Over the last few months, I have had multiple clients come to me with a request to move their site from HTTP to HTTPS. This process may seem simple but for an established site with good traffic coming from search engines the transition can be a risky move. Let’s talk about what HTTPS is, why you should be using it, and some of the benefits.
What is HTTPS anyway?
For a few decades, most web traffic has been communicated over HTTP, the Hypertext Transport Protocol that moves information across the internet unencrypted. HTTPS stands for HTTP over SSL, HTTP over TLS, or HTTP Secure, and it means that the information is encrypted before transport to provide a more private and secure web experience. The delicate issues of privacy, security, and encryption continue to gain more mainstream buzz as consumers have become more concerned about these topics.
Google prefers sites that are available over HTTPS
Back in 2014, Google made a strong move to put pressure on sites to use HTTPS instead of HTTP by making it a factor in search engine rankings. We all want better search engine rankings, right? So don’t get left behind because your site is on HTTP instead of HTTPS.
In January 2017, Google released an update to Chrome that adds a “Not Secure” warning near the address bar for any non-HTTPS pages collecting sensitive information like passwords, credit card numbers, etc. WordPress login forms will show this warning if the site isn’t using HTTPS, and this can hurt your reputation with site visitors or potential customers.
All major web browsers have decided that they will only support HTTP/2 over TLS so using HTTPS is the the first step to gaining the benefits of HTTP/2. If your web host supports HTTP/2 you can look forward to improved performance due to the single connection with multiplexing and header compression. The switch to HTTP/2 can be very easy and there really isn’t much downside.
Some web hosts like SiteGround and WP Engine have integrated HTTP/2 in their hosting configuration so that as soon as your site has an SSL certificate (HTTPS) the benefits of HTTP/2 are available to compatible browsers.
New sites have no excuse not to be on HTTPS
The move from HTTP to HTTPS can be a scary process for existing sites, but anyone starting a new site or who has a site with limited search engine presence should be using HTTPS now. Don’t waste your time by establishing your reputation at an HTTP url just to have to redirect that traffic and be reindexed by the search engines in the future when you switch. If you are starting a new site please just set it up with HTTPS from the start and reap the benefits.
Getting an SSL certificate
A lot of smart web hosts are implementing Let’s Encrypt’s wonderful Free SSL certificate service into their hosting control panels, lowering the barriers to HTTPS usage for everyone. I wouldn’t recommend the Let’s Encrypt certificate for serious ecommerce stores or sites that will be storing very sensitive information, but for most small business sites, membership communities, and blogs it is a great improvement over not having any encryption. For sites that require a more comprehensive SSL certificate, those can be purchased from your web host or companies like Comodo, Digicert, or GeoTrust. The process to obtain one of those premium certificates is definitely more time consuming and thorough, but it also shows the users of your site how serious you are about security and protecting their privacy.
It isn’t a question of if you should switch to HTTPS, but when
The percentage of sites runnings HTTPS is growing rapidly and moving to HTTPS has its benefits, but large sites should take the time to carefully plan, prepare, and execute the transition. A site running HTTPS is better for the visitors of the site, can help your sites search engine rankings, and allows your site to use HTTP/2.
If you run a site, then moving to HTTPS should be on your radar. Don’t take too long to jump onboard the secure train.