Why you need to switch from an HTTP to an HTTPS website

Making your website secure

The web is changing to HTTPS. To continue taking payments via a widget on your website it is absolutely vital that you now have a valid SSL certificate (https) on your website. Even if you are not taking payments your widgets must be hosted on https.

How Google is tackling http websites

Since January 2017 Google has began marking http pages that collect passwords or credit cards as non-secure. This is part of Google’s long term strategy to mark all HTTP sites as non-secure. Across 2017 we have seen Google continue to extend HTTP warnings, for example, by labelling HTTP pages as “not secure” in Incognito mode, where users would normally have higher expectations of privacy. Google is even going as far as changing the HTTP security indicator from a broken lock icon to a red triangle – that is normally used to inform users of broken HTTPS.

Why is this important?

When you load a website over HTTP, someone else on the network can look at or modify the site before it gets to you. Meaning that important details ( such as personal data and payment info) can be intercepted by unwanted third parties.

A substantial portion of web traffic has transitioned to HTTPS so far, and HTTPS usage is consistently increasing. In January 2017 Google and Mozilla both reported that more than half of the web was now encrypted / using HTTPS Chrome desktop page loads now served over HTTPS. In February, 12 more of the top 100 websites have changed their serving default from HTTP to HTTPS.

Google’s Opinion on https

It shouldn’t come as a surprise that Google prefers sites that are trusted and certified.

This is because users can be guaranteed that the site will encrypt their information for that extra level of security. However, you should understand that getting a certificate can be an involved task (which is why it allows for higher ranking benefits).

Easy ways to make your website secure

Getting secure is easy, there are loads of handy web resources packed with info on getting secure and where to purchase your SSL certificate.

  • Google has provided the following tips for best practices when switching to HTTPS
  • 5 Reasons Why HTTPS Should Be Enabled on Your Website. Written by Amanda Zantal-Wiener. Read more.
  • Let’s Encrypt is a free, automated, and open Certificate Authority. Discover it here.