If you’ve ever done any shopping or banking online you may have noticed that a padlock symbol appears in the address bar of your browser. Depending on the type of browser you are using and how it is configured the address bar may turn green and you might also see that the website address starts with HTTPS (the S stands for secure) instead of HTTP. Whenever you see this padlock in your browser it indicates that the website has a secure certificate and that you are accessing the site securely.
A secure certificate contains an encryption key which is used to encrypt all the data that is transferred to and from a website. If you find yourself entering sensitive information into a form on a website, for example your credit card number, you should always check to make sure that the padlock appears in the browser’s address bar. It ensures that any sensitive information transferred to the website is encrypted and is a very good indication that you are dealing with a legitimate organization.
Secure Certificate Benefits
There are many advantages to getting a secure certificate for your own website. These include:
- Your website gets a boost in Google ranking because Google would like to eventually see all websites have their own secure certificate.
- If there is a login page on your website it protects yourself and your clients by encrypting the login data.
- It protects your clients’ information if they are filling out forms on your website.
- It increases overall confidence in your website because browsers will no longer display the “not secure” message.
There used to be a concern about websites with secure certificates having longer response times but thanks to advances in technology this is no longer the case. The difference between encrypted and unencrypted data connections is now only a matter of milliseconds and would most likely not even be noticed.
The only really downside then is that it could cost you as much as $100/year for the certificate but prices vary widely and some hosting providers even provide one for free. Until recently a unique IP address was also required, which could cost up to $50/year. However, a lot of hosting companies are taking advantage of an extension to the secure protocol called “Server Name Indication,” or SNI, which enables them to install a secure certificate on your website without the need for a unique IP address.
How to Secure Your Site
The steps involved in securing your site are:
- Purchase and install a secure certificate. This is normally done through your hosting provider.
- Update all internal links on your site to point to HTTPS, the secure connection, instead of HTTP. Otherwise the “not secure” message will still appear and some resources used by the website may be blocked.
- Redirect all incoming connections over to HTTPS.
- Confirm everything is loading properly.
- Let Google know about the change over to HTTPS and update the sitemap location.
Back in 2014 Google called for “HTTPS everywhere” which is why they started using it as a ranking signal. More recently they’ve been updating their very popular Chrome browser to more clearly indicate when a website is being viewed through a non-secure connection. Since the movement to secure websites seems to be gaining momentum it should be something to consider for your own website, especially if it has a login page, or collects other sensitive information.
Please let us know if you have any questions and, if you do decide to make the switch, we can help you out with all, or any, parts of the process.