There is a lot of cybercrime taking place, which means online users are skeptical about any new website they visit. If your website doesn’t display that familiar lock on the left of the address bar, chances are, you’re going to be losing out on quite a bit of traffic. Converting your site to HTTPS is a small step that can make a big difference to your site’s credibility.
If you’re not entirely convinced you need to switch your site to HTTPS, here is what you need to know.
What is HTTPS Exactly?
Prior to 1999, Secure Sockets Layer (SSL) was the most widely used cryptographic protocol by website owners looking to provide a secure environment for users. In 1999, Transport Layer Security (TLS) became the new norm. However, most people still refer to this layer of online security as SSL.
So, what does SSL do?
SSL creates a secure channel, allowing two devices to operate and communicate over the internet. One of the main ways that SSL is still used to secure internet communication today is through HTTPS. The ‘S’ in HTTPS stands for secure.
Every website should be protected by some form of SSL, regardless of whether users transact on your site or not.
HTTPS stands for Hypertext Transfer Protocol and it’s designed to encrypt data in order for users to communicate securely over a server.
Why Converting Your Site to HTTPS is a Good Idea
Here are just some of the main reasons why you should consider moving away from HTTP.
By switching over to HTTPS, you protect website users from potential attacks that are launched from unsecured networks. By keeping your site as HTTP, there’s a much higher chance that your site will be hacked and user data stolen. SSL helps secure any data that is transmitted during a session on your site.
Customers want peace of mind when visiting your site. That simple lock in the address bar tells a user your site and brand can be trusted. This is particularly important when you’re running an eCommerce platform where sensitive data is used to transact.
HTTPS sites are far more likely to rank than those without a secure protocol in place. Google confirmed this back in 2015, so if your site is still HTTP, you’re missing out on SEO juice. If you had to do a general Google search right now, there is very little chance that you will find an HTTP site in the results. Google is all about providing the best user experience and providing users with a secure experience is a part of that.
Accelerated Mobile Page Traffic
There’s no way that today’s businesses can overlook mobile users. If your site isn’t mobile-friendly, you’re absolutely losing out on a large portion of traffic. Google’s Accelerated Mobile Pages (AMP) has become a prominent element in mobile SEO. AMP pages decrease page loading times on mobile devices. They also receive more prominent positions in search results. The catch is, only HTTPS sites can appear as AMP search results.
There are some clear advantages to converting your site to HTTPS. So, how do you get set up?
The Basics of Converting Your Site to HTTPS
Here are the basic steps you would follow to convert your HTTP site to HTTPS.
Purchase an SSL Certificate
There are three different SSL certificates to choose from. A domain validation certificate is the most affordable and covers basic encryption. An organisation validation certificate is slightly pricier but is a minimum requirement if you’re collecting personal information. An extended validation certificate offers maximum protection is generally the preferred choice for eCommerce sites. In terms of what Google prefers, opt for a 2048-bit encryption certificate.
You can purchase your hosting certificate from your hosting company – this is definitely recommended. Not only do you trust your hosting provider but they will most likely help you install it too. If your hosting provider doesn’t offer installation, you may want to get a WordPress support specialist to assist you.
Create a URL Map
Once your site moves over to HTTPS, any URLs that start with HTTP won’t work. Basically, you’re creating copies of every page on your site and redirecting the HTTP URLs to the HTTPS URLs. This can be a lengthy process but at least it’s simple. A URL map can be a basic spreadsheet that contains all of the URLs on your site. If you don’t currently have user-friendly URLs, now is a good time to change the structure. As a WordPress website owner, you can simply use your .htaccess file to implement the redirects. Not sure what that is? get a developer to assist you. If you will be moving your website to an entirely new domain, you may want to get some professional assistance.
Don’t Forget About Internal Links
Now that all of your URLs have been updated, you need to move onto your internal links. This is any link in the body or copy of your site that links to a page. Any internal links will still be HTTP – these too need to be changed to HTTPS. If you’re using relative URLs, which don’t specify an entire URL (<a href=“/about-us”>Link</a>), your internal links will automatically point to the HTTPS version of that page.
Move onto Your Images
Next, you want to make sure that your images are still showing up as they should. If you had to delve into the source code of your site, you would see that each image has a URL. Any file that you have on your server now needs to be linked to the HTTPS version of your site. Using protocol-relative URLs are recommended when making this switch. The URL will look like this: <script src=”//www.mywebsite.com/js/file.js” />. This will tell a browser to place HTTPS in front of the URL when it’s requested.
If you happen to be using a content delivery network, make sure that HTTPS is supported – this isn’t the case for all of them. You may need to get in touch with the network’s support team to find out how you should implement HTTPS.
Index Your HTTPS Site
If you’re not using Google Search Console, now is the time to set it up. If your site is already registered, you will need to add the HTTPS version. Google will probably pick it up organically eventually but adding your HTTPS site will help you track stats and ensure your site is indexed quicker. You should also submit your new sitemap when you add your HTTPS site. We also highly recommend that you re-submit your old sitemap with all of the redirects so that Google can connect the dots.
Before you go ahead and start promoting your HTTPS website, test it to make sure everything is working as it should. Ideally, you want your traffic to stay mostly consistent through this transition – this way you’ll know everything went smoothly. If you do see any dramatic drops in traffic, start by looking at the setup of your SSL certificate. There are a number of tools that you can use, including Qualys, DigiCert and SSL Shopper. If your SSL certificate has been set up correctly, start going through the pages on your site to test whether all URLs are working as they should.
Converting to HTTPS the Right Way
HTTPS is no longer a nice-to-have feature – it’s an important piece of the website credibility puzzle. The more users trust you, the more traffic and sales your site’s capable of generating. Converting to HTTPS doesn’t need to be a complex process. However, if you’re not familiar with hosting and the simple technicalities of a website, it can seem like a daunting move.
If you want to make the switch to HTTPS but don’t feel confident enough to do it yourself, let WP Support Specialists guide you through the process. Get in touch here.