HTTPS is No Longer Just an Option
HTTPS (Hypertext Transfer Protocol Secure) keeps data exchanged between your user’s computer and your website secure. Consumers are much more internet savvy than they were a few years ago, and now expect nothing less than a secure experience when visiting a website. The cost to switch to HTTPS is minimal and aside from the security benefits, Google has confirmed it’s a ranking signal.
Why move to HTTPS?
Google identifies several reasons to switch to HTTPS in their website migration guide:
Data sent using HTTPS is secured via Transport Layer Security protocol (TLS), which provides three key layers of protection:
- Encryption. Encrypting the exchanged data to keep it secure from eavesdroppers. That means that while the user is browsing a website, nobody can “listen” to their conversations, track their activities across multiple pages or steal their information.
- Data integrity. Data cannot be modified or corrupted during transfer, intentionally or otherwise, without being detected.
- Authentication. Proves that your users communicate with the intended website. It protects against man-in-the-middle attacks and builds user trust, which translates into other business benefits.
There are other benefits, though, including the Google ranking boost previously mentioned.
Making the switch to HTTPS also helps with the loss of referral data that happens when the referral value in the header is dropped when switching from a secure website to an unsecured website. Analytics programs attribute traffic without the referral value as direct, which accounts for a large portion of what is called “dark traffic.”
The switch also prevents a lot of bad things, such as when AT&T was injecting ads into their hotspots. They would not have been able to inject these ads on a website with HTTPS.
Does HTTPS secure my website?
People hear HTTPS referred to as a secure protocol, and they think this protects their website. The fact is that your website is not protected, and you may still be vulnerable to one or more of the following:
- Downgrade attacks
- SSL/TLS vulnerabilites
- Heatbleed, Poodle, Logjam, etc.
- Hacks of a website, server or network
- Software vulnerabilities
- Brute force attacks
- DDOS attacks
You need to be using HTTPS on your website. Our Web Hosting services and Client Service Plans all come with HTTPS protection at no extra charge.