Time to Convert Your Site to HTTPS
If you’ve been aware of the news cycle at all in recent months, you have heard a lot about internet security and the myriad ways it might fail us. Google Chrome has taken one step toward greater security that we would all do well to heed. In July 2018, if you visit any website that does not use HTTPS encryption using Chrome, a “NOT SECURE” warning will be displayed. It is a good time for all of us to update our technology to get in step with this new development.
What is HTTP and HTTPS?
If you look at any web address in your browser, you’ll see that most display beginning with either http:// or https:// such as:
HTTP (Hypertext Transfer Protocol) describes the way information exchanged between a user and a website will travel. In the case of HTTP, the information is sent in plain text. If someone were to intercept the data – be it anything from a simple “Hello!” to credit card numbers – it could be read easily. The information that is even simply being viewed by the user is also subject to interception. HTTPS, on the other hand, stands for Hypertext Transfer Protocol Secure. This protocol facilitates a secure pathway through which information can travel, with encryption that makes the exchange difficult to discover and decipher.
In the past, security on this level was not considered important except in the case of monetary exchange or other specifically private matters. HTTPS is soon to be the standard across the board. It is best to begin making the change now to ensure your site will remain trusted by search engines and visitors alike.
What Do I Do Now?
In order to give your site the new standard of security, you’ll have to acquire an SSL/TLS certificate. SSL (Secure Sockets Layer) and TLS (Transport Layer Security) work together to both authenticate the identity of the person holding the certificate and to allow for the transmission of encrypted information. You can get your certificate from a number of places. A good place to start is with your web host or domain registrar.
There are currently three main types of security certificates to choose from: A Single Domain certificate will secure only one domain or subdomain. A Wildcard certificate will secure a single domain along with all of its subdomains. A Multi-Domain certificate will secure more than one domain. Take the time to consider the setup of your current website as well as future goals before choosing which type of SSL/TLS certificate to obtain.
After you’ve followed the directions specifically for the activation of your security certificate, there are follow up efforts that need to be made to make sure everything is in working order. So that the tasks don’t seem overwhelming, break it down into steps. Here are some of the things you’ll need to do:
- If you are using Google Analytics, update it for the HTTPS version of your site.
- Reestablish your link between Google Analytics and Google Search Console using the updated web address.
- Add the HTTPS versions of your web address to Google Search Console. That is, if you’ve already verified http://website.com and http://www.website.com, add https://website.com and https://www.website.com.
- Submit your sitemap for the secure, resolving version of the web address.
- Use 301 Redirects to point the HTTP versions of each page to the new analogous HTTPS versions in order to eliminate broken links due to the update.
- Update your robots.txt file so that all your pages will be crawled by Google.
- Keep your security certificate up to date.
Updating to HTTPS will not only keep your information safer. It should also increase load time of your pages. It will help your SEO as search engine visibility is expected to suffer if you are still operating with an outmoded setup.
The above points are the basics of what you’ll need to do to make the change from HTTP to HTTPS. The list is not exhaustive, so do keep an eye out for and take care of any other details specific to your website. If you’d like help along the way, contact Loebig Ink. We’d be happy to help you navigate this important process along the way.
- EasyNews.com, “HTTP VS. HTTPS – WHAT’S THE DIFFERENCE?”
- Chromium Blog, “Next steps toward more connection security”
- Search Engine Journal, “HTTP to HTTPS Migration: The Ultimate Stress-Free Guide”
- SSL.com, “FAQ: What is SSL?”
- TheSSLStore.com, “What is an SSL/TLS Certificate?”
- Acunetix Blog, “TLS/SSL Explained – TLS/SSL Certificates, Part 4”
- Openix Blog, “What to do After Installing SSL Certificate?”
- Google, Search Console Help, “Secure Your Site with HTTPS” https://support.google.com/webmasters/answer/6073543