The first question that always comes to mind is, do I really need HTTPS? An SSL certificate is something you’ll need to purchase to create this secure connection. Not too long ago, this was only necessary if you were operating a shopping cart on your website, as this certificate secured your site for credit card use. But what if you only have a contact form, do you still need https? Let me explain 3 reasons why you need that “S” in your website URL.
What Is a security certificate?
This certificate connects your site, and your client’s browsers, providing encryption of the information traveling between the browser and your website. Now if you’re not selling anything and you don’t need any credit card information, you might say what am I protecting? But today’s privacy laws mandate that you protect the information or leads that are collected from your website. So to protect your site’s content, an SSL certificate will help but not completely protect your content.
To learn more about site protection check out Wordfence.
Why Is So important?
1. Provide Trust. If you’re trying to maintain a lead generation website, which means you have people come to your site to fill out a form or browse your site, they’re going to see the little padlock up in the top URL location; this is important as many sites will say “not secure”. In addition, both Firefox and Chrome and most modern browsers will show if the site is not secure, which might make your clients a little nervous about entering their information and giving you that email address that you need. The bottom line, your site needs to use the HTTPS protocol, so users will not panic and abandon your site due to “non-secure” warnings.
2. Improve your search engine rankings. Now that HTTPS is part of the search algorithm, it’s really important that you use it. How much of a difference it makes is not documented but with so many sites having the SSL. Google has also indicated that an HTTPS site can serve as a tie-breaker between two sites offering similar information. So now, clients might just go to another site that offers HTTPS for the security factor.
3. Everybody’s doing it. It gives your business credibility. If people are coming to a site that says “not secure”, they don’t feel like maybe there’s been the money spent to protect against breaches and hacks. They just may not want to do business with you. The HTTPS just reaffirms that you’re doing everything in your capabilities to make your site work as secure and as best as possible while providing ease of use and while providing the best possible products.
How To Install HTTPS On Your Site
The good news is that it’s not terribly expensive or difficult to convert your site to HTTPS. The bad news is there’s more to it than just switching your backend settings in WordPress.
- First, you will need to purchase an SSL (Secure Socket Layer) certificate. Not all certificates are the same, but for a basic site that operates under one domain name you can purchase a “Positive SSL” certificate (aka Domain Validation SSL) for as little as $10/year from NameCheap or SSLs.com. NOTE: Check if you host provider offers a free SSL certificate as an incentive to host your site with them.
- I do this for a living and there are many parts to make sure you SSL is working properly. Depending on your hosting and the platform your website is operationing on it can be very quick or a bit of a challenge. If you using WordPress make sure that you have changed the settings to add the “S” in your URL. You will also want to use a plugin to enforce HTTPS to secure your images and make sure your site does not through up any misleading information that your site is in fact secure.
- After your SSL certificate is installed, you’ll need to check every page of your site for “mixed content” errors. A mixed content error occurs when a web page references non-HTTPS elements. Sometimes they’re super easy to fix, other times they’re a little tricky. You can hire a professional to find this code and correct it or use a plugin in WordPress that will enforce encrytion over your entire site.
- Finally you will need to tell Google that you’ve converted your site to HTTPS. This will re-index your site in their search database. You can push this notification through Google Search Console. Or use your Google Analytics account to make sure your pages are secure and that your site is properly indexed with the new HTTPS. You can do this also with Bing Webmaster tools.
Wow, you’re done. Your site should now show a small lock next to your URL. While it may take time for Google to re-index everything your site will be running smoother than ever. Now when a prospective client finds you in Google or Bing search and clicks on your link they will be assured a positive interaction with your company.
