Securing Your Site with HTTPS

HyperText Transfer Protocol (HTTP) is what the World Wide Web has been using for over 20 years to transfer the HTML (HyperText Markup Language) used to build web pages back and forth from the web browser on your computer to the server that hosts the web pages that you are viewing. More recently, in an attempt to make the Internet more secure, Google began penalizing sites that are not HTTPS and warning visitors that the site is “Not Secure”. 

HTTPS stands for HyperText Transfer Protocol Secure. HTTPS provides a layer of security on top of HTTP through a technology called SSL (Secure Sockets Layer) or TLS (Transport Layer Security). This security layer encrypts all of the data being transferred between the client’s browser and the server which safeguards it against potential threats, like hackers. If hackers can steal or copy the data being transferred, then they can gain access to a user’s personal information or financial data, potentially allowing them to steal the identity of the user.

You’ll know the website you are on is secure if you see a green lock or the word, “Secure.”

  • Facebook
  • Twitter
  • LinkedIn
  • Google+
  • Evernote

Now that we know what HTTPS security does, let’s talk about how you can use it on your website.

To make your site run with HTTPS, follow these basic steps.

  1. Buy an SSL certificate from one of many Internet vendors. Certificates can cost anywhere from $50 to $2,000 per year depending on the type of certificate you want to purchase and the length of time you want it to be valid for. However, if you are savvy enough, cPanel provides free Comodo certificates and LetsEncrypt also provides free certificates.
  2. When purchasing your certificate, you will have to answer some questions about your site and validate your domain. For example, you will have to declare if your site is a Single Domain site that only has one domain name, a Wildcard domain that could have subfolders in the same domain or a Multiple Domain site that could have more than one domain name associated with the certificate.
  3. You will also have to decide on your level of validation. An Extended Validation Certificate (EV) will require you to verify the identity of the organization that controls the domain with a valid Certificate Authority (CA) so that your users will know your organization is legitimate and can be trusted with their information.
  4. Install the SSL certificate for your site. After you answer all of the questions associated with your domain, you can download your certificate to the web server that will be hosting your site. You will need to change the names of some files and modify some configuration information for your site to let the server know that all traffic to and from your domain should be encrypted.
  5. Modify your site for https. If you have a sitemap for your website or use hard coded links for the internal navigation of your site, you will need to change their addresses to use https instead of regular http. You might also need to create 301 redirects and change any analytics code in your pages to work with https.

HTTPS Benefits

Securing Your Site with HTTPS Benefits of HTTPS Secure Neon Rain
  • Facebook
  • Twitter
  • LinkedIn
  • Google+
  • Evernote

The biggest benefit to switching to HTTPS is the added security for your data. If your website has the slightest possibility of receiving sensitive security credentials or personal data of any kind, then you need to make sure that data transmission is encrypted.

Most Internet consumers are much savvier now than they were in the past. Before they enter any credit card or personal information, they look to make sure the site address has “https://: at the beginning. This increases trust when your customers see that your site is secured with HTTPS and lets them know that their data will be protected. Studies performed by GlobalSign have shown that 80% of customers are likely to abandon a purchase if they don’t see HTTPS is in use.

Securing your site with HTTPS will also add to your Search Engine Optimization strategy. Google actually considers HTTPS in their ranking factors and gives precedence in their search results to sites that incorporate security. This will help with lead generation since your site should appear higher than other competitor’s sites in most search results.

Most likely, future rules and regulations, like Google’s inclusion of security in their ranking factors, will force you to migrate to HTTPS. This is especially a concern for businesses who store customer data. If you go ahead and make the change now, then you can guard against future stipulations. Even if your site doesn’t directly request customer information directly, you can still benefit from using HTTPS on your website. By encrypting all communications between the browser and server, you ensure that your customers don’t inadvertently include personal information in communications like service requests and inquiries.

If you also intend for your web pages to be mobile friendly, then you definitely need to consider securing your site. AMP (Accelerated Mobile Pages) was invented by Google to increase the loading speed of web pages being viewed on mobile devices. Google also puts sites that are AMP compatible at the top of their search results for mobile users.

Are There any Disadvantages of Using HTTPS?

Probably the most obvious disadvantage is that pages will be slightly slower because there is an extra step involved in the communication to the server while the initial secure connection is established and data gets encrypted. However, this is not really noticeable to the naked eye. Most sites that you currently visit already use HTTPS, and most people can’t tell the difference. You can use things like OCSP stapling to help speed up the time it takes to establish a secure connection, but these performance tweaks are most likely way beyond what you’ll need if you are just getting started with HTTPS.

