Skip to main content Scroll Top
Uncategorized
February 13, 2017

Why Google Is Pushing HTTPS

By New Plains Media Team

Love Starts With Trust

Note: This Valentine’s Day, we’d encourage you to turn off all devices and spend quality time with the ones you love. But we know you might glance at a screen and we’re going to take this installment of the Real Deal to explain a major change for every website, and loosely use the term love while we’re at it.

We love the internet. We spend more time online than we do just about anything else, connecting with the things we’re interested in and care about. But if that love is to be protected, much less grow, it needs to be trusted.

We recently started notifying our clients of the need to switch their websites to a secure protocol, what is commonly known as HTTPS.

By default, all websites operate on the HTTP protocol and only pages asking for sensitive information – passwords, bank or medical information – were required to be secure on HTTPS. Yes, that “S” at the end stands for Secure!

If HTTP is the protocol by which your browser communicates with websites, HTTPS ensures that communication is encrypted, so only your browser and the website you’re communicating with can see what is going back and forth.

HTTPS can only be implemented with a Secure Socket Layer (SSL) certificate.

You can always easily identify if your using HTTPS by looking at the URL bar of your browser. If HTTPS is being implemented, you will see a “padlock” graphic and oftentimes the word “Secure.” If that’s not there, it’s not secure.

That is now changing and everyone should look to have their entire website on HTTPS for two main reasons:

1) Security

It is important to prove your identity and keep your communications private when online.

With the proliferation of cookies and other technologies that track or can maliciously interfere with your online activities, a lot of information can be gathered that ultimately can threaten your web presence and the privacy of individual users.

“We’re also working to make the Internet safer more broadly…,” explained the Google Webmaster Central Blog in 2014. “A big part of that is making sure that websites people access from Google are secure. “We want to go even further. … we called for ‘HTTPS everywhere’ on the web.”

Google named three primary concerns when it announced “HTTPS Everywhere” in 2014:

Authentication

Am I talking to who they claim to be?

Data Integrity

Has anyone tampered with the data?

Encryption

Can anyone see my online activities and interactions?

2) Search Engine Rankings

When Google announced its HTTPS Everywhere initiative, only 1% of global searches saw an impact in rankings from converting to HTTPS. Testing overall seemed fairly inconclusive on its importance and it was far down on the list for most SEO teams.

Plus, SSL certificates cost money and maintenance. That changed last year when the Internet Security Research Group, a collaborative project of the Linux Foundation, released Let’s Encrypt SSL for free. That made it easy for every website to add an SSL certificate. If you don’t currently have an SSL certificate for you site, just about every hosting company is now installing the Let’s Encrypt SSL certificate for free.

Well, Google just gave the transition to HTTPS a big shove with the new update for its Chrome browser – the number one leading internet browser in the world, with twice the usage rate of its nearest competitor, Apple’s Safari.

“This is the first part of a staged rollout that encourages websites to get rid of plain old HTTP,” explained internet security experts Wordfence in their blog. “The final step in the staged rollout will be that Chrome will label all plain HTTP pages as ‘Not secure.’”

With that final push, HTTPS adoption is expected to become widespread quickly and websites without it will suffer. The conversion should be a one-time fix that will deliver permanent and long-term benefits.

It’s not necessarily simple, though, involving a focused effort of implementation and testing.

Very broadly, here are the steps it will take to convert to HTTPS

1) Get and install the SSL certificate

That should be easily done by your hosting provider.

2) Change every HTTP link to HTTPS

That means changing every internal link in your website, including every image.

3) Checking Code Libraries

If your website dynamically generates pages or uses Javascript or Ajax code, insure those that refer to HTTP are changed to HTTPS

4) Implement permanent redirects

Permanently point HTTP pages to HTTPS pages for external links you don’t control by editing the htaccess file (if you’re using Apache).

5) Update External Links

Since your website has now changed from HTTP to HTTPS, you will need to update any links to your website on the citations and directory sites you control, like your Google My Business page, Facebook, Yelp, etc.

6) Update 3rd Party Tools

From Content Delivery Networks to emails to Google Adwords, be sure to use the new HTTPS. Critical to do for Google Analytics and Google Search Console, which should be installed on every website.

If your website isn’t currently entirely on HTTPS, make plans now to convert.

Let’s all have an internet we can trust and love.

 

 

 

 

 

 

New Plains Media Team
New Plains Media Team

More posts by New Plains Media Team

Add Comment

You must be logged in to post a comment.

Privacy Policy - Terms and Conditions