HTTPS Is Now The Rule

With fraudulent Internet activity on the rise, many business owners are taking a good look at their website’s security. Should you run your website securely under HTTPS, which offers an additional layer of security, or should you stick with the standard HTTP web transfer protocol?

These days, we highly recommend that all websites run under HTTPS, even if they are simple and do not collect private information or process financial transactions. HTTPS is quickly becoming the standard, so you might as well get ahead of the game and migrate if you haven’t already. Looking at the recent Google notices, we are quite certain HTTPS will be the norm before we know it.

What is HTTPS and Why Do You Need It?

HTTPS is a secure version of the HTTP protocol used to access websites and transfer information on the Internet. It creates a secure connection and encrypts the data sent between a user’s browser and your website. Encryption protects the confidentiality of digital data transmitted on the web and ensures information in transit is protected from attackers. HTTPS also tells your browser to display an icon to your website visitors, indicating the site is secure. This typically appears as a green padlock in front of the web address.

HTTPS secures and encrypts your private information.

• Passwords
• Personal Information
• Payment or Financial Data

No Reason to Wait

It’s not expensive. SSL certificate prices are down and are also discounted for longer-term certificates. There are even free alternatives available.

It’s not difficult to set up. There are many steps involved, but a qualified developer will know exactly what to do.

It does not slow site performance. Some people think running HTTPS will slow down a website. With advancements in certificate technology (SSL being succeeded by TLS), this couldn’t be further from the truth. In fact, HTTP vs HTTPS tests show sites load faster over HTTPS.

Ancillary Benefits

Running your site over HTTPS has benefits beyond just encrypting and securing website data.

• It establishes trust and tells your site visitors that you are serious about security and protecting their personal information
• HTTPS helps ensure the Internet is a more secure place overall
• Google has confirmed that it is using HTTPS as a ranking signal
• Over time, Google may decide to place more emphasis on HTTPS because “we’d like to encourage all website owners to switch from HTTP to HTTPS to keep everyone safe on the web” – Google

So, with all these benefits, you should plan to migrate to HTTPS now.

Google’s Warning – Full HTTPS and Mixed-Content

In August 2017, Google sent notifications to site owners via Search Console regarding HTTPS. Google will begin marking non-HTTPS pages that contain text input fields, for example, contact forms and search bars, as “NOT SECURE” in Chrome 62 starting in October 2017. Google and other large web services want sites to execute fully under HTTPS. In other words, you are being encouraged to run ALL of your pages and content, not just some of it, over HTTPS. If you choose not to, browsers will alert your users.

Some browsers, including Chrome, are beginning to “warn” users that they may be at risk and to display a site as grayed out in the browser bar if it is not fully secure. Secure sites will display a green padlock next to your web address.

So alarms are about to go off if your site isn’t HTTPS, and it could impact your ranking on Google!

Contact us if you have questions about moving your site to HTTPS.

Further Reading and Resources

• How to install SSL certificates