It’s time to add a secure certificate to your site because most popular web browsers now display a bold “Not Secure” warning in red text beside unsecured URLs, signaling to visitors that their connection to your website can be hacked.
Secure sites get better search engine rankings, a small speed boost, and fewer browser warnings
When you visit your site, you should see a closed padlock beside the URL in your address bar. As Google explain on their page Secure your site with HTTPS: Hypertext Transfer Protocol Secure is an internet communication protocol that protects the integrity and confidentiality of data between the user’s computer and the site. Users expect a secure and private online experience when using a website.
Over 60% of all sites are already secure—if yours isn’t, it’s in the minority.
Add a secure certificate, get three layers of protection:
- Encryption: encrypting the exchanged data to keep it secure from eavesdroppers.
- Data integrity: data cannot be modified during transfer without being detected.
- Authentication: proves that your users communicate with the intended website. It protects against man-in-the-middle attacks and builds user trust, which translates into other business benefits.
Adding a secure certificate to your site means browsers and servers can encrypt and verify the data passing between them. Chrome will display “Secure” in green text with a green padlock. Firefox will display a green padlock. HTTPS adds security and trust.
It’s easy to add a secure certificate to your site…
Switching a website from HTTP to HTTPS used to be tricky and expensive. These days, however, good hosting companies offer free basic certificates and a straightforward installation process. These certificates are not powerful enough to handle e-commerce transactions but they provide a good experience for visitors and they get Google off your site’s back.
For example, most of my clients are on hosting accounts that offer free certificates via Let’s Encrypt or similar—designicu.com uses such a certificate.
This part of the process is pretty straightforward. It may even already be running on your server.
…but it’s only the first step
Once you add a secure certificate to your site, there’s some technical grunt work that needs to be taken care of:
- Your WordPress settings need to be tweaked.
- The site should be adjusted to force https for all connections.
- 301 Redirects need to be put in place so Google can re-index your site at the new secure URL i.e. https:// rather than http://.
- Your site needs a global search/replace to update all its internal links, media links, as well as any scripts or iframes it calls; a single unsecured URL on a page will break your SSL connection.
- Any 301 redirects or URL rewrites in your .htaccess file should be updated.
- Your site should be walked-through to make sure no services have been affected: API calls, plugins, and the like.
- The process can be a little more involved if you’ve split your email and http services, but it’s all manageable stuff.
- Finally, once your secure certificate is in place and tested, your Google Analytics/Webmaster settings will need to be updated.
This is where I can help. After I add a secure certificate to your website, I work through the technical stuff. I make sure your site is secured but also stays Google-friendly.
One last benefit when you add a secure certificate
Switching to HTTPS lays the groundwork for switching to HTTP/2, a newer protocol that gives websites a major speed boost.
There’s never been a better time to switch your site to HTTPS.