To be , or not to be HTTPS, that is the question
A few years ago, Google confirmed it in a very roundabout way. Websites using HTTPS over HTTP will receive a very marginal ranking boost. The only problem? This ranking boost really is marginal. Tiny in fact.
However, a subsequent poll conducted by the search engine optimisation people at Moz found that 24% of webmasters were thinking about making the switch to HTTPS anyway. The reason? It’s simple.
While Google might be content with just nudging websites toward using HTTPS at the moment, it’s widely accepted that in the future Google will probably start to penalise websites which don’t make the change.
In July 2018, Search Engine Land reported the change made by Google, marking HTTP sites as “not secure.”
However, to understand why Google wants websites to start using HTTPS, it’s important to understand the differences between the two protocols. At its most basic, the difference lies with SSL encryption. HTTP is simply a protocol, (a hypertext transfer protocol to be more specific) which while making sure that information gets from A to B on the Internet, doesn’t actually care how information makes that journey.
HTTP is insecure. This is why e-commerce websites should already be using HTTPS as standard anyway.
SSL encryption and signed certificates mean that when data arrives in your web browser, the origin of that data can be immediately verified (or not) as coming from where it says it has.
So Why Isn’t HTTPS The Standard Already?
The above being the case, most people would naturally assume that the Internet should have switched to HTTPS as standard a long time ago. However, migrating bigger websites to HTTPS can be a headache for webmasters, particularly when it comes to setting up 2048-bit key certificates and certificate signing requests on servers.
All this being the case, many websites simply haven’t bothered to make the change from HTTP.
Should You Switch To HTTPS?
The only problem? Google isn’t trying to nudge webmasters into using HTTPS, just because doing so is more secure. HTTPS makes it easier to track and analyse traffic between websites. In short, Google wants more websites to use HTTPS as standard so that it can provide people with more accurate search data.
When it comes then, to whether or not your website should make the move to this Hypertext transfer protocol secure, the answer is yes. Just don’t worry about having to do so overnight.
What you are probably going to worry about, though, is the cost and work involved. SSL certificates themselves can cost between £0 – £400, depending on whether you want to use standard, or extended security validation. Added to this, you are going to have to check that any CND service which you are using actually supports HTTPS.
Then there is the physical labour involved. Every link in your website will have to be changed to this secure way to send data between a web server and a web browser; including links to images, javascript, CSS, you name it.
However, when it comes to the crunch, HTTPS is likely going to the standard one day. In this case, migrating from HTTP now should perhaps be considered as something which is going to save you a lot of time, stress and perhaps even financial hassle in the future.