Find out if you need to upgrade and how to do so below…
HTTPS (also called SSL, and HTTP Secure) is a protocol for secure communication on the internet. It works by ensuring that communications between the users’ browsers and the website they’re browsing are encrypted; thereby adding an extra layer of security.
You may have noticed that many companies have already upgraded their websites and are wondering whether you should too?
Here’s what you need to know.
Google have been encouraging sites to make the change, but have not explicitly punished or penalised those who don’t (more on that below). The main benefits of upgrading are threefold:
[Let’s start with benefit 1…]
As mentioned above, HTTPS encrypts communications between the users and websites, making it much more difficult for nefarious sources to have their wicked way with user information or data.
Obviously, this is especially important for sites that require users to enter payment details, credit card numbers, passwords or a lot of personal information. But for sites that don’t collect any user data it’s much less of a deal.
In the past, Google didn’t penalise or punish sites that hadn’t upgraded, but that’s about to change.
Google have made it clear that, in 2017, HTTPS will become a necessity for sites that require users to log in or fill in credit card or payment information.
According to Google, as of January this year Google Chrome will begin to mark HTTP pages that require a password or credit card payment details as ‘non-secure’ and warn website visitors of the threat.
In other words, visitors to those sites will be shown warnings and told that the site is not secure.
Not exactly the best way to drive customers down the funnel.
“Site owners need to embrace https:// and get an SSL certificate installed – Google Chrome is going to update in January of 2017, and any website that has a login, password or a credit card field and does not have SSL implemented will have a warning that the page is not secure” – Scott Henderson
Upgrading to HTTPS does come with a small ranking benefit. This benefit is so small that most sites don’t actually notice a change when they upgrade, but Google assures us that is is there.
Because of this, most SEO experts felt that the juice isn’t worth the squeeze just yet (upgrading to HTTPS is a big process), unless your site is one of those that requires login details, user data or payment information (like those mentioned above).
If you just have a simple website and blog and all you require from your users is to enter their email addresses to opt in to your email lists, you probably don’t need HTTPS for security reasons just yet.
If you have an e-commerce site, accept payments, require a login or collect users’ personal information for any reason, you need HTTPS on those pages at a minimum, but preferably on your whole site. If you don’t, we suggest that you get cracking.
Looking to the future, however, even if you don’t fall into this category you should probably think about upgrading. Google is getting more serious about security and we predict they may start to offer more benefits/penalties across the board in the future.
If you’re not confident in your abilities, rather hire a professional who is. The upgrade is like a mini site migration and there is a lot that can go pear shaped.
We suggest you start by reading Google’s Official HTTPS Guide and take it from there.
[See here a step-by-step guide on how to upgrade your website.]