For a few years, Google has been encouraging website owners to use HTTPS on their websites. They have added HTTPS to their search algorithm as a positive “ranking signal.” This means that they consider HTTPS usage as a positive factor when determining your site’s position in search results.
Earlier this year, Google released a new version of their Google Chrome browser, and they started to warn users that their connection may not be secure when they use Chrome when visiting a non-HTTPS website. With this release, they will now flag sites that don’t support HTTPS in increasingly punitive ways. Chrome commands over 50 percent of browser market share, so ignoring the use of HTTPS is not an option for website owners.
What is HTTPS?
HTTPS stands for Hypertext Transfer Protocol Secure – a complicated mouthful that indicates that the website has an added layer of security that goes above and beyond regular HTTP domains.
HTTPS add three key layers of protection:
1. Encryption – encrypting the exchanged data to keep it secure from eavesdroppers.
2. Data integrity – data cannot be modified or corrupted during transfer, intentionally or otherwise, without being detected.
3. Authentication – proves that your users communicate with the intended website.
How can I tell if my site is using HTTPS?
Open your website in a browser, look up in the address bar to see if you see a green “HTTPS” and lock icon, similar to the following image:
If you get a green lock, great! If you get any other type of message or warning, you don’t have a properly configured SSL certificate on your site.
What to do if my site doesn’t have HTTPS?
Generally speaking, most hosting providers have a service to allow you to enable HTTPS/order SSL certificates. Thanks to Let’s Encrypt, SSL certificates can be obtained for free and renew automatically (renewing SSL Certs is typically a technical pain point). Most hosting providers have a Let’s Encrypt integration that will allow you to quickly and easily add HTTPS to your website. However, configuration is required to move from HTTP to HTTPS and it will likely require the assistance from the company that built your site.
What’s the takeaway?
Here are a few reasons to consider securing your site:
- If you are building a new site (or have had a site launched in the last 12 months), ask your hosting provider about securing/encrypting your site. It will be well worth the effort and very helpful for the future of your site. Ask specifically for a Let’s Encrypt SSL Cert, as they are free and renew automatically.
- Visitors can verify you are a registered business and that you own the domain. (Customers are more likely to trust and use websites that use HTTPS).
- If you sell anything or have sensitive/private information sent through your site, SSL is a must! Customer information, like credit card numbers, is encrypted and cannot be intercepted.
- HTTPS gives your website’s SEO a boost in ranking. If you are interested in getting a competitive edge in your organic search ranking and secure the top spot, you will need to add https to your domain.
- And last but surely not least, AMP requires https. Google developed AMP, Accelerated Mobile Pages, to ensure that content has been optimized and streamlined so that it displays quickly and correctly on the screen of a smartphone. Research has shown that people use mobile devices far more than desktop these days and Google has already made it clear that moving forward, mobile optimization will be a huge ranking factor. In fact, it is safe to say mobile optimization is the future of SEO.
At this point, switching over to HTTPS should be a no-brainer. Increasingly, modern browsers and most progressive web apps require https to perform properly, so if you haven’t yet added https to your website, it could be only a matter of time before you have little to no choice in the matter.
If navigating these options or making changes to your website files seems overwhelming, please don’t hesitate to reach out. We will be happy to answer your questions about website hosting.