You probably received an email from Google announcing that starting in October of 2017, sites that cannot be accessed via HTTPS will be flagged in Chrome as not secure. This is part of Google's push to make the entire Internet secure. To answer this call, Yahoo is working hard on making HTTPS available to all stores and it should be available shortly; definitely well before the deadline set by Google. In some cases, stores will simply be able to flip a switch and make their site secure (conforming). However, other stores, most notably highly customized ones will need extra effort making sure they are ready for the switch.
Also, forms used anywhere in the site (search, newsletter signup, etc.) all need to point to secure locations otherwise they will be flagged as non-secure. A notable example is the built in store search. If you are using the legacy yahoo store search you will have to upgrade to the newer version.
Finally, any third party scripts or tools your site might make use of, which are not secure, will have to be secured as well, but for those you'll most likely have to contact the vendor whose code it is. We will point those out to you if we find them in your store.
What if your site is switched to HTTPS but it is not entirely secure?
If - when it becomes available - you switch your site over to HTTPS but not all parts of the site are secure, visitors to the site will still see a note informing them that the site is not secure. They may, and often will, also receive popups warning them of insecure content and asking if they want to continue - a sure way to turn the vast majority of visitors away.What parts of the site can potentially be non-secure?
Once the switch is available, the main pages of the store will be secure. However, assets used inside the page also need to be secure. The product images - and indeed all images you upload into the editor will be taken care of. Other files linked from the "Files" area of the store editor will probably be secure, but that depends on how such files are linked into your site. If they use hard-coded non-secure (http:) links, then they will NOT be secure. Images used inside otherwise secure CSS and JS files may or may not be secure, again, depending on how those are referenced from within those files.Also, forms used anywhere in the site (search, newsletter signup, etc.) all need to point to secure locations otherwise they will be flagged as non-secure. A notable example is the built in store search. If you are using the legacy yahoo store search you will have to upgrade to the newer version.
Finally, any third party scripts or tools your site might make use of, which are not secure, will have to be secured as well, but for those you'll most likely have to contact the vendor whose code it is. We will point those out to you if we find them in your store.
Comments