Over the years, we’ve all learned to watch for the HTTP in a website’s address to change to HTTPS if we’re sharing sensitive information like our credit card number. It’s reassuring to see the tiny padlock appear in our address bar. But the reasons to have an HTTPS site extend well beyond e-commerce and personal privacy protection, and some of them might surprise you.
First, let’s clarify what HTTPS is and what it does.
What is HTTPS?
When you type in a web address and hit enter, HTTP is the command that tells your server to load that specific page. HTTPS is basically the same thing as HTTP, but it has an additional security overlay called Secure Sockets Layer, or SSL. SSL is useful for three reasons. For starters, it ensures that the data is encrypted. It also protects data while it’s being transmitted– no one can tamper with it without being detected. To add a third layer of protection, HTTPS sites provide authentication, confirming that users are sending their data to the site they intend to send it to, and nowhere else.
HTTPS Sites Rank Higher
But, as we’ve mentioned, having an HTTPS site offers benefits besides increased security. For one thing, it gives your search rankings a boost. Over time, search algorithms have become more user-based. They measure how users engage with your site. One thing has become clear: as the boundaries between surfing and shopping dissolve, users are demonstrating a preference for secure sites. Google has understandably taken note of this, so you now get a bump in the rankings for being HTTPS instead of HTTP. And that preferential treatment is likely to increase in the future.
Stop Losing Referral Data
Here’s a problem that’s easy to overlook: if you’re not using an HTTPS site, you’re probably not getting all your referral data. When inbound traffic comes from an HTTPS site to an HTTP site, the security protocols in place will cause it to show up as direct traffic. It’s meant as a protection for the inbound user, but it definitely tampers with your metrics. Switching over to HTTPS prevents this, as traffic from one secure site to another will show up without a problem.
How To Switch To HTTPS
In order to add SSL and make your HTTP site HTTPS, you’ll need to purchase an SSL certificate. Sometimes this can be done through your site host. If you’re purchasing it from a third party, you’ll need to find out how to generate what’s called a CSR, or Certificate Signing Request, and a private key for your use only. Most servers include instructions on how to do this in their documentation. SSL certificates differ in cost, depending on whether they cover one domain, or more than one. There are also varying validation levels, but these are less about your actual data security, and more about a potential bump in customer confidence.
With a little luck, your hosting company will manage the switchover. All you’ll have to do is change your page addresses from HTTP to HTTPS. But there are some settings you’ll want to ask about or keep an eye on during this process. For example, because search engines have been crawling your old pages and using them to rank you (and because customers may have bookmarked your site) you’ll want to be sure there are 301 redirects to the new, HTTPS addresses.
Side Note: We host all of our WordPress clients using WP Engine, which allows each installation to have one SSL for free using Let’s Encrypt™ certificates. If you’re considering switching your hosting provider, we’d gladly setup HTTPS for free when you make the switch to our servers.
It’s not terribly complicated to make the switch to HTTPS, and it will keep you out in front of a trend that’s going to be increasingly important in terms of security, rankings, and trust. Why not get started today?