Every website in the world is carried across a protocol known as HTTP. Recently, though, we’ve seen more and more websites switching over to HTTPS, which is the secure version of that same protocol.
A site that is carried on HTTPS is encrypted, meaning that all of the data and information on the site itself is protected from hackers. Not only that but the sensitive information that you gather from prospects and customers—whether that’s their email or credit card information—is encrypted, too.
Why Should I Switch?
Every website owner should be migrating their site to HTTPS. Google has put incredible emphasis on ensuring that sites are secure. They recently made updates to their Chrome browser so that HTTPS sites appear with a lock symbol in the browser bar. Those that are just HTTP display the words “Not secure” in red next to the site’s URL. Having warning text associated with your website does not make a great first impression on visitors.
Not only that, Google is making HTTPS a ranking factor, so if you want to ensure that your site is well positioned in Google results (and you do), then you need to be thinking about securing an HTTPS certificate.
Even if you don’t collect any customer data through forms, your site is still vulnerable. Every time someone visits your website, there is a transfer of information between their computer and your site. If your information is not encrypted, it’s there for hackers to see an attack on the backend.
How Do I Switch?
Fortunately, it’s really easy to make the switch to an HTTPS site. WordPress offers a number of plugins to make the change, and most web hosts offer HTTPS certificates to their clients (either for a fee or, more often than not, for free as part of their service).
If you have a particularly old site that’s built-in HTML it might be a bit more work to migrate, but there are plenty of consultants who can guide you through the process.
What Happens After I’ve Switched?
Once you’ve made the switch, you’ve essentially created two versions of your site: one that is HTTP and the other that is HTTPS.
Most hosts will automatically eliminate the HTTP version so that even if someone types your site’s URL into their browser with “http://” as the start of the address, it will convert to the HTTPS version. However, if both the HTTP and HTTPS sites remain active out there, then you’re still leaving some content vulnerable, and you’re also confusing Google, leading them to believe you have two identical sites.
After you’ve gotten your HTTPS certificate, go to your Google Search Console and update your sitemap in order to instruct Google to look only at your HTTPS site moving forward. Within a week of the switch, Google will have moved away from your HTTP site and will only show the HTTPS version in results.
While this is a technical topic, it, fortunately, doesn’t take a lot of technical expertise to do the right thing and acquire an HTTPS certificate. A quick call to your web host and an update to your Google Search Console is all that’s needed to get your site compliant and ensure that the valuable information you hold about your business and your customers is all secure.