There are two options to make your website always secure. Both options use the .htaccess file to redirect visitors to HTTPS (secure), since websites send visitors to HTTP (non-secure) by default.

Note: For WordPress websites, in WordPress Settings -> General, the “WordPress Address (URL)” and “Site Address (URL)” fields need to be changed from http to https (see example screenshot below).

Deadline: Google Chrome has announced the following change to how Chrome handles HTTP (non-secure) websites:

For the past several years, we’ve moved toward a more secure web by strongly advocating that sites adopt HTTPS encryption. And within the last year, we’ve also helped users understand that HTTP sites are not secure by gradually marking a larger subset of HTTP pages as "not secure". Beginning in July 2018 with the release of Chrome 68, Chrome will mark all HTTP sites as "not secure".

Developers have been transitioning their sites to HTTPS and making the web safer for everyone. Progress last year was incredible, and it’s continued since then:

• Over 68% of Chrome traffic on both Android and Windows is now protected
• Over 78% of Chrome traffic on both Chrome OS and Mac is now protected
• 81 of the top 100 sites on the web use HTTPS by default

To learn more about the Google Chrome Web browser change, visit:

https://security.googleblog.com/2018/02/a-secure-web-is-here-to-stay.html

Please let us know if you have any questions or need further help.