As the internet has evolved so has its needs. In the past, only forms and sections of a website that transmitted highly sensitive information, such as a checkout page that collected a user’s credit card, was protected by an SSL certificate. Today there is a transition happening, which includes shifting your website from HTTP to HTTPS. There are 3 main reasons to make the switch.
Google now says HTTPS plays a factor in its ranking. Being an agency, we know how hard we and our clients fight for every advantage we can to get a higher ranking. When Google says something plays a factor in your ranking, it’s important to listen. Why would Google do this? Looking through the good intentions set of glasses for Google, they want a safe experience for their users. This brings us to our next point.
HTTPS encrypts all communication, including URLs, which protects things like browsing history and credit card numbers. With HTTP, information is transmitted in plain text which makes it easier for traffic sniffing (eavesdropping) and man-in-the-middle attacks. If a company has a shopping cart and only the checkout pages are utilizing HTTPS, a hacker could attack an insecure page (HTTP) and redirect an “add to cart” button, for example, to go to a 3rd party site to steal sensitive information. Having entire HTTPS site can protect against these types of attacks. It’s important to note that it won’t make a website safe from all attacks. No single method can, but it can greatly increase the security of a website.
Web browsers will start to mark HTTP websites as insecure. Today, an HTTPS page will include a green bar or padlock in the address bar. Google and Firefox have both stated that they will mark HTTP sites as first dubious and then insecure. The reason is that HTTP connections are insecure since there is no encryption taking place. By remaining on HTTP, your website could convey to your users that it’s insecure and drive away visitors.
How do I switch my website to HTTPS?
There are a few steps involved, but the first one is to get an SSL certificate if you don’t already have one. You can buy an SSL certificate from as low as $10/yr. up to around $60/yr. on average. There are even a few free SSL services out there, but we recommend buying your own, especially if you are using your website for business purposes. After, purchasing your SSL Certificate and getting it configured with your web host, you will want to redirect users from HTTP to HTTPS. There are proper steps to take to make sure you don’t cause broken links or disrupt your search rankings, but your website can make the switch in a short period of time.