Upgrading Our Websites to HTTPS to Create a Safer Web
January 3, 2017
January 3, 2017
Estimated Reading Time 7 Minutes
Written by Adam Gatenby, Digital Director at Better.
We’re keen to make the web a more secure place, and we’re making some changes to help with that.
You’ve most probably seen the secure padlocks, or green URLs when banking online, searching Google, or purchasing that new gadget on Amazon. Most websites which transfer sensitive data and all reputable e-commerce websites use HTTPS as standard, but are not required to.
Over the past couple of months, we’ve been working hard on upgrading our server infrastructure, as well as the servers and software which host our clients’ websites.
Part of this process was re-defining our hosting packages, and as standard, we now serve every website we host over HTTPS.
Let us help explain the reasons for this change and why HTTPS is so important, and why it should be the standard protocol used to serve all websites.
What is HTTP and HTTPS?
You’ll probably recognise or know of HTTP, which stands for Hyper-Text Transfer Protocol. It is the protocol in which the World Wide Web is requested and dictates how these requests are formatted and data is transferred. HTTPS is the secure version of the protocol, which established a secure connection with the server, encrypting all data sent and received between the client (a users computer) and the server, using various security layers.
Why HTTPS is important?
Being a user of the web yourself, I’m sure you share and receive a lot of sensitive information on a daily basis. Be it your emails, online banking, credit card information, even down to your search habits or what you share on Facebook. This is all information we’d like to keep private and secure.
HTTPS allows that, by preventing both ‘man in the middle attacks’, in which there is an attempt to ‘steal’ information as it is transferred, or manipulation of data in the transfer process.
There have been movements to make HTTPS the standard protocol. In fact, various industry leaders such as Google, Microsoft, Mozilla, Facebook and CISCO have all backed projects to make certificates easier and cheaper (free in fact) to apply for, including the Let’s Encrypt project.
What are the benefits of using HTTPS?
The biggest benefit is that you will prevent you and your users against attacks which try to manipulate or intercept data.
Providing your website over HTTPS is likely to install trust in the end user visiting your website, which in turn, should increase potential enquiries, leads or customers. Users are also becoming increasingly educated and cautious about their online privacy, and they will now often check for the padlock or a secure connection, certainly when completing certain tasks online. However, you don’t have to be selling anything on your website to consider HTTPS.
Finally, another potential benefit is in your search rankings. Back in 2014, Google made their entire search product secure using HTTPS . Since then, they have widely promoted websites to use HTTPS and earlier this year have indicated doing so could have an impact on your search engine results page rankings.
How to secure your website
There are various ways to do this, but you’ll need to provide a valid SSL Certificate to do so. There are various certificates, available from a range of certificate authorities, which provide different levels of encryption, insurance and protection. This really depends on the nature of your website and the data transferred. Once you have your certificate, the next step will usually involve your hosting provider applying the certificate to your server.
Whatever your website, we’d recommend making it secure. Get in touch with us on 01642 989 158 or email@example.com to see if we can help with your website hosting, or making your website secure!