You’ve probably heard a lot about HTTPS in recent months. For those who don’t know, HTTPS stands for Hypertext Transfer Protocol Secure. It’s the secure version of HTTP. If you look at any website address, they all start with http://www. or https://www. This tells you if a website is secure or not. You should also see a small padlock next to the URL in your browser if the site is secure.
In its simplest form, HTTPS allows information transferred between the user and your website to be sent using a secure protocol. Without the HTTPS, information can be intercepted for both malignant and benign reasons. This can vary from hackers trying to extract sensitive information about your website users, right down to nuisance hackers just trying to interrupt your website performance.
The most common way to secure your website is by purchasing an SSL certificate. This certificate binds together your domain name, server name or hostname with an organisation identity or location. In simple terms, it’s like the equivalent of showing your ID before buying a beer. Only you can use that ID and it proves to the bartender that you who you say you are.
In internet terms, purchasing an SSL certificate will activate the padlock symbol in the URL bar and allow your website to use a secure protocol to transmit encrypted information which is much safer for website users.
Why is HTTPS important?
In recent months, some web browsers have started to favour HTTPS over HTTP. When using a browser such as Google Chrome, you may find that navigating to an HTTP website results in a warning message. This can be disastrous for your website as users are unlikely to override these warning messages. This can lead to customers assuming that your website is unsafe.
According to Google, HTTPS is not so much of a suggestion as a necessity. In their blog post, they offer three reasons that website owners should consider obtaining an HTTPS certificate. These include:
- Protecting the integrity of your website
- Protecting your users’ data and information
- It will allow your site to make the most of the latest advancements
There is also evidence that HTTPS is a ranking factor for Google. This isn’t a new development, and websites have been able to make the most of this ranking bonus since 2014. Now, it’s becoming essential if you want your website to show up in search results.
A common misconception is that you only need a secure website if you handle sensitive information like credit card details, but this couldn’t be further from the truth. Every website, large or small, can benefit from using the HTTPS protocol.
Without a secure website, most web browsers will go out of their way to let users know a website isn’t safe. For example, if you use Chrome and navigate to an HTTP site, you will see the following warning.
If you’re trying to instil a sense of trust in your customers, this warning isn’t going to help to bolster your reputation as a trustworthy company.
There is also the risk that an unsecured website can become a target for hackers. As more and more sites adopt the HTTPS protocol, the list of viable targets will become shorter. You don’t want to be one of the few websites left that represents a target to hackers. Adding malicious links or pages to your website without your knowledge is big business for black hat SEO practitioners. These can be damaging to the user experience and also lead to manual action penalties which can see your SEO rankings plummet.
HTTPS may have been optional this time last year, but it’s time to start thinking about the future of the internet and making sure that your website is future-proof.