Internet users are getting more and more savvy. Years of being targeted by scammers and viruses have meant that the average computer user is more security focused than ever before. They care about their privacy and they care about their security and this means website owners have to care as well.
HTTPS, aka "The green padlock", is an important element to both privacy and security. Both Microsoft (Internet Explorer and Edge) and Google (Chrome) have invested heavily in educating their user base about the importance of HTTPS.
What exactly is HTTPS?
Back in the dark days of the web, nearly all traffic between you and a website you visited was totally unsecured. This meant that if someone managed to intercept your traffic (it’s easier than it sounds to do this) then they could read everything that was said between your computer and the website. Emails, chat conversations and banking details were all up for grabs. This was bad news for you and bad news for website owners who were trying to convince web users that they could spend money safely on their sites. When HTTPS is setup (if you really want to know how it works, check this out) on a site it encrypts all traffic between you and the site. It does this without users needing to do anything. If you see the green padlock, you’re pretty much safe.
OK, why does my site need it though?
Simply, it shows your website visitors that you care about their security. In a 2014 survey from certificate provider Globalsign, 77% of users were concerned about their data being intercepted or misused online.
Apart from the security and privacy of your users, there is another reason to go HTTPS for your site. Google see the threat of the older unsecured HTTP as being so serious that they plan on slap a "Not secure: warning on some HTTP sites. It doesn’t stop there. Google are famously enigmatic about how their results are generated, but they are flagging HTTPS as a major thing for websites to focus on. This may well mean your website ranking in Google will be negatively affected by not having HTTPS on your site.
This all adds up to it making sense for you, as a website owner, to strongly consider ensuring your site is HTTPS enabled.
It’s worth noting that HTTPS encrypts the traffic that your website passes back and forth with users, it does not protect your website’s core files from attack.
The good news
It’s not hard or particularly expensive to get your site encrypted. When I create sites for my clients, I always ensure HTTPS is an important consideration. If your site is unsecured at the moment, by virtue of how HTTPS works, it’s pretty easy to convert to an HTTPS site. Don’t wait, if you’ve not already, get your site HTTPS enabled today.