It's HTTPS or Bust: How to Secure Your Website
Come July 2018, with the release of Chrome 68, any site not protected with Secure-Socket Layer/Transport Layer Security (SSL/TLS) will be marked with the red-triangle of an insecure site. Unless you secure your site, you can kiss your web traffic goodbye.
To secure your website, you must install an X.509 Digital Certificate, generically called an SSL certificate, on your server. A trusted third party, called a Certificate Authority (CA), guarantees the Digital Certificate's authenticity with a Digital Signature, so your visitors can be sure they are where they thought they were going.
There are many CAs. Some of the best commercial ones are Network Solutions, Entrust, and Symantec. Prices for certificates from a major provider range from $50 to $500. You can also get a free certificate -- that's every bit of good for most purposes -- from the non-profit Internet Security Research Group (ISRG)'s Let's Encrypt.
Read more at ZDNet