It’s worth noting that some browsers might be slower than others because not all browsers employ the same algorithm to process HTTPS requests and responses. You should test all of the major browsers to make sure your site behaves the same across each of them. You may also want to go back and test older versions of browsers since some users are averse to upgrades and may still be using a browser that doesn’t handle HTTPS as well.

Earlier versions of SSL did not support virtual website hosting where multiple websites could be hosted from the same IP address. Make sure you keep your certificates up to date so that your site will work with the latest versions of all the major web browsers.

Performance

If you are worried about performance issues with using SSL, you can do a few things to mitigate that overhead.

  1. Move from HTTP to HTTP2
  2. Enable OCSP Stapling
  3. Enable AES as your preferred cipher

The speed at which the connection is negotiated and certificates validated will likely not be your issue. Most performance issues are caused by how the website was built.

So Now What?

Securing Your Site with HTTPS Advantages Neon Rain
  • Facebook
  • Twitter
  • LinkedIn
  • Google+
  • Evernote

There are advantages and disadvantages to every technology, but the advantages of using HTTPS far outweigh the disadvantages. The liability of leaking a customer’s private information to a malicious source can be dangerous. It not only opens your business up to potential lawsuits but it could result in substantial penalties especially if your industry has compliance requirements such as HIPAA.

Converting your website to HTTPS is fairly easy and inexpensive. You will just need to spend some time updating your website to work smoothly during the transition. In the long run, it is much better to be safe than sorry. A little bit of work and testing now could prevent much larger problems in the future.

If you have questions on how you can migrate your web pages to HTTPS, we are here to help. Contact us today to discover how we can guide you through the process.

Comments

  1. cubase says

    Thanks for giving your ideas. I would also like to mention that video games have been ever evolving. Today’s technology and innovative developments have made it easier to create sensible and active games. All these entertainment games were not actually sensible when the concept was first of all being tried. Just like other forms of technological innovation, video games also have had to grow by many years. This itself is testimony towards fast growth and development of video games.

  2. hill climb racing 2 says

    I have realized some important matters through your blog post post. One other point I would like to mention is that there are several games in the marketplace designed especially for preschool age children. They include things like pattern recognition, colors, family pets, and shapes. These often focus on familiarization rather than memorization. This helps to keep children and kids engaged without feeling like they are learning. Thanks

  3. roblox executor says

    I was looking at some of your articles on this site and I believe this internet site is really instructive! Keep on posting .

  4. Wanda Hughes says

    When some one searches for his vital thing, therefore he/she desires to be available that in detail, therefore that thing is maintained over here.

  5. Lillian Hart says

    Good web site! I truly love how it is simple on my eyes and the data are well written. I’m wondering how I might be notified whenever a new post has been made. I’ve subscribed to your RSS feed which must do the trick! Have a nice day!

  6. Ava Coleman says

    Wow, superb blog layout! How long have you been blogging for? you made blogging look easy. The overall look of your site is wonderful, as well as the content!

  7. Tim Thomson says

    For latest information you have to pay a visit world-wide-web and on the web I found this web site as a finest web site for newest updates.

  8. Thomas MacLeod says

    I would also love to add if you do not already have got an insurance policy otherwise you do not remain in any group insurance, you might well make use of seeking the assistance of a health agent. Self-employed or those with medical conditions generally seek the help of an health insurance specialist. Thanks for your article.

  9. Dominic Martin says

    I just couldn’t depart your website prior to suggesting that I actually enjoyed the standard information a person provide for your visitors? Is going to be back often to check up on new posts

  10. Sally Hunter says

    It is truly a nice and useful piece of info. I am happy that you just shared this helpful information with us. Please stay us informed like this. Thanks for sharing.

  11. Eric Mills says

    I was recommended this web site through my cousin. I am now not sure whether or not this submit is written by way of him as nobody else know such special about my difficulty. You’re wonderful! Thank you!

  12. Carl Ross says

    I like what you guys are up to. Such clever work and reporting! Carry on with the excellent works guys. I’ve incorporated you guys to my blogroll. I think it will improve the value of my web site. 🙂

  13. Jane White says

    I have been surfing online more than 3 hours today, yet I never found any interesting article like yours. It’s pretty worth enough for me. Personally, if all web owners and bloggers made good content as you did, the web will be much more useful than ever before.

  14. Lily James says

    Sharing some thing is superior than keeping up-to our self, thus the YouTube video that is posted at this time I am going to share through my relatives and mates.

  15. Colin Powell says

    Why YouTube movies are shared everywhere? I think one reason is that these are effortless to get embed script and paste that code everyplace you would like.

  16. Irene Avery says

    Does your blog have a contact page? I’m having problems locating it but, I’d like to send you an e-mail. I’ve got some recommendations for your blog you might be interested in hearing. Either way, great blog and I look forward to seeing it improve over time.

