This happy stylish cybernetic baboon is writing a blog post and exudes a hipster vibe.

2020 is the year to upgrade to HTTPS

Posted on May 27, 2020 by Archie Kennedy

Padlocks on a fence in front of a red wall

Image: Jon Moore

The S in HTTPS

HTTPS is the secure version of HTTP, the protocol used to send data between browsers and websites.

Enabling HTTPS on your website keeps the data entered by your users safe from prying eyes. Providing the security they've come to expect.

Browser and web server communicating using HTTP (readable) and HTTPS (encrypted)

HTTPS encrypts the traffic sent to and from your website, making information unreadable to anyone that intercepts it.

When using HTTP alone, there is no encryption, making it possible for miscreants to eavesdrop on traffic and steal data.

The padlock in the room

Google's tightening of security in their browser is, to some, the most compelling reason to upgrade.

Browser visiting an HTTP website with a red warning in the address bar that reads 'Not secure'

You may have noticed that whilst using Google Chrome some websites state that they are not secure along with a red warning, this is deliberately off-putting to users.

Serving your content over HTTPS will replace the warning with a much less worrying padlock.

HTTPS-enabled website with a padlock in the address bar and a message that reads 'Connection is secure'

How does that translate to the real world?

84% of users would abandon a purchase if data was sent over an insecure connection.

Source: study by GlobalSign

Effect on search ranking

Does having a secure website boost your SEO (search engine optimisation)? Yes.

Google made changes back in 2014 to give websites using HTTPS a small improvement in search engine ranking. If your website and your competitor's site would be neck and neck in the Google results page, the site using HTTPS will be placed higher.

Source: HTTPS as a ranking signal

Enabling HTTPS on your website

Depending on your website and content this can be an involved process. If you would like help migrating and securing your website, get in touch!

We've laid out the general steps below.

Obtain an SSL certificate

You (or your site administrator) need to get hold of an SSL certificate. This is a small file that makes encryption possible and proves the identity of your website.

These are issued by a Certificate Authority, such as https://letsencrypt.org/.

Configure your server

Your web server needs to be configured to serve pages over HTTPS.

Your server should also be set up to automatically renew your SSL certificate, as these typically expire after 90 days. If you forget to renew your certificate, your users will be presented with a pretty scary looking screen:

Google Chrome visiting a website with an expired SSL certificate and showing a red warning

Update your links and content

You'll need to run a code audit on your website's content, ensuring that all resources are served over HTTPS.

Set up a permanent redirect

Once you've got your certificate working correctly, add a permanent redirect to your website. When users and search engines visit http://yourwebsite.com they'll be redirected to https://yourwebsite.com.

Update webmaster tools

Finally, you'll want to update links in any analytics or webmaster tools you use. For example, don't forget to update URLs in Search Console.

In conclusion

Switching to HTTPS protects your users' data, inspires confidence and can boost your search ranking. It's something every website owner should take the time to do.

If you'd like help upgrading your website to HTTPS, get in touch!

Get in touch

Call us on +44 (0)117 325 1055