With all of the online transactions we complete in the 21st century, whether it’s a bank or DMV transaction, online shopping, filing your taxes with the IRS, or simply just logging in to an online account, we want our personal data kept secure and private, right?
That’s why HTTPS is crucial in 2020.
HTTP (Hypertext Transfer Protocol) and HTTPS (Hypertext Transfer Protocol Secure) are the foundation of any data exchange on the Web. They’re what you see at the beginning of every single URL because they’re the protocol that sends data between a web browser and a web server.
HTTPS is the encrypted version of HTTP, which means it protects the communication between browser and server from being tampered by cyber attackers. Your data stays safe and secure. If you use only HTTP instead, it’s completely exposed.
So, how do you enable HTTPS on your website?
You can enable HTTPS on your website and the security that comes with it by acquiring an SSL/TLS certificate.
SSL = Secure Sockets Layer
TLS = Transport Layer Security, an updated, more secure version of SSL
Both SSL and TLS are the standard protocol for keeping an internet connection secure and protecting any data sent between two systems.
You can find out if a website has an SSL/TLS certificate by looking for the lock icon and “https.”
If you’re wondering how these certificates work, check out this diagram from Digicert:
If you’re asking yourself if you should care about having a secure, encrypted website, the answer is yes. HTTPS is undeniably better than HTTP. It protects your data and the data of your visitors from being stolen online. It’s suggested to not visit a website that is unsecured. In fact, Google penalizes websites that don’t have security certificates. Google Chrome prompts visitors to a “Not Secure” or “Dangerous” website.
Google and SEO
According to Google, “to help you stay on safe on the web, Chrome requires websites to use certificates from trusted organizations.”
Back in 2014, they stated that they have been “running tests taking into account whether sites use secure, encrypted connections as a signal in our search ranking algorithms. We’ve seen positive results, so we’re starting to use HTTPS as a ranking signal.”
Because HTTPS increases your site rankings on Google, it’s important to view this as an SEO benefit. HTTPS offers up advantages such as:
- Increased rankings
- Preserved referral data
- Security and privacy
- Authenticates the website/server communication
- Encrypts data and communication
- Avoids damage by third parties
If you’d like more tips on how to improve your SEO, check out our article, Best Practices: SEO for Blogging.
How to Secure Your Website with HTTPS
The process of setting up an SSL/TLS certificate on your website varies depending on whether you’re starting a new website or adding it to an existing website. Regardless of what point you’re at in your HTTP process, your first step will be to purchase a relevant SSL/TLS certificate.
The easiest way to complete the process of securing your website is to go through your website’s domain provider. Here are some of the most common domain providers’ steps for setting up your SSL certificate.
Here are some basic tips to get started, from Google themselves:
- Decide the kind of certificate you need: single, multi-domain, or wildcard certificate
- Use 2048-bit key certificates
- Use relative URLs for resources that reside on the same secure domain
- Use protocol relative URLs for all other domains
- Check out their Site move article for more guidelines on how to change your website’s address
- Don’t block your HTTPS site from crawling using robots.txt
- Allow indexing of your pages by search engines where possible. Avoid the noindex robots meta tag
It’s no surprise that internet security is a hot topic at this point in time. No one wants their passwords stolen or their credit card information hacked. Implementing HTTPS everywhere on your website secures your visitors and your own data from start to finish. Securing your site with SSL/TLS strengthens your brand and reputation, which in turn increases user trust.
- Does your website use an SSL/TLS certificate?
- How often do you see a “This Connection is Not Private” page?