Website URLs that start with https:// already have a security certificate installed. If your website URL starts with http:// - then now is the time to think about migrating to https://, which involves adding a security certificate to your website. If you’re building a brand new website or doing a complete redesign of your existing one, then it’s a no-brainer because it’s quite easy to do during the web development process.
If you want to change your existing site over to https – it does involve a bit of technical work to ensure everything is changed correctly, redirects are put in place for external links and assets are updated and tested. But it’s worth it.
HTTPS is not a fad website design thing. It is an important security priority that has multiple benefits.
There is no real downside (apart from the small cost and the technical know-how required to do it), which is why we recommend that you do it (or get us to do it for you).
How it works and what is means
HTTPS stands for Hypertext Transfer Protocol Secure and provides three layers of protection when transferring data through the web, according to Google’s documentation as follows:
- Encryption: Encrypting the exchanged data to keep it secure from eavesdroppers. That means that while the user is browsing a website, nobody can “listen” to their conversations, track their activities across multiple pages, or steal their information.
- Data Integrity: Data cannot be modified or corrupted during transfer, intentionally or otherwise, without being detected.
- Authentication: Proves that your users communicate with the intended website. It protects against man-in-the-middle attacks and builds user trust, which translates into other business benefits.
In simple terms, it means that information entered into a form on your website is transmitted in a secure, encrypted way across the internet.
It’s now virtually mandatory for ecommerce sites where you enter credit card information, and since 2017 Google has been pushing hard to encourage all website owners to make the switch from http:// to https:// to protect sensitive data entered into a form. It’s their worldwide initiative to combat security breaches, reduce spam and enforce privacy.
At this stage it’s limited to ecommerce sites and anywhere that you need to enter a password. But the writing is on the wall that down the track, it will also apply to simple contact forms. For example, even if you only request an email address in a form - if it’s entered over a wireless connection, this information can be vulnerable to third party access if your site operates on http.
What happens if you don’t have a security certificate?
1 - Website security warnings
Google and Firefox now show security warnings in Chrome for users if no valid SSL certificate is found on pages where information is requested. No doubt, before long, other browsers will follow suit.
This can be quite confusing and worrying for your website visitors and will deter them from filling out your forms.
2 - SEO penalties?
Recent studies have shown that sites that have switched from http to https are starting to see a small increase in SEO results. We believe that this will continue to improve, as Google mentioned.
3 - Possible susceptibility to phishing attacks
SSL certificates authenticate and verify the owner of a website, preventing that site from any potential phishing attacks, where third-party hackers often impersonate a website in order to obtain personal information.
4 - HTTPS alerts by Google Search Console
Google has now begun sending notices to webmasters via Search Console if a login page or any page collecting a password is not secured over HTTPS.
We monitor the Google Search Console accounts for our websites and our clients' websites, because anything reported in Search Console is important and can impact search rankings. We regular check for notifications, broken links, indexing issues and google suggestions for improving searchability, and make the required changes.
Benefits of having a security certificate
1. Visitor peace of mind
When people visit your site and see that url displayed with the Green lock and “Secure” – they have peace of mind that they are at a verified site (not an illegal copy) and that any information they provide in a form will be encrypted for sending.
2. Increased conversions
Symantec reported that four of its clients saw conversions increase from between 18-87% after installing SSL on their websites.
3. Improved SEO
Some SEO experts have seen SEO rankings dip as a result of installing an SSL certificate. This is mainly due to technical errors made with the migration, and rankings quickly recovered once these mistakes were rectified.
This is what Google said in 2014:
…over the past few months we’ve been running tests taking into account whether sites use secure, encrypted connections as a signal in our search ranking algorithms. We’ve seen positive results, so we’re starting to use HTTPS as a ranking signal. For now it carries less weight than other signals such as high-quality content—while we give webmasters time to switch to HTTPS. But over time, we may decide to strengthen it, because we’d like to encourage all website owners to switch from HTTP to HTTPS to keep everyone safe on the web.
Swiss IT company CloudTech made the switch to https in 2014 as soon as Google made this announcement. Although initially worried they would see a dive in keyword rankings as most SEO experts predicted; Cloudtec’s keywords in the top 10 (page 1 of search results) actually jumped from 65 to over 100.
And we’ve seen many other reports of slight to good improvements in SEO. Read the comments at the bottom of Neil Patel’s article Do SSL Certificates Affect Search Rankings?
Need help with installing your security certificate?
Be warned, installing a security certificate on an existing site is not quick and straightforward. You will need some technical skills, and a thorough checklist to ensure every step has been followed.
We have converted most of our own sites to SSL and many of our clients' sites. Despite following a very detailed procedure, in a couple of instances we found a couple of things which didn’t work straight away as they should have, and caused security warnings to pop up on the sites. Needless to say we’ve adjusted the process to add these little quirks into the checklist procedure, and will continue to do so as we discover more.
In a nutshell, some of the many things we check include:
- Internal site links
- Media file references
- Backlinks –301 redirect
- Forms and post submission redirection links
- Google Analytics and Google Search console updated
- Social media asset links
If you’d like help installing an SSL on your current website, follow the instructions below.
Current Commonsense Marketing Clients who host with us: We provide a low cost installation fee and an annual certificate renewal fee for our existing hosting clients. To place your order – click the button below and we’ll initiate the process for you.
For website owners who do not currently host their sites with Commonsense Marketing, simply complete the enquiry form and we’ll contact you to find out more about your website and give you a tailored quote.
If you have any questions, please don’t hesitate to book in for a free 15 minute call
Website visitor security is an important issue, and one we urge every website owner to take action on, sooner rather than later.