Google to Further Penalize Websites Lacking SSL in 2017

By Kimberly Lipari, on September 27, 2016 — 2 minute read

Here’s the skinny…

SSL is a way of encrypting websites to make them safer and less hackable. Google is already penalizing sites that DON’T have this in place. Things are about to get a whole lot worse for pages with logins and credit card forms come January 2017.

All WordPress sites have a login page, and thus, every WordPress site will need an SSL cert to meet this criteria.

Secure sites are identified by two things: https:// in your browser bar and, at times, a symbol or color denoting the status. Take ours for example. We’ve got full SSL in place on our website:

browser bar

Is there a catch? Well, kinda…

Even if you’re using SSL you could still be penalized.

Your site has to be FULLY encrypted. That means those that are using mixed content security, forcing https:// on some pages and not others, will also get you into trouble.

Here is an example of a mixed content site that uses SSL on some content and not others. You’ll notice a lowercase ‘i’ here in a circle to denote more info. Some browsers use an exclamation point. If you click that you’ll see a note like this indicating the non-secure connection:


browser bar 2


Not so bad? Well here is what Google will start doing as first measures in 2017:

browser not secure

Currently this change is restricted to Chrome, however, we’re going to see many browsers following suit. Google even gives raking boosts to sites that use HTTPS and has been doing so for some time now!

Even if you’re not using Chrome yourself you can’t afford to ignore this change. Windows remains a major player in the professional office space. The same can’t be said for its default browser Internet Explorer. In May of 2016 Chrome surpassed Internet Explorer to become the most used browser of desktop users with 41.3% of tracked traffic. This means that you’re turning off a huge portion of site visitors by not getting on board with the change.

You can get the details on the Google announcement here as well as a few more visuals on the proposed immediate changes. Long term we could be looking at something like the current the big red screen warning for those not in compliance:


So what do you do about it?

First, don’t panic. SSLs aren’t beginner territory, but they can be conquered with a little guidance and help. There are some free SSLs out there. In fact your host may even offer one and there are plenty of paid options. Not all SSLs are the same so you’ll have to be very deliberate in selecting one that is best for your content. The important thing is that you do indeed get one. The announcement does not state it will favor one type over the other.

We’re talking to our clients about this and felt it was important to let you know as well.

If you want to talk to someone about getting help to determine your options for SSL and getting your site 100% encrypted then drop us a line at

8 Responses to “Google to Further Penalize Websites Lacking SSL in 2017”

May 04, 2017 at 12:25 pm, What Should You Do If Your Search Rankings Just Won’t Go Up? | PAGE ONE said:

[…] reported that Google is going to roll out even more penalties to unencrypted […]


August 16, 2017 at 12:35 pm, Q3.1 & Q3.2 Release Notes (7/21/17 | 8/09/17) – said:

[…] emails, etc.), encryption is still a crucial improvement for the platform, for two reasons: First, search engines like Google have begun to penalize sites that do not provide an encrypted connection …; moving to HTTPS helps ensure that Google treats LawHelp sites as high-quality search results. […]


October 26, 2017 at 8:41 am, How to Install Free SSL on Your WordPress Website said:

[…] now it’s become commonplace to have them and Google will penalize non-secure sites. You’ll also get a boost in your rankings on Google by having […]


December 06, 2017 at 2:53 pm, How to Start a Blog on Wordpress - an Easy Step by Step Guide said:

[…] what type of website you run and it’s now known that sites without an SSL certificate will be penalised in search results. So, it’s a pretty big […]


November 13, 2019 at 1:10 am, How to setup Let's Encrypt on NearlyFreeSpeech.Net - Véronique Bellamy said:

[…] knowing that you’re contributing to a web that is more secure. I know that for most people, this is just a way to avoid getting dinged by the almighty algorithm. However, we all have a duty to contribute to the security of the Internet. I’d recommend […]


November 18, 2019 at 4:26 pm, Google Chrome to put your website speed on display - Valet said:

[…] 2017 Google said it was going to penalize sites without security certificates. Then in 2018 Google announced that it would be taking mobile page […]


December 06, 2019 at 4:44 pm, All HTTP Sites to be Labeled "Not Secure" by Google - Loud Canvas said:

[…] Click here to read more about Google’s new HTTPS policy in greater detail. […]


Leave a Reply

Your email address will not be published. Required fields are marked *