Is your business ready for the new secure site era?

On 24th July, Google’s Chrome changed the way it treats HTTP and HTTPS websites. Here’s a handy guide to what’s happened, what the changes mean for your business or blog, and what you need to do in response.

Google changes 101 – what is the HTTPS/SSL update?

Back in January 2017, little red warning signs started appearing by the side of certain website addresses in the Google Chrome address bar.

Illustrated by an exclamation mark inside a red triangle, the warnings bore the words ‘Not secure’.

The sites affected were mainly HTTP sites that collected passwords and credit card information.

This was Google’s first step towards creating a more secure internet – an internet with less fraud.

In February 2018, Google went a step further and announced that it would start marking all HTTP sites – I.e. all sites without HTTPS encryption – as insecure.

Back to basics – what is HTTP?

HTTP stands for Hyper Text Transfer Protocol. Basically, HTTP is a set of rules that determines how information is transmitted to your browser when you request to see it.

So, say you’ve googled the word ‘lunch’ and a website appears in the search results that you like the look of. You click on that website in the search list and HTTP goes into action behind the scenes to make sure that website’s content is delivered to you the way it should be – so you can get on with choosing what you want to eat.

What’s insecure about HTTP sites in the first place?

When you load a website over HTTP the content of that website isn’t private. It’s possible for hackers to both look at and modify the content before it gets to you.

So, what’s HTTPS encryption in a nutshell?

HTTPS sites are the secure version of HTTP sites.

They’re recognisable by the little padlock icon that appears next to the web address bar.

HTTP sites are made secure by adding an SSL Certificate to a website.

What is an SSL Certificate?

SSL stands for Secure Socket Layer. An SSL Certificate is essentially an encryption device. It stops hackers snooping on you when you use a website.

You can buy SSL Certificates off the peg, from your website provider. Depending on your level of technical knowledge, you can either add one to your website yourself or enlist a pro to do it for you.

How will the HTTPS changes affect your business or blog?

The customer shock factor of HTTP: Chances are, you’ve shed blood, sweat and tears to increase visitor numbers to your website. Both these hard-earned visitors and new ones are likely to feel a sense of shock when they see a red waring sign popping up next to your HTTP website address. Some will choose to ignore it and carry on exploring your site as normal, but others might be tempted to leave and try and find what they were searching for on a secure site, elsewhere.

The SEO boost of HTTPS sites: HTTPS certificates are counted as a lightweight ranking signal by Google. That means the search engine gives them a small boost in the search rankings compared to similar HTTP sites.

Faster load time with HTTPS: HTTPS allows the adoption of HTTP/2, which – jargon aside – means that HTTPS sites can often be a bit faster than HTTP ones. Google itself explains that HTTPS sites "enable both the best performance the web offers and powerful new features that are too sensitive for HTTP.”

Peace of mind: Running your own business can cause its own share of sleepless nights. Imagine how much sleep you’d loose if you found out that your website had been hacked and your visitors’ data had been stolen. A secure, safe, trust-worthy website gives you one less thing to worry over at night.

How to choose the right SSL

There’s no such thing as one size fits all when it comes to SSL Certificates.

Most SSL Certificates fall into one of three categories:

• There are simple SSL Certificates that protect log-in and admin areas so your customers’ data remains safe.

• There are standard SSL Certificates that help visitors feel safe about making payments through a website.

• Then there are extended SSL Certificates, that give website users the highest level of peace of mind.

TSOhost goes a little bit further and has crafted four different SSL packages.

These range from the Standard SSL – which is great for bloggers and small start-up businesses with simple websites – to the EV Premium – which comes with a green address bar feature to give customers complete confidence that they’re safe with you.

The ins and outs of each package are outlined clearly and simply on our SSL Certificate pages. You’ll notice that every level of SSL Certificate comes with a warranty. That means, that in the unlikely event of anything going wrong with the Certificate, you’re covered with a sort of insurance that’s worth up to $500,000.

How to set up SSL to get HTTPS

Once you’ve bought your SSL you’ll receive a Certificate Signing Request (CSR) file and the application process can go from there. If you’ve not got time or a techy side, you can get the pros at TSOhost to set it all up for you.

How do I check my SSL Certificate?

If you already have an SSL Certificate on your site, but it’s been a while since you paid any attention to it, you can check it’s up to date using an online SSL checker site.