Concerned about Website Security? Migrate to HTTPS

If your website includes a contact form and does not begin with HTTPS, then you are putting your visitors’ data at risk. Even simple forms can ask for private information like a name, email, address and phone number. If you don’t have a secure website, this information is readily available to anyone with the know-how to take it.

To encourage websites to become more secure, Google Chrome and Firefox now mark HTTP sites as “not secure” in the web address bar – instead of the green “Secure” and lock icon that appears on HTTPS sites. According to GlobalSign, 28.9% of web users look for the green address bar when they visit a website.

In June 2017, Google Chrome was the #1 internet browser used worldwide – at 76.3% – while Firefox ranks #2 and is used by 13.3%.  Therefore, as both browsers mark HTTP websites as “not secure” it is bound to motivate more of us to transition our sites to HTTPS.

What’s the difference between HTTP and HTTPS?

HTTP stands for HyperText Protocol and is a set of rules for transferring files from the Internet to your computer screen. The added “S” in HTTPS makes all the difference, and stands for – you guessed it – Secure.  With HTTP, anyone can eavesdrop on conversations happening between your computer and a website. Use HTTPS and the conversation is encrypted.

Safety is not the only benefit

While security is by far the biggest reason to make the switch, HTTPS sites load much faster than HTTP (see for yourself). Google also gives preference to HTTPS sites in its search engine ranking results. Finally, HTTPS to HTTP web referral data is blocked in Google Analytics, skewing your web traffic metrics.

Ready to go migrate?

To switch from a HTTP to a HTTPS site, you first need to get a SSL (Secure Sockets Layer) Certificate “stamp of approval” for your website.

There are three types of SSL Certificates:

  1. Domain Validation: Less expensive (sometimes free); verification occurs quickly via email
  2. Business/Organization Validation: More expensive; verification takes 1-3 days; business/organization’s name is displayed in the URL bar
  3. Extended Validation: Most expensive; verification takes 2-7 days but provides a higher level of security; business/organization’s name is displayed in the URL bar

If you are conducting any type of financial transactions on your website, you should be using type 2 or 3 certificates. Type 1 is fine if you are just collecting form information. Your website host should be able to help you get started with your SSL certificate.

Not sure if you are using an SSL certificate? You can check at www.ssllabs.com/ssltest.

Trackback from your site.

Heidi Stanclift

At Paragon, Heidi blends her skills in website development and project management to bring Paragon’s web projects from vision to reality. She has produced hundreds of sites for clients from around from the world — who depend on the WordPress, Drupal and Joomla platforms to manage their online business needs.

Leave a comment