We are well into 2017, yet there are still businesses whose websites are using unencrypted hypertext transfer protocol (HTTP) as opposed to the encrypted version of it, HTTPS. While this may all sound scary or overwhelming to you, switching over to HTTPS can bring your website a number of benefits. However, before we break down those benefits, we’d like to detail exactly what HTTP and HTTPS do.
HTTP or hypertext transfer protocol was designed back in 1999 as a way browsers and servers to communicate with each other. The problem is that it frequently runs into (and still does), handling sensitive information. When you entered confidential information (emails, phone, address, billing details, etc.) on an unsecured site and then navigated away to another unsecured (read HTTP) that may be compromised by hackers. That transfer of data could then be captured. HTTPS came around to essentially wipe out the referring data when navigating to an HTTP site from an HTTPS site.
According to a MOZ article written back in 2014, just prior to the release of HTTPS, Google actually announced that servers using HTTPS would receive an SEO boost. In addition to a boost in search result rankings, HTTPS delivers more referral data and additional security and privacy. You should really consider using this any place there is a contact form, sign-up form or eCommerce section. Really any place that a user would enter personal information, you should use HTTPS.
So why hasn’t everyone done it?
1. It can be a long and complicated process. You’ll want to do the following:
- Use 301 redirects to point all URLS to HTTPS from HTTP
- Canonical tags use HTTPS versions of the URLs
- Register HTTPS sites to Google and Bing Webmaster Tools
- Update internal links
- Update your Robots.txt file to make sure HTTPS sites aren’t blocked
- Implement HTTP Strict Transport Security (HSTS)
2. It can cost money.
- Some cases it is free (Squarespace for example, uses the latest HTTP2 automatically)
- However, SSL (secure sockets layer) certificates can range between $0 - $200 per year
- Bluehost uses Comodo for their web hosting encryption for WordPress sites
If you are unsure, talk to your current website hosting provider about switching.