D-Day for switching your website from HTTP to HTTPS has come and gone. It used to be that only e-commerce websites needed the HTTPS protocol and site visitor protection secured by an SSL Certificate. Google announced that with the release of Chrome 68 all websites needed to be secured with an SSL certificate and the HTTPS protocol, otherwise, every unprotected HTTP website can potentially reveal your visitor’s private information, such as browsing habits and even their identities to intruders gathering information to compile user profiles and steal identities. To that end, Google will alert every visitor to your unsecured website with the following message:
Website visitors who see this are going
to click away, never to return!
WHY IS GOOGLE CHANGING THIS?
Google explains that this change is designed to make “the web safer for everyone”. There are a couple ways that HTTPS improves safety online:
- Using HTTPS helps make websites more secure by protecting passwords from being intercepted by hackers.
- An HTTPS web also improves privacy by making it harder for your internet service providers (ISPs) to track users’ web activities.
SO HOW DO I GET HTTPS?
It used to be that only e-commerce websites or websites with shopping carts needed to be secured with an SSL Certificate and the HTTPS protocol, but Google, Yahoo, Bing, and other search engines have all upped their game making the secure HTTPS protocol necessary for ALL websites.
SO, WHAT IS AN SSL CERTIFICATE?
A Secure Socket Layer (SSL) certificate is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private. SSL is an industry standard and is used by millions of websites in the protection of their online transactions with their customers. So, when an SSL certificate is installed, the website’s URL protocol will change from HTTP to HTTPS and a green security padlock will also be present in the URL as a way to further signal the secure status of the website.
HOW DO I GET AN SSL CERTIFICATE?
Never fear, the SSL Certificate is something your website host will install for you, usually for a modest fee of around $60-$90/yr (basically a couple of $$ per month)… However, that certificate then needs your site to have ALL the old HTTP links, images and scripts converted to use HTTPS instead. Do you know that little green “padlock” symbol you see on many websites – there’s actually one at the top of this page you’re reading right now! Well… that’s the symbol that lets you know that your connection to whatever website you see it appear on is secure! Meaning, hackers should not be able to intercept sensitive information about the site and/or it’s users without a revolution in quantum computing. Last, but not least, you’ll need to resubmit your site for indexing via Google Webmaster Tools as the HTTPS version of your site is actually considered to be an entirely different website! So all that indexing and passive search engine optimization you’ve done in the past won’t be worth much unless you resubmit your newly secure site to Google.
OH MY GOODNESS, THAT SOUNDS LIKE WAAAAY TOO MUCH WORK!
The conversion from HTTP to HTTPS is more nuanced than most people realize, it can be hours and hours of hunting through files for the inexperienced to find and replace links, images, and scripts with their secure versions…But, never fear – I provide SSL conversion for WordPress users for $149/site and you’ll be staring at the Green Padlock icon next to your URL in no time! Feel free to contact me for a free consultation!