Why Your Entire Website Should Be Served Securely Over HTTPS

…and what is HTTPS anyway?!

HTTPS is an extra level of security for the people who visit and interact with your website. It creates an encrypted connection between your website and its visitors, and prevents the data going back and forth from being intercepted or manipulated.

Google: HTTPS Everywhere

Users expect a secure and private online experience when using a website.

Example of Secure Page connection

As part of their HTTPS Everywhere initiative (announced in 2014), Google announced that they would soon start preferring, and eventually requiring, all websites to update from HTTP to HTTPS connections. Mozilla/Firefox have made a similar announcement.

Starting this past January (2017), Google has ramped up the pressure (and rewards) for websites to upgrade to HTTPS.

One reward already in place is up to a 5% SEO ranking boost for sites that are running over HTTPS.

Conversely, Google has started to display a small “not secure” alert in the Chrome browser when visiting any page that contains a password login or web form, and is not being served over HTTPS. (See example below.)

Example of “Not Secure” label

Google Chrome browser is used by almost 60% of all users these days, so it’s critical to present yourself correctly.

Secure All Pages

You may have noticed that your bank or healthcare website has been using HTTPS for many years already. This makes sense due to the financial or very personal information being transmitted.

For personal or small business websites, it’s been best practices to utilize HTTPS for e-commerce websites, or for any single webpage that might contain a credit card payment form.

But the internet today is much bigger and more advanced than ever. As such, the total number of security threats and hacks has grown exponentially.

Nowadays, it just makes good sense to use encrypted secure connections for any and all web pages — no matter the website, and no matter the content or purpose of the website.

And soon, Google will be requiring all web pages to be served over a secure connection — otherwise they’ll place a red security alert in the browser bar.

Eventually, if your website is not totally HTTPS, the Chrome browser will display a red triangle icon, and red text warning: Not Secure.

If you want your visitors to have trust in your website, you’ll need to provide your website over an HTTPS connection.

HTTPS is Everywhere Here

Upgrading to HTTPS is not hard in and of itself — we just have to install a free or low cost SSL certificate to the hosting account.

But with a WordPress website, there are few more adjustments which must be made to the website itself in order to transition to HTTPS. There may also be a few adjustments to any Google Analytics or Webmasters accounts that may be in place. All in all, not a whole lot of work, but it does take a small bit of time to make sure everything’s working smoothly after the upgrade.

All new website projects here at KPFdigital are built using HTTPS. And for any of our existing customers we offer an affordable one-time upgrade.