Why You Have to Switch Your Site to HTTPS… Now

Is your website secure? If you aren’t collecting credit card information or taking payments, you may think that the recent Google Chrome update to HTTPS protocol has anything to do with you.

You’re wrong. It does. The fact is that every company should be upgrading to HTTPS to be in compliance with Google’s new rules and updates. It might not affect you immediately if you don’t but make no mistake. It can negatively impact your conversion rates when customers see your website is NOT SECURE. Additionally, there is a side benefit of switching to HTTPS and that’s a slight bump in your rankings on Googles Search Engine Results Page.

What Is HTTPS?

The first thing you need to understand is the difference between HTTP and HTTPS here.

HTTP stands for Hyper Text Transfer Protocol. From the early days of the internet until recently, HTTP was the standard protocol used to share information on the web.

The downside of using HTTP is that anybody can read it. There’s no encryption, so it is relatively easy for hackers and thieves to access information on a website that uses it.

HTTPS stands for HyperText Transfer Protocol Secure. It’s typically used for any page online where secure information is transmitted or collected, including sign-in pages that require a password and payment pages.

When information is transmitted on a page using HTTPS, it is done using a Secure Sockets Layer (SSL), which is also sometimes referred to as a Transport Security Layer (TSL).

In other words, the difference between HTTP and HTTPS is encryption. Only someone who knows the code used to encrypt a site that uses HTTPS can collect information from that site. HTTPS ensures that data cannot be altered in transit without your knowledge, and it provides the people who visit your site with proof that your site is authentic.

What Changes is Google Chrome Making?

Starting soon (as soon as Chrome 56 comes out), Google Chrome will label all non-HTTPS pages that collect passwords or credit cards as Not Secure.not secure http website

The current protocol shows a green lock next to the URL of secure sites and no lock next to the URL of sites that aren’t secure. Google determined that the absence of the secure lock symbol was not adequate to keep people informed about the potential danger of typing private information into a site that wasn’t secure.

Starting this month, pages that do not use HTTPS will have the words “Not Secure” before their URL. The risk to companies whose sites are not compliant is that visitors may be reluctant to enter their information or to trust your site.

How Can You Update Your Site?

There are several steps you’ll have to follow to update your website to HTTPS protocol. Let’s walk through them since there are some that might not be immediately obvious.

Get a Security Certificate for Your Website

The first step is to obtain a security certificate for your site. Many web hosts offer security certificates for purchase. If you have a simple domain name, you can get away with a single-use certificate. Websites with many subdomains will need a wildcard certificate to make sure every page on their site is covered.

If you own more than one domain name, you may qualify for a multi-domain certificate that will cover every domain name owned by you or your company. (All domains must be owned by the same person or entity to qualify.)

Install Your New Security Certificate

The next step is to install your new SSL certificate on your website. The process differs depending on which operating system you use. You can find detailed instructions by clicking here.

Redirect Traffic to Your New Site

The third step is important because it will help visitors to your site find you now that you are using HTTPS protocol. Once our SSL is installed, Google will see your site as a new website. That means you have to redirect traffic to it usually inside of your .htaccess file.

You can find detailed instructions from Google on how to create HTTP 301 redirects here.

If you are familiar with modifying your .htaccess then you can use the following code:

RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://yourdomain.com/$1 [R=301,L]

Create a Robots.txt File

robot text fileOnce you have redirected traffic to your new site, the next step is to make it easy for Google to crawl and index your new site. The way you can do that is to create a robots.txt file for Google to use.

You can find complete instructions on how to build a robots.txt file here. Note that it may take two or three weeks – but it shouldn’t take longer than that – for Google to get around to crawling your updated site.

Create Error Messages for Pages Not Being Updated

As you go through the process of updating your site, you may discover that you have old pages you don’t want to upgrade. If that happens, the best thing to do is to create HTTP 404 or HTTP 410 messages for them.

You might be tempted to redirect traffic to your home page, but it’s a mistake to do that too often. The home page won’t be relevant for most of the content that you’re redirecting, and you may end up with a soft 404 message as a result.

Update Your Search Console

The final step is to log into Google Search Console and update your URLs and other site information. You’ll need to:

1. Check your URL parameters to make sure they include both your old and new sites
2. Check the geotargeting for your new site to make sure it matches your old site
3. Update your crawl rate – it’s best not to put any limitations on how Google can crawl your site
4. If you disavowed any backlinks on your old site, you’ll want to do the same for your new site.

Moving forward, it’s a good idea to track your analytics and make sure that traffic is being correctly redirected to your new site.

Consider Switching Your Host (Hint.. hint.. Siteground)

Finally, you may want to consider changing your host to one that makes it easy to update everything. The host we like to recommend is Siteground. We like Siteground because:

1. You can transfer your website for free
2. It offers super-fast loading
3. You’ll have the option of 1-click integration with CloudFlare CDNsiteground hosting
4. You’ll get a free SSL certificate when you switch so you can update your site to HTTPS
5. They have kick-ass 24/7 customer service to help you every step of the way

If you want to try Siteground, please click here to get started.

 

Conclusion

The bottom line is that you can’t afford to wait any longer to update your site to HTTPS. Starting very soon, the dreaded “Not Secure” label will appear on all sites that don’t use it, and it has the potential to erode your visitors’ trust in you and your site. To learn more about our SEO services, please click here.

Leave a Reply

Shares