An example of HTTP and HTTPS

SSL certificates and why you might need one

Wed 25th Jul 2018

Google announced that from Chrome version 68 (Released in early July), any website not using HTTPS will be labeled as "Not Secure". Previously, Chrome had only shown this warning for websites handling sensitive information such as card details and contact forms. Read more here: https://security.googleblog.com/2018/02/a-secure-web-is-here-to-stay.html

If you’re collecting sensitive customer information like passwords or credit card information, or even their contact information through an enquiry form, you should be taking steps to secure the information and reassure your website users. If you haven’t already added an SSL certificate to your website, and made the switch to HTTPS, the secure version of HTTP, it is time to take action.

Google isn't going to block HTTP websites, but you might see a negative impact on your traffic if your competitors' websites are secure. Over time, their websites might be seen as more relevant by search engines because users will spend more time or keep returning to their website instead of yours.

Google states that over 68% of Chrome traffic on both Android and Windows is now secured, rising to 78% for Chrome traffic on Chrome OS and Mac.

You will have already put time, money and effort into attracting visitors to your website, you really don't want them to be turned away at the last moment by an unsecured website warning.

What are HTTPS and SSL?

HTTPS stands for Hyper Text Transfer Protocol Secure and is a secure version of HTTP. It’s most often used for ecommerce sites to make secure transactions. If you’ve ever noticed a padlock icon in the top right corner, this means an SSL certificate is in place and the site is secure.

SSL stands for Secure Sockets Layer. It is a protocol that provides secure connections, it isn't used to encrypt files but the connection transmitting files.

So, if you have a domain like https://www.rachelwatson.co.uk with a green padlock icon you’ll know that it’s encrypted and secure since it uses HTTPS. But if your domain looks like this: http://www.example.com – it is unencrypted and non-secure as it’s HTTP.

Will HTTPS sites get an SEO boost over HTTP sites?

Some years ago, Google announced HTTPS as a lightweight ranking signal BUT they have hinted that its influence may become greater in the future. For now, preference is shown for HTTPS in search engine results. So websites using SSL certificates are considered more secure and more trusted, which means they do get a small boost in rankings.

Do I need to change my website to HTTPS?

In short, yes.

Even if you only run a small website, HTTPS can prevent intruders from passively "listening in" on any communication between your site and your users.

Particular features which definitely require SSL include:

  • A contact form
  • Online payment systems (directly or via a third-party provider)
  • Collecting any personal information via your website
  • Members only / logged in area of your site

In conclusion

An SSL certificate will provide a small boost in search rankings, increased security and credibility online, but most importantly it will give your potential customers confidence in you and your website.

Contact me to discuss securing your website with an SSL certificate.

by Rachel Watson