Chrome Security Warnings (Sites): The Move Toward A Safer Web
Google first rolled out the security warnings feature for Chrome back in October 2017. Basically, the browser alerted visitors if they were about to share their information through an unsecured connection, particularly for pages with internal search boxes and forms. Nearly a year after, the team enabled the notification for the entire website.
What’s It For
The company has always been clear about its vision of secure web and how all users deserve a safe online experience. The first security warnings update involving forms laid the groundwork for this improvement, which alerted searchers about the risks of connecting to an unsecured page.
Chrome 68 ensures that users can search and browse in peace because their data is safe from prying eyes. The benefit of the alert is two-fold: it helps non-tech savvy searchers understand that they’re entering an unsecured page and encourages webmasters to boost the defenses of their website.
What Were Its Effects
Because of its popularity, Google was able to influence the majority of websites to use HTTPS as a default connection. The team had been working on this vision for about two years, and it has yielded significant results.
At the time when the update rolled out, Google reported that protection for Chrome traffic from Android phones rose from 42 percent to 75 percent while security increased from 67 percent to 85 percent for ChromeOS users. Moreover, the number of top sites that set HTTPs as the default connection was up from 37 to 83.
Chrome has since evolved to incorporate more features with the convenience and security of users in mind. The latest version, Chrome 76, was released last April 2019 for Windows, macOS, and Android devices.
What It Means for You
The web is a vast place where you can find information on anything under the sun. While this is definitely a far cry from when humans had to learn new things by passing knowledge through personal interactions, the convenience and anonymity can have its disadvantages such as emboldening those with evil intentions in deceiving or duping others.
Chrome’s default setting includes the automatic detection of sites that are risks for phishing and malware. These are the alerts that you’ll see when you come across this type of pages:
- Contains Malware – With this warning, the browser gives you a heads up about the risk of automatic installation of malware on your computer. Malware can be used by hackers to gain unlawful access to personal files stored in your smartphone or laptop.
- Deceptive Site – Meanwhile, a fraudulent site warning alerts you of the potential of phishing, which is a practice that tricks users into giving out their personal information by posing as a credible entity.
- Contains Harmful Programs – It’s a bit similar to the first alert since it still talks about malware. However, it doesn’t download the programs automatically. Instead, users are tricked into installing the apps, which opens up the gateways and allow them to access your data.
- Suspicious Scripts – This warning lets you know that the site you’re trying to open is attempting to load dubious scripts from unauthenticated sources.
As a webmaster, you may find that your site is marked with the “Not Secure” flag on Chrome. You can quickly request Google to review your page or website and remove the tag to prove that your site is trustworthy.
Here are the steps on how to request for a Google Chrome review on your page:
- Prepare for the Review Before you can ask for Google to review your website, you should ensure that you’ve verified your ownership of a domain in Search Console. Next, you must scrub your page of any vandalism left by the hacker or elements that may be deemed as deceptive or harmful to the users. Lastly, you need to make sure that your clean site is back online for Chrome to reevaluate its safety.
- Go Through Your Pages Again It’s always better to double-check each part of your website and watch out for any vulnerability that you may have missed the last time you went through them. You can use Wget or cURL to look at the entirety of your site.
- Request the Review Any technical issue that may have caused your website to be flagged as “Not Secure” must be fixed before pushing through with the review. There are different tools you can use for the reassessment based on the type of problem you have, whether it’s a hacked site, malware, or phishing.