The “www.” of most web addresses is usually preceded by either http or https. HTTP stands for Hypertext Transfer Protocol, and is the foundation for communicating data over the internet. The ‘S’ in HTTPS stands for ‘secure’, and the purpose of this simple article is to explain why you need HTTPS certification for your website, even if your website doesn’t take payments.
In January 2017, Google Chrome was updated to version 56, with an increased emphasis on the importance of an HTTPS certificate for websites. Similar updates have also been introduced to Safari and Firefox with others expected to follow suit.
When you visit a website that has a secure certificate you’ll see a little padlock, sometimes green, usually followed by the word ‘Secure’ with ‘https’ in green too.
This has been the norm for some time but it’s now just as easy to tell if a website doesn’t have a secure certificate. Since January this year, Chrome and other browsers display an info ‘i’ or an exclamation mark in a warning triangle next to the web address which, when clicked, will present you with a message advising that your connection to the website you’re visiting isn’t secure:
E-commerce sites are hit the hardest
If your website is e-commerce (one that takes payments), it’s highly likely the above will be affecting your sales already, even if the website uses a secure payment gateway from the likes of WorldPay, Sage or Stripe; the absence of a secure certificate will be enough to deter the consumer before they get as far as the checkout.
But trust extends beyond e-commerce
If your website doesn’t take payments that’s not an excuse to ignore the issue… It’s easy to lose people’s trust on the internet, with cyber crime and hacking so frequently in the news, security of personal details is on everyone’s radar. A website that has a contact form but no HTTPS certificate cannot ensure the safe transfer of the data entered into the form from the visitor to the website administration; this data can get intercepted in the absence of an HTTPS certificate, known as a man-in the-middle attack.
The notion of authenticity and professionalism online is more pertinent than ever before.
An SEO tick
The presence of an HTTPS certificate is also now a proven contributor towards positive search engine optimisation, helping your website achieve a better search engine ranking.
How to get an HTTPS certificate
Most web hosting providers will offer an HTTPS certificate for a small fee, however we recommend testing by a hosting manager to ensure a smooth transition to HTTPS, and if you use Google’s Search Console, Analytics or other website monitoring tools it may be necessary to add the updated web address to these properties to keep them running after switching.
If you’re struggling to obtain a secure certificate or have any questions about them, feel free to get in contact with us. Our managed web hosting service, Winterhost, includes HTTPS certification as standard and we’re usually able to take over the management of existing websites too.Back to blog