Why Convert to HTTPS?

HTTPS is a must in e commerce, now it is the standard for all types of websites. Learn about what https is and why you need to convert your website to it. It is not as involved as you probably think it is.

Steven Johnson
by | Posted: February 13, 2017 | Updated: February 15, 2017
Blog Post Image

HTTPS is steadliy becoming the standard for all web traffic.  While you may think it does not apply to your website, it does.  

HTTPS Benefits: 

  • Protect your visitors privacy
  • Improve security of traffic to and from your visitors devices.
  • Improve Visitor Confidence in your site.
  • Improve your SEO Rankings at Google.
  • Improve Analytic and Refferer tracking information.
  • Be one more item checked of your list you no longer worry about. 

 

What is HTTPS?

HTTPS is a security layer that encrypts all traffic between your website and visitors. 

This is all well and good but not many users will notice or care about this but what they do see is a greeen https lock and text in the browser address bar when they visit your website.

HTTPS in Chrome

chrome extended ssl lock 619x204

HTTPS in Firefox

firefox extended ssl lock 579x194 

 

Why do you need to encrypt your web traffic?

With HTTPS you will protect your visitors privacy - you do not want to expose your visitors or let others know what people are viewing at your website.

Improved Security (not just encryption)

  • Authentication - Am I talking to who they say they are?
  • Data Integrity - has the data been compromised or tampered with?
  • Encryption - Is anyone else able to view the data transfer or conversation?

Improved Visitor Confidence when they see https and the green lock in the browser

You get more information in Google Analytics and Google Seach Console

It is 2017 - https is becoming the standard.

SSL by Default Usage Statistics 

Source: https://trends.builtwith.com/ssl/SSL-by-Default

 

 

What are the SSL Certificate Levels

Extended Validation SSL - Name and Green Bar

chrome extended ssl lock 619x204

This is the highest level and require more documentation and is more expensive. It has the same security standards as teh Standard Validation SSL

Standard Validation SSL - Green Lock but no name

chrome standard ssl lock 715x222

This is the most common level of SSL. It is sold by many providers, is less expensive or even free.

SSL with Errors - shows https but a yellow warning triangle is shown and not green text is shown.

chrome all monster fighters lego sets 566x237

This is not really a level of certificate but an example of what one of the two above certifications will look like if not property configured. Visitors can see that the site is SSL capable but something is not quite right. This is one of the sites we manage and I broke the ssl on the page to get the screenshot, after taking the screen shot I corrected the page back.

 

What does it cost?

Paid

SSL certificates can vary from $50/year to $300/year. There is now a great company offering free options.

 

Free

Lets Encrypt https://letsencrypt.org/ is a fantastic free option. This site / company / project is sponsored by many of the major web players including Facebook, Cisco, Shopify, SiteGround (excellent Siteground Review) mozilla, and many many others.

This site provides free standard Validation level SSL certificates and a fantastic option for many business webiste that need standard level encryption.

 

Let's encrypt is really picking up speed and many hosting companies have a let's encrypt plugin which makes installing a Let's Encrypt SSL even easier.

Here are the hosts that we know offer a one click intstall.

  • CloudAccess.net
  • SiteGround
  • Rochen Hosting

 

 

What does Google say about SSL

They think all websites should be SSL

In 2014 Google Announced HTTPS/SSL sites will get SEO ranking boosts.  

https://webmasters.googleblog.com/2014/08/https-as-ranking-signal.html

http://searchengineland.com/google-starts-giving-ranking-boost-secure-httpsssl-sites-199446

 

2014 Google I/O presentation - Google Search Developers disussing https

 

2016 Share Pesentation 

https://www.brightedge.com/resources/videos/share16/google-keynote

Thao Tran, Global Product Partnerships, Google states that https is really the new web standard. It is at the very end of the video.

 

 Also in 2014 Matt Cutts of Google said he would like to see google give a ranking benefit to sites who use SSL

http://searchengineland.com/ranking-benefit-making-site-ssl-yet-googles-cutts-like-make-happen-186810

Well it is now 2017 and it has happened.

 https://www.brightedge.com/blog/http-https-and-seo/

 

 

How to convert to HTTPS

1. Get the new SSL certificate - This can either be a paid SSL cert of a free one from Let's Encrypt

2. Install the SSL Certificate on you webserver - This is typically done by your web hosting company

3. Force your site over to display through SSL - This means your site can only be accessed through SSL

How to do this in Joomla

How to do this in wordpress

4. Look for any errors that stop your site from getting the green padlock

Typically images or other embedded information that is called and viewed using http

Can also be CSS or JS pages that break when loaded via SSL

5. Update your settings in Google Analytics

6. Update your settings in Google Search Console

 

 

Great HTTPS Tools & Resources

https://www.whynopadlock.com/

Follow Online Backup Search at Twitter Online Backup Search Feed Online Backup Search on FacebookOnline Backup Search on YoutubeIntown Web Design on Google+ Page

Our Latest Information

Sign up to receive our latest and best information.

Tips, Tricks, Happenings and the Best Intown Web Design News.

Our newsletter will make your wildest dreams come true.