The internet can be a dark and unsafe place, especially when it comes to sensitive data. Cybercriminals are constantly lurking around every corner of the WWW, plotting how to steal credit card details, identities, or any information they can use for their own benefit.
Websites are their easy targets, as they store a lot of passwords and private data submitted by their visitors. No wonder Google decided to put an end to this cyber threat and introduce stricter protocols for a more secure internet. This is great news for users, but let’s discuss how all these changes will affect your blog.
What a difference a letter makes
From HTTP to HTTPS via SSL. Just one single letter S turns your blog into an internet safe haven where all passwords are protected. HTTP or hypertext transfer protocol is used for communication between different systems, and it practically allows exchanging information, including text, images, sound, and other multimedia messages, between web servers and browsers.
The vulnerability of this system of data transmission lies in the fact that the traffic can be easily intercepted by malevolent third-parties. E-commerce, investment, and banking websites were the first to introduce the HTTPS protocol which encrypts data by means of an SSL (secure socket layer) certificate. Such a connection is safe because transmitted messages are encoded and can’t be accessed by unauthorized parties.
In 2014 Google announced that HTTPS would be a ranking signal. However, according to a survey conducted by Moz that same year, 57.85% of webmasters stated that they had no plans of switching to this secure protocol.
In January 2017, the search engine giant introduced a new security measure – HTTP pages that collect passwords and credit cards would be marked as non-secure. This change prompted many website owners to start taking things seriously and consider obtaining ah SSL certificate. Check out this detailed blog post to learn more about SSL and HTTPS, as well as how to properly secure your website, and get down to the nitty-gritty of this security concept.
Migrating to HTTPS has some important benefits for your blog. It’s self-explanatory why you should ensure its security and strengthen your first line of defense against hackers. Here are some other advantages of obtaining an SSL certificate:
- First of all, visitors who come to your blog won’t be scared away by the “not secure” label and a red triangle at the left of the address bar in Chrome, or a gray padlock with the red strikethrough in Mozilla Firefox. Such a dramatic alert will deter many potential visitors from entering your blog, and you know what that means in terms of traffic, leads, conversion rates, and profits – a huge drop. So, make sure to go green if you want your blog to be perceived as trustworthy and credible.
- Secondly, an SSL certificate will help your SEO efforts, which means that the rankings of your blog will go up. This will improve your blog’s visibility and bring you even more traffic.
- Finally, Google now requires HTTPS for its AMP (accelerated mobile pages) project. In other words, if you want to get ready for the mobile-first index, you’ll need to adopt this secure protocol.
Not so good things
Migrating to HTTPS can lead to some challenges, and although they’re not insurmountable, they can affect your blog’s performance, traffic, and conversion rates.
- The very process of switching to HTTPS poses certain risks since there are so many parts to be moved. For example, if you don’t secure images, links, scripts, and other elements, you can encounter some security issues. So, practically, even if you migrated to HTTPS but forgot to secure images, your visitors would still be displayed security alerts. Don’t forget to fix all the internal links so that they point to the HTTPS version of your blog too.
- Similarly, if you aren’t careful you might end up with both HTTPS and HTTP versions of the same page indexed by Google, and that will result in the dreaded duplicate content issue. Apart from the Google penalty looming over your blog, two versions of the same page in the search results will most definitely confuse your potential visitors.
- Since HTTPS requires a more complex data exchange process for the sake of security, all these additional handshakes can slow down page load time. Experts from Google recommend that you should keep your load speed under 2 or 3 seconds, but you don’t have to worry if you stick to the best practices and adopt HTTPS friendly technologies. For example, HTTP/2, an upgraded version of HTML protocol has been engineered to optimize and speed up page load time, and it can be used only with HTTPS. Now that’s a real twofer.
- Last but not least, the cost of an SSL certificate might be a problem if your budget is limited. It can range from $100-200 on a yearly basis, all the way to over $1,000 if you want a certificate from a reliable company like Symantec.
Although all this HTTPS business might seem like a nuisance, the benefits it provides make all your efforts worthwhile.