SPOILER ALERT: The S in HTTPS stands for Secure.
In Layman’s terms, when you see HTTPS before a web page address in your browser, it means you’re on a page that is more difficult for hackers to access.
When your site is not secure, you’ll have a more challenging time attracting visitors and keeping them on your site. It’s understandable — no one wants to enter their personal information into a website that they know is not secure. Taking the extra steps necessary to create a secure site is well worth your time and effort.
When your site is not secure, you’ll have a more challenging time attracting visitors and keeping them on your site due to warnings like this one from Chrome.
The hypertext transfer protocol (HTTP) is the key that opens the world wide web. These four letters tell our browsers to pull up web pages at specific links. But what does it actually mean when you see HTTPS instead of HTTP at the beginning of a web address?
We’ve explained that the S in HTTPS stands for Secure, but let’s dive in a little deeper. The S stands for the S in Secure Sockets Layer (SSL), a protocol used to protect communications between a server and client. SSL uses encryption to prevent any “eavesdroppers” from accessing or hijacking your online activity.
In addition to SSL, HTTPS is also secured by the Transport Layer Security (TLS) protocol. TLS enhances data integrity to prevent the transfer of data from being corrupted. TLS also allows for authentication to occur, which proves to visitors that they are communicating with the website they intended to access. TLS can prevent browsers from being hijacked by cybercriminals.
Essentially, when you transfer information (like a password or credit card number) across a secure connection, hackers can’t see it because it has been encrypted. On an insecure site, hackers can see any information you submit as plain text.
One particularly risky behavior many people routinely take is using public WiFi.
Access to public WiFi has changed the way people work, communicate, and shop. With a few clicks or taps, you can be browsing the web from the airport, coffee shop, or even the grocery store.
There’s no doubt that being able to connect to the web across public WiFi networks is convenient, but is it safe?
Candid shot of a hacker catching you transferring files from your personal device to your work device over public wifi.
According to the 2018 iPass Mobile Security Report, 81 percent of CIOs indicated their company had experienced a WiFi-related security incident in the prior year. Sixty-two of these events occurred in cafes and coffee shops.
As work-from-home arrangements become more popular, public WiFi connections pose threats to companies sharing data from the cloud. In response to a recent survey, nearly 75 percent of VPs and C-suite IT leaders revealed that they consider remote workforces a higher security risk, and for good reason.
More than three-quarters of remote employees take no privacy measures when working in a public space. Almost half of these workers say they transfer files between work and personal devices. These scenarios are a hacker’s dream come true.
In 2018, Google announced that it would begin displaying warning pages on its Chrome browser for users when they access an insecure (HTTP) site. This was an impactful announcement because nearly 50 percent of US internet users and 67 percent of users worldwide use Chrome.
Many visitors will immediately leave a site when this type of warning is displayed. This activity can impact bounce rates, advertising impressions, affiliate clicks, and eCommerce sales.
Another Google-related reason to switch to HTTPS is that the search engine’s ranking algorithm prefers secure pages. HTTP pages will always rank lower in organic search results, other factors being equal.
HTTPS also comes into play when you’re developing mobile-responsive pages. The Google algorithm also ranks sites higher when they have been optimized for mobile screens. If you want to make use of Google’s Accelerated Mobile Pages (AMP), you’ll need to switch to HTTPS.
AMP enables mobile devices to load content at a much faster rate. A simple way to understand how AMP works is to think of it as a kind of bare-bones HTML. AMP content features prominently on Google search engine response pages (SERPs).
HTTPS is a must if you need to improve your SERP rank or make your site more mobile-friendly.
To change a webpage from HTTP to HTTPS, you’ll need an SSL certificate. This small data file binds a cryptographic key to a specific organization. When you have an SSL certificate and someone accesses your site, the web server will activate the https protocol. It also triggers the padlock icon you often see in your address bar to appear.
SSL certificates use public-key cryptography to establish secure connections.
Public-key cryptography uses a secure shell (SSH) key pair consisting of a public key and a private key. The public key is configured on a secure server to authenticate and allow access to users who have a copy of the private key. These keys must be carefully tracked.
You can purchase an SSL certificate from many online providers. They must be renewed every 12 months to protect your site, it can be quite a hassle if you let your SSL certificate expire.
There are a few key factors to keep in mind when switching to the HTTPS protocol. Be sure to:
Each of these actions will help to protect your current SERP rank and enhance your future rank.
To add an S to your HTTP and avoid scaring off website visitors with browser warnings, you’ll need to purchase an SSL certificate.
Once you purchase an SSL certificate, be sure to keep track of its expiration date. Consider using a tool, such as WatchTowerHQ, to minimize this risk by automating the reissue process or sending reminders about upcoming expiration dates.
WatchTowerHQ provides information on where your SSL cert is issued through when it expires, and how many days your SSL certificate is valid. Check out our pricing plans.
