- Adding both metric & imperial scalelines to an OpenLayers map
- Populating Google Sheets using Analytics Reporting API v4
- 2020 is the year to upgrade to HTTPS
- How to stay motivated and focused whilst working from home
- Servers: Dedicated or Virtual - What are they?
- MeasureCamp Cardiff 2017 sponsorship
- Content is king, long live the king
Posted on May 27, 2020 by Archie Kennedy
Image: Jon Moore
The S in HTTPS
HTTPS is the secure version of HTTP, the protocol used to send data between browsers and websites.
Enabling HTTPS on your website keeps the data entered by your users safe from prying eyes. Providing the security they've come to expect.
HTTPS encrypts the traffic sent to and from your website, making information unreadable to anyone that intercepts it.
When using HTTP alone, there is no encryption, making it possible for miscreants to eavesdrop on traffic and steal data.
The padlock in the room
Google's tightening of security in their browser is, to some, the most compelling reason to upgrade.
You may have noticed that whilst using Google Chrome some websites state that they are not secure along with a red warning, this is deliberately off-putting to users.
Serving your content over HTTPS will replace the warning with a much less worrying padlock.
How does that translate to the real world?
84% of users would abandon a purchase if data was sent over an insecure connection.
Source: study by GlobalSign
Effect on search ranking
Does having a secure website boost your SEO (search engine optimisation)? Yes.
Google made changes back in 2014 to give websites using HTTPS a small improvement in search engine ranking. If your website and your competitor's site would be neck and neck in the Google results page, the site using HTTPS will be placed higher.
Source: HTTPS as a ranking signal
Enabling HTTPS on your website
Depending on your website and content this can be an involved process. If you would like help migrating and securing your website, get in touch!
We've laid out the general steps below.
Obtain an SSL certificate
You (or your site administrator) need to get hold of an SSL certificate. This is a small file that makes encryption possible and proves the identity of your website.
These are issued by a Certificate Authority, such as https://letsencrypt.org/.
Configure your server
Your web server needs to be configured to serve pages over HTTPS.
Your server should also be set up to automatically renew your SSL certificate, as these typically expire after 90 days. If you forget to renew your certificate, your users will be presented with a pretty scary looking screen:
Update your links and content
You'll need to run a code audit on your website's content, ensuring that all resources are served over HTTPS.
Set up a permanent redirect
Once you've got your certificate working correctly, add a permanent redirect to your website. When users and search engines visit
http://yourwebsite.com they'll be redirected to
Update webmaster tools
Finally, you'll want to update links in any analytics or webmaster tools you use. For example, don't forget to update URLs in Search Console.
Switching to HTTPS protects your users' data, inspires confidence and can boost your search ranking. It's something every website owner should take the time to do.
If you'd like help upgrading your website to HTTPS, get in touch!