In January 2017, Google announced that the next version of its Chrome browser, Chrome 56, would mark websites without HTTPS enabled as “Not Secure.” The U.S. General Services Agency is driving all federal .GOV websites toward using HTTPS as well.
What does this mean? It means HTTPS is now a requirement for all websites. If yours doesn’t use HTTPS yet, it needs to start.
What is HTTPS?
Next time you order something online, look at