eBay non-secure content in listings needs fixing now
eBay have reminded users that the eBay non-secure content policy requiring you to remove images from your listings needs to be heeded. The reason for this is not eBay trying to be awkward but due to a change by Google in their Chrome browser and Firefox where they flag sites which are supposed to be HTTPS but in reality still display HTTP content.
Normally when shopping on eBay you would expect to see a green padlock in the browser bar which if you click on confirms that the site is secure and you’re on the genuine eBay site. However if a seller has included non-secure content then the green padlock turns grey on the view item page and the user is warned that their connection to eBay is not secure. This isn’t going to make buyers love eBay and trust the site which is why it’s imperative that eBay take action.
What is eBay non-secure content?
The most likely cause of non-secure content in your eBay listings will be if you host images on your own server. You may already have access to an SSL server enabling you to display HTTPS content, in which case it’s a relatively simple (but tedious) process of adding a link to your listings URLs to change them from HTTP:// to HTTPS://. If your host doesn’t offer a secure server then unfortunately you’ll either need to upgrade your hosting, change your hosting, or remove images from your listing descriptions.
eBay non-secure content may also be the result of using CCS or HTML5 in your listings which will be more troublesome to address but will still need to be done.
eBay non-secure content alerts and forced compliance
If your listings contained non-secure content as of the 13th of November then eBay will start to notify you that you need to edit your listings. Emails will be sent to sellers between the 24th of November and the 8th of December so keep a look out for any alerts.
From February 2018 any eBay non-secure content listings will start to display a short snippet of the item description. Full item descriptions will be one click away to keep eBay secure and make sure your listings don’t display a browser security warning to buyers. This is obviously a non-optimal buying experience and easily avoided if you fix your listing content ahead of time.
Check you listings for eBay non-secure content
eBay have provided a tool which should flag any of your current listings which need editing to remove non-secure content.
It is all well and good, all of us running around and changing all of our listings when ebay’s own item revision pages aren’t even secure!
Maybe they should get their own house in order before pushing the requirements out to everyone else!
Agreed. It would be good if we could print off the dispatch notes from the secure page too, but we can’t, like many others over on the forums.
All a bit shrill, isn’t it? In most browser experiences, I’m prepared to bet that most buyers won’t even notice the difference. We can’t really know if there’s any conversion variation yet as there’s hardly been long enough to test it out.
And yet we have these calls to make emergency changes to make, deadlines, threats. Ugh. Chill out.
The tool to show which items are insecure is good. Great we’ve got that. Finally. It’s hard to find, though. Not linked from Seller Hub, not available on the active listings tab. Not a search option. Not in fact to be found at all apart from in Tamebay articles and emails. Secret squirrel.
And the button that says “fix this”. Convert http to https in the listing content. Where is that? Won’t work for all issues, but many of them that will be the solution, together with ensuring the webserver has the certificate and it’s all done.
At least the sanction is to mess around with the listing rather than to actually take it down and throw the seller off eBay. This is a step forward! Well done eBay in starting to take some of the strain with these changes. Much much more to do here, however.
People will still get the Connection is not Secure message/padlock/warning if they venture into ebay messages 🙁 You can’t pin that one on the ebay sellers!
And they might be even more put off by the occasional page hijack, again caused by ebay being slack. In this case, they fail to police the adverts that appear on the top of their pages, easily allowing entry to the dodgy pop-up brigade.
Why would that matter?
eBay are concerned about their sales and products not being displayed on Google search, messages and and product revision pages don’t need advertisement do they?
Lots of people are overly paranoid about using the internet generally and ebay in particular.
Green padlock throughout the whole ebay process, not just on view item pages, will help make buyers feeling safe using eBay. But it isn’t constantly there as things stand. Go into my messages for example and it’s gone. Instead, depending on what you use, “Connection Is Not Secure” appears. That could worry some people.
The page hijacks from scripts in bad adverts that ebay has failed to weed out will also make some people think, hang on a minute, I don’t like this, I’m off to Amazon.
That’s lost buyers and lost business, hence it mattering.
All ebay shops link from this URL, all shop homepages are insecure.
You are right when we are logged into ebay we have the unsecure icon at the top.
It says that the site could be hacked and not to enter any personal information.
What on earth is going on
All my “insecure” warnings from eBay have been caused by their “Powered by Turbolister” icon, which eBay itself put on all my listings from the Turbolister era. If eBay put it on, can’t eBay take it off again, instead of sending me threatening messages?
Are ebay suggesting that until we amend the listings our ebay log in’s are not secure ?
@Janine – No that’s not how it works, everything that needs to be secure is secure i.e. the log in and checkout stages.
The necessity to have your listing pages secure is very important in terms of customer perception and sales.
Whilst there is no real need for an item description to be secure as there is no sensitive information being passed, majority of joe public doesn’t know that and would understandably be put off and most likely choose not to purchase from you when the major browsers are flagging up security messages at them.
There seems to be endless debates about this. Lets be honest, ebay have been giving us fore-warning about this for months (if not years). It just needs fixed.