Google Chrome and Firefox and blacklisting Non-HTTP website which asks for Login Credentials, Understand to Shift to HTTPS shield against browser challenges.
"Impact of front-end architecture on development cost", Viktor Turskyi
Shift to HTTPS and Save Your Website from the Wrath of Blacklisting
1. Shift to HTTPS and Save Your Website
from the Wrath of Blacklisting
2. Shift to HTTPS and Save Your Website
from the Wrath of Blacklisting
3. Abstract
1. Understanding ‘Blacklisting’
2. Recent Developments
3. Why Blacklisting?
4. Avoid blacklisting by embracing HTTPS
5. What is an SSL certificate? What does it do?
6. Benefits of SSL Certificate Installation
7. Final Verdict
4. A recent report suggests Google is blacklisting non-HTTPS sites asking for login credentials.
6. ▪ Being the top search engine in the world places some serious accountability on Google’s
shoulders. It means constant development and optimization of modern technologies, tools,
and techniques to keep cyber attackers at bay.
▪ Blacklisting demonstrates one of the best examples of it.
▪ Fundamentally, Blacklisting is a defense mechanism used to prevent web surfers from
visiting a potentially dangerous webpage/website.
▪ Safe Browsing, a tool developed by Google does this job. Safe Browsing scans millions of
websites and identifies possibly dangerous ones. Then Google raises a red flag by displaying
‘The site ahead contains harmful programs.’ This is shown in the image below:
7. As a part of this blacklisting process, Google eliminates such website from its search engine index
itself, thus making it impossible to access it directly from the search engine. More than anything, the
traffic of the website is impacted the greatest. It is estimated that a blacklisted website loses around
95% of its organic traffic.
9. Recent Developments
▪ Until recently, these security warnings were limited to sites containing mischievous
programs.
▪ Not anymore. Going by the report published by security firm Sucuri, Google has
started flagging non-HTTPS websites that ask for usernames and passwords.
▪ This move is enforced in order to protect the credentials being sent by the client to
the server.
▪ This move is a positive step taken in Google’s long-standing goal of enabling HTTPS all
over the internet.
10. • Google is not alone in this quest. Mozilla made an identical announcement for its
browser Firefox.
• Under which, Firefox will display a gray lock with a red slash for the non-HTTPS sites
containing password field as shown in the image below:
12. Blacklisting?
Web-browsing is an Achilles’ Heel as far as the security of users is concerned.
It is an easy target for online fraudsters to trick users using deceiving files and
links. This is where Blacklisting enters the scene. On seeing warnings raising
concerns over the safety of a website, the user is bound to think twice before
visiting the site.
14. ▪ Google’s love for HTTPS is not a secret to
anyone. Since the mission “HTTPS
Everywhere” was announced, slowly but
steadily Google started putting restrictions
on non-HTTPS websites. The blacklisting of
non-HTTPS websites is another stepping
stone in the tech giant’s great vision.
How to Avoid blacklisting
by embracing HTTPS?
▪ The report published by Sucuri last week
gives some wonderful insights into the
recent developments implemented by
Google. They reported a rise in the number
of blacklisted sites for no reason. The
blacklisted sites were “clean” in their terms.
They reported some of the blacklist review
requests were cleared “only after SSL was
enabled.” As mentioned, SSL certificate
installation is required to get HTTPS
protocol enabled on your website.
15. What is an SSL
certificate?
What does it
do?
5
16. What is an SSL certificate?
What does it do?
▪ In Layman’s terms, an SSL
certificate is a modern, digital
form of an envelope seal. With a
countless number of users
sharing their delicate, confidential
information on websites, there is
a need to protect such data from
coming into the hands of cyber
criminals. This is what SSL
certificates are intended to fix
and that is exactly what they do.
▪ On an SSL-enabled website,
every tiny bit of data shared by
users is transformed into an
undecipherable strand of
numbers, alphabets, and special
characters. This conversion from
an original format to unreadable
from is referred as Encryption.
▪ In the wake of this
conversion, it is an effectively
unthinkable task for any
cyber attacker to decipher,
read, and tamper the
information. As a result of
SSL installation, trust
indicators such as padlock
and green address bar are
enabled on the website.
18. Benefits of SSL Certificate
Installation ▪ Without a shadow of a doubt,
the central idea behind the
SSL installation is the
protection of your site’s
visitors’ data. However, this is
just the tip of the iceberg. The
adoption of HTTPS offers
numerous improvements over
HTTP.
19. 1. Google Ranking
▪ In 2014 Google declared to give
advantage to HTTPS enabled
websites in terms of search engine
rankings
20. 2. Malware Scanning & Vulnerability Assessment
▪ Some of the SSL certificate brands offer tools such as malware scanning and
vulnerability assessment. These tools can be of immense help to prevent your site
from being infected by viruses and malware
21. 3. Customer Trust
▪ As far as the customer trust is concerned, the trust signs prove to be a key factor
22. 4. Boost up Business Conversation
▪ For business sites, with improved trust from customers, there are fewer abandoned carts,
which increases order conversion percentage
24. Final Verdict
7 ▪ Whether you agree or not, SSL is the way
forward. The only question is–whether you want
to be a part of this wonderful change and reap
the fruits now or you want to regret not doing it
sooner.