  17. Paul Gibson says

    I have learned some important things through your blog post. One other subject I would like to state is that there are several games in the marketplace designed in particular for preschool age children. They involve pattern acknowledgement, colors, pets, and designs. These normally focus on familiarization as an alternative to memorization. This helps to keep children and kids occupied without having the experience like they are studying. Thanks

  18. Nicholas Marshall says

    Hello I am so excited I found your web site, I really found you by mistake, while I was researching on Bing for something else, Anyhow I am here now and would just like to say thank you for a fantastic post and a all round enjoyable blog (I also love the theme/design), I don’t have time to read it all at the minute but I have book-marked it and also included your RSS feeds, so when I have time I will be back to read more, Please do keep up the superb work.

  19. Benjamin Ellison says

    Hello, can any body help me how to down load this video tutorial from this web site, I have watched and listen it at this time but would like to down load it.

  20. Caroline Ince says

    Hey! This is kind of off topic but I need some advice from an established blog. Is it tough to set up your own blog? I’m not very techincal but I can figure things out pretty quick. I’m thinking about setting up my own but I’m not sure where to begin. Do you have any tips or suggestions? Thanks

  21. componentes en madrid de jvc video says

    Nuestros técnicos solucionarán el problema de su lavavajillas en un tiempo record y al mejor precio del mercado. Servicio de reparación de todo tipo de frigoríficos:Reparación de frigoríficos combinados, americanos, de 1 puerta, etc. Nuestros técnicos solucionarán el problema de su horno en un tiempo record y al mejor precio del mercado. Ademas, para avisos urgentes enviamos un especialista en menos de 4 horas a su domicilio.

  22. Donna Wallace says

    Things i have seen in terms of computer memory is there are features such as SDRAM, DDR or anything else, that must match the specifications of the motherboard. If the pc’s motherboard is very current and there are no operating-system issues, improving the ram literally normally takes under an hour. It’s one of the easiest computer system upgrade methods one can envision. Thanks for expressing your ideas.

  23. Joan Springer says

    Thank you for another informative web site. Where else could I get that kind of information written in such an ideal way? I’ve a project that I’m just now working on, and I’ve been on the look out for such info.

  24. Grace Randall says

    Excellent goods from you, man. I’ve take into account your stuff prior to and you’re simply too magnificent. I really like what you’ve acquired right here, certainly like what you are saying and the way in which through which you say it. You are making it enjoyable and you continue to care for to keep it wise. I can not wait to learn much more from you. That is actually a wonderful web site.

  25. como soldar acero inoxidable con electrodo revestido says

    Mecanizado de piezas en aluminio de diferentes calidades como el 2011, 2030, 5083, 6082, 7075, etc. Se realiza a partir de productos semielaborados como lingotes, barras u otras piezas previamente conformadas por otros procesos como moldeo forja. En otras palabras, una máquina de control numérico utiliza un conjunto de instrucciones para controlar el proceso de fabricación mediante un programa.

  26. Justin Stewart says

    There are also so many video uploading sites, and these as well provide facility for sharing their movies, except I think YouTube is the most excellent.

  27. Claire Newman says

    constantly i used to read smaller posts which as well clear their motive, and that is also happening with this post which I am reading now.

  28. Owen Campbell says

    Inside YouTube video embed script you can also specify parameters based to your hope like width, height or even border colors.

  29. Alexandra Lawrence says

    Naturally I like your web-site, but you have to test the spelling on several of your posts. A number of them are rife with spelling issues and I find it very bothersome to inform you. Nevertheless I will certainly come back again!

  30. reparacion energetica aire acondicionado eerily says

    Las lavadoras Candy cuentan con una de las tecnologías punteras del sector de los electrodomésticos actuales. Deposite su confianza en nuestro SERVICIO TÉCNICO PROFESIONAL ESPECIALIZADO EN electrodomesticos Philips, no le defraudaremos, nos comprometemos con usted con honestidad y profesionalidad. Son muchos años los que llevamos reparando lavadoras en Ciudad Pegaso de todas las marcas, tenemos un equipo de técnicos profesionales, con más de 20 años de experiencia la reparación de electrodomésticos. Todas las reparaciones cuentan con tres meses de garantía en mano de obra y en repuestos los que da el fabricante.

  31. Alexandra Bell says

    Hello would you mind letting me know which webhost you’re working with? I’ve loaded your blog in 3 completely different web browsers and I must say this blog loads a lot quicker then most. Can you suggest a good hosting provider at a honest price? Kudos, I appreciate it!

  32. Christopher Hardacre says

    One other issue is when you are in a situation where you do not have a cosigner then you may really want to try to wear out all of your money for college options. You will discover many awards and other scholarships that will present you with money to help with education expenses. Thx for the post.

Leave a Reply

Your email address will not be published.