Does my website need to be HTTPS?

Do I need https?

01 March 2018

web security,

There has been an effort by browser vendors to encourage business to improve security to protect all users, and this is achieved in part by enabling HTTPS (Hypertext Transfer Protocol Secure) on business websites.

“We encourage you to adopt HTTPS in order to protect your users' connections to your website, regardless of the content on the site.

What is HTTPS?

HTTPS encrypts data that is sent between a browser (eg Google Chrome) and the web server where your website is hosted. This ensures the transferred data remains private, while also protecting the data from being modified or corrupted (intentionally or otherwise) without being detected.

Google, Mozilla and other browsers now flag all non-https website connections as not secure.

For example Google will display Secure and https:// instead of Not secure and http:// next to your website’s URL if  HTTPS is enabled:

How is HTTPS enabled on my website?

An SSL security certificate must be added to your website to enable HTTPS.

SSL (Secure Socket Layer) is the standard security technology for establishing the encrypted link.
Your webmaster or web developer can assist you with this upgrade, which will also include a review of your website to ensure all content can be delivered  securely after the certificate has been applied.

What are the benefits of making my website secure? 

Website visitors are becoming increasingly more savvy and will know their connection is secure as the browsers will provide visual cues, such as the lock icon and the word ‘Secure’. They will be more likely to interact  with your website.

If your website has online forms used to collect personal data (such as name and email), visitors are more likely to trust your business and connect with you by providing that information.

Google started using HTTPS as a search ranking signal back in 2014, indicating that websites available over HTTPS will get a small advantage in search results over websites that are HTTP. For example if two web pages are 'equal', the Google search engine will prefer the website with HTTPS. 

If your website has ecommerce, you should already have SSL in place to encrypt your customers’ credit card information. Note most proprietary systems already include an SSL certificate on the store or checkout pages. It is now recommended  to extend HTTPS to your entire website.

What steps do I need to take next to secure my website?

Your web developer can assist you with this upgrade, which will also include a review of your website to ensure all content can be delivered securely after the SSL certificate has been applied.

Photo by John Moeses Bauan on Unsplash