Is your site secure? If not, you’re fast-approaching the deadline to make sure it is. Google has set a ticking time-bomb and your website may suffer if you aren’t in compliance with Google’s self-imposed HTTPS deadline: July 2018.
The idea behind the deadline is to encourage a more secure internet. Google advocates those sites with a HTTPS encryption. HTTP sites will no longer be viewed as “secure”. In fact, you’ve probably noticed the “not secure” marking on some sites that you previously thought of as safe to visit.
As of July this year, the release of Chrome 68 will be accompanied with the tagging of “not secure” for all HTTP sites. Since over half of all Internet browsers nowadays are Chrome, this could affect a significant number of web publishers.
Think your customers are going to want to stick around on an insecure website? No matter how loyal they may be, their security and data protection are more important. They’ll move onto your competitors that paid attention to the HTTPS deadline.
So, act fast when it comes to upgrading to HTTPS. We’ll show you how.
What is HTTPS & Why is it Better?
Making sure that users feel safe when they’re browsing is in your best interest. A concerned visitor will negatively impact your bounce rate, click-through-rate, SEO and sales.
Talking about the HTTPS deadline, Google said:
“Chrome’s new interface will help users understand that all HTTP sites are not secure and continue to move the web towards a secure HTTPS web by default.”
The primary difference:
HTTP – HyperText Transfer Protocol. Basically, this describes the protocol used to send data between a user’s browser and the site they’re connected to.
HTTPS – HyperText Transfer Protocol Secure. As above, but secure. Messages between the browser and site are scrambled, so no one else can read them.
So, what exactly does that friendly-looking, green HTTPS tag signify for visitors?
- Their credit card information is safe. HTTPS websites can guarantee that no one is able to steal their information, so they can enter and save credit card information – and other personal data – without the worry of theft or misuse. If you run an eCommerce store, this could mean the difference between a customer and a bounce-rate statistic.
- The code used is unreadable by hackers. Computers that use HTTPS are able to scramble “codes” so that they can’t be read by anyone. The code is used on an SSL (Secure Sockets Layer) and it’s secure enough to safeguard any information from hackers. Even if someone was to gain access to data, it’s encrypted, and they wouldn’t be able to understand it.
- They can verify you as a business. Visitors will feel more confident that you’re a trusted, registered business and that the domain is yours. A survey by GlobalSign found that 28.9% of users look for the green address bar, and 77% are concerned about their online data.
- The site they’re on will perform better. Websites that are optimised for HTTPS can expect to see an improvement of 50-70% in performance. This means faster load times and more powerful features, thanks to a browser that is strong enough to support them.
Out of the top 100 sites on the web, 81 use HTTPS by default. Following suit will benefit your SEO and overall company reputation.
Not only that, but the HTTPS tag unlocks features that are too powerful for HTTP to manage. So, now you can improve the performance and security of your site faster, easier and cheaper than you ever could before.
Don’t miss the opportunity.
Guide to Upgrading to HTTPS, FAST
Most website owners have already begun, or completed, the process of upgrading to HTTPS. It’s not like we haven’t been warned before.
Google told us there would be a HTTPS deadline in October 2017, where they would begin the process of flagging HTTP sites as “not secure”. Well, true to their word, they began trawling through the some 1.5 billion websites on the WWW and their mission is coming to a close.
Google also announced that Chrome would present the warning in an additional two common scenarios:
- When user data is entered on an HTTP webpage
- On any HTTPS pages that users visit when in Incognito mode
Time’s up. Almost.
Beat the HTTPS deadline before it’s too late.
Let’s Encrypt is a free option for people who run their own servers. While the majority of web hosting providers offer free HTTPS certificates to their users, those sites that are independent of hosting providers will need to arrange their own certificate.
Let’s Encrypt removes the worry about cost, so nothing should keep you from delaying the HTTPS upgrade. They aim to make it easy to obtain a trusted certificate for anyone that owns a domain name.
Google wants to make it easier for developers to move to HTTPS. The latest version of Lighthouse (an automated tool to improve web pages) has simplified the HTTPS setup.
Developers can take advantage of the mixed content audit. The tool automatically locates the resources used by a site that loads using HTTP and compares them to the resources that can be upgraded to HTTPS. It then changes the sub-resource reference to the HTTPS version.
GoGetSSL / SSLs.com
You can buy an SSL certificate that binds a key to your company’s details, through sites like GoGetSSL or SSLs. The installed certificate activates the HTTPS protocol to facilitate secure connections between your web browser and server.
What About Mixed Content Pages?
Google is always making changes and it’s important for marketers to be responsive. The company hasn’t yet explicitly spoken about webpages that are a mix of secure and insecure content. It’s something we need to keep a close eye on.
For now, we recommend playing it safe and assuming that mixed content pages will trigger a warning.
Website owners can make us of Chrome’s Lighthouse auditing tool. The tool identifies the web pages that trigger a mixed content warning. This can help developers to migrate their site to HTTPS.
Safeguard your Website. Safeguard your SEO.
Although Australia has the lowest use of Chrome worldwide (39.2% of browsers, compared to South America where 74.04% of browsers use Chrome), businesses will still benefit in upgrading to HTTPS. 39.2% is still a pretty impressive portion of the web for a browser to hold.
HTTPS has acted as a lightweight SEO ranking signal since 2014, so you could help to improve your site’s rankings with an upgrade.
You’ll also enjoy better referral data. If you were to receive a link on a high-ranking HTTPS website, but you’re still running on HTTP, the referral data gets lost. The traffic from that popular linking site is likely to end up under direct traffic and you forfeit the referral.
Before the deadline announcement, we would have urged eCommerce store owners to follow this guide to SEO and quickly react to the need to obtain a HTTPS certificate. Now, that need is no longer confined to eCommerce or banking.
It’s something that all web publishers should be doing.
Maintain the integrity of your site whilst looking after advertising impressions, lead generations, CTR and even sales and revenue.
July 2018: Save the date.