Why You Should Secure Your Site with HTTPS

For several years now, Google has been encouraging website owners to implement SSL certificates. It all started back in 2014 with the HTTPS Everywhere campaign where the goal was to raise awareness of the security by implementing SSL certificates. SSL later became a Google ranking signal to further encourage its adoption by having a direct impact on your sites SEO .

We still have a way to go, as currently less than 40% of all websites are encrypted with SSL. Google are therefore taking the next steps to change that.

Effective July 2018, Google SSL requirements will be enforced by flagging sites without SSL as unsafe in Chrome.

This change goes beyond punishing users by lowering their search rankings and now directly impacts of the the way web users think about their online security.

SSL certificates are designed to give users confidence about the sites they visit and potentially purchase goods and services from. If you don’t implement SSL on your site you could easily jeopardise your business.

This article will explain what an SSL certificate is, how it works, how to install one, and more.

What is an SSL Certificate?

An SSL certificate is effectively a text file that you install on your server that contains encrypted data. This allows you to secure/encrypt sensitive information and communications between your website and your audience. When installed on a web server, it activates the padlock and the HTTPS protocol (over port 443) and allows secure connections from a web server to a browser.

SSL stands for ‘Secure Sockets Layer,’ and by design encrypts all data passed between web browsers and servers so that data remains private.

Without valid certificates, websites cannot establish a secure connection with web servers, meaning that users will not be digitally connected to a cryptographic key. This puts your company’s and your customers’ information at risk, especially considering current cyberthreat trends.

Why do I need an SSL Certificate?

One of the most important things in business is to make customers feel like they are visiting a trusted, reliable website where making purchases is safe. SSL establishes a secure connection which then reassures your visitors using visual cues. Seeing the lock icon or green bar when visiting a site can automatically make a visitor trust your company and take the next step in making a purchase.

The lack of SSL and HTTPS could potentially damage your brand. Visitors will be reluctant to purchase goods from your site and provide personal data. And now that browsers will be taking extra steps alerting visitors to your site, alerting them that it’s unsafe to proceed. People will avoid purchasing from you or even signing up to your newsletter through fear of having their details stolen. From an SEO perspective your conversions may plummet.

There are many kinds of SSL certificates, all of which will add credibility to your site and build trust. The one you choose will depend on your needs, so they must be considered first. If you have an E-commerce website, for example, an Extended Validation option is recommended for the best results.

Three different types are as follows:

• Domain Validation or DV
• Organization Validation or OV
• Extended Validation or EV

Net Solutions provides free Domain Validated SSL certificates as part of its cPanel Hosting. The service is called AutoSSL and is not just limited to websites. They are also used in email, SFTP, and various other internet technologies..

Once you enable AutoSSL, your hosting service will be secured with a free, Domain Validated SSL certificate. When the certificate expires a new, free SSL is requested and automatically installed.

How do I change my website to https?

Once you have installed your SSL certificate, the next step is to enable and configure it on your website. If you have an existing website that does not use SSL then you will need to move from HTTP to HTTPS. Below is the basic process:

1. Purchase your SSL certificate. If you wish to use AutoSSL on our hosting servers, you can skip this part
2. Configure hosting with SSL Certificate
3. Change all website links to HTTPS
4. Setup 301 redirects from HTTP to HTTPS or consider HSTS
5. Test that all your pages are serving HTTPS

Migrating your site to HTTPS can be a bit of a task, but luckily there are a lot of resources out there to help. Google has even put together a guide on their recommended process. With all the online help, there really is not a good excuse for lacking HTTPS.

Here at Net Solutions we work with clients to convert their websites, both old and new, into HTTPS versions. It’s a service that we provide every day and it gives lasting value to any company’s online presence.