Google announced in 2014 that all websites should be using HTTPS to create a more secure internet. There are a number of issues with communication over the internet and HTTPS addresses this.
The Big3 Reasons:
- Data Integrity
In January 2017 Google began displaying the security of the connection in the address bar of Chrome version 56 and on any pages that display a password and/or a credit card field.
It’s now October 2017 and Google’s warning from the spring regarding any website that has any kind of text input will require SSL certificate to avoid the Not Secure warning in the address bar has come to fruition.
Google has always encouraged website owners to implement SSL certificates and even rewarded Websites using SSL with a ranking boost. This was a confirmed ranking signal in 2014, but now it seems Google is blacklisting non-HTTPS websites that allow password and/or a credit card fields to be filled.
Does This Affect Your Website?
- Does your website include any type of contact form, login panel, search bar or any text input fields?
- Is your site using HTTP rather than HTTPS in the address bar?
If your answers are yes, you need to get SSL on your site.
What HTTPS means?
HTTPS (Hypertext Transfer Protocol Secure) safeguards the communication between a website (web server) and your internet browser by encrypting all the transmitted data. This prevents eavesdropping and tampering with data, allowing for a safe and secure transfer of credit card, banking or personal information.
Then What is SSL?
SSL (Secure Socket Layer) is the cryptographic protocols that help encrypt communications over a computer network. You purchase an SSL certificate if you want your website to encrypt the transmission of data between the server and the client.
Why do I need HTTPS?
Back in the day, HTTPS was primarily for ecommerce websites or sites that did online financial transactions. Now, there isn’t a single good reason for any website not to purchase an SSL certificate.
Here are the 3 main reasons:
Verify Ownership (Authentication) – visitors can verify the SSL certificate belongs to the website they visit
Data Integrity – prevent hackers from tampering with client information while the data is in transit.
Encryption -this make sure communication is secure between your client and your webserver (website) and only authorized people are reading those communications.
How to go from HTTP to HTTPS
While there are several necessary steps to doing SSL install, it is a relatively simple and cost-effective procedure. Most hosting companies will likely assist in the upgrade but always make sure that other non SSL and server procedures are taken care of. Here are several items you will need to switch to HTTPS.
- Make sure to secure the correct certificate
- Install the SSL certificate on your webserver
- Configure your website to point to HTTPS instead of HTTP.
- Redirect all incoming requests for HTTP to the location of the HTTPS website.
- Google Search Console will need to Re-verify ownership of your site, and you will need to update the location of the sitemap.
- Google Analytics web property configuration will need to be updated
- Make sure to test change over was successful.
Although your domain is the same, you now have a new website address with the https prefix. Which is why the redirects, analytics, search, marketing or content delivery systems need to be updated to your new secure site URL.
During the change over Google will need to re-index your site and there is a chance that traffic to your site will drop briefly. This is also another important reason you want to make sure all your redirects are working correctly.
Remember the decision isn’t whether you will make the HTTPS switch but WHEN. The good news about your move to HTTPS is that Google will love you…or at least trust you a little more. We have experienced site rankings go up once moving to HTTPS and believe you can still get a little Google boost reward for the switch.
If you need help to make the switch contact Big3Media at 778-200-3130.