used the https protocol.
For casual users who do casual browsing, they may end-up feel afraid to browse pages on any “Not secure” websites when they see the “Not secure” wording next to the website address. They may straight away close the pages/websites. The impact will be on website owners, like me, seeing a drop on website visitors.
This blog – jilaxzone.com, for the record and at the time this article is written, is still using “http” and not “https”, thus opening any pages on this website, you should see “Not Secure” on your Safari address bar if you are on iOS 12.2 or up, or if you are using browser like Google Chrome.
Not all websites require “https”. For some, “http” is good enough.
Take for example, this blog – jilaxzone.com, so far the it doesn’t store any users login and password. This blog also doesn’t sell anything that requires credit card, pin or such to be stored or passed over. Basically no sensitive information are being transmitted from/to your end.
So for this case, “http” is actually more than enough. There’s really no need for “https”. There’s also plenty of other similar websites that does similar things to this blog – they don’t transmit/ask for sensitive details, “http” is more than good enough.
Website Owners should convert website to HTTPS
To get rid of “Not secure” tagging on the browser’s website address, the website has to be converted from “http” to “https”. And that involves buying an SSL certificate and quite a lot of configuration here and there.
For many of website owners like me, buying an SSL certificate shouldn’t be a big deal – SSL certificate costs money and has to be renewed yearly, but configuring the website and the process of converting it to “https” is the one that makes most of us – at least me – to postpone and keep the plan in view.
However, since now Apple has done the same like what Google did – showing “Not secure” tag on any “http” only website, and considering Apple iOS market share that is huge – there are millions to billions active iOS users out there, plus likely all other browsers shall follow the same path – since that is the direction, I would encourage myself and other website owners to convert the websites to use “https”.
For Life, Tech tips, iOS and Android Apps and Games quick review, do visit below:
Hi, thanks for reading my article. Since you are here and if you find this article is good and helping you in anyway, help me to spread the words by sharing this article to your family, friends, acquaintances so the benefits do not just stop at you, they will also get the same goodness and benefit from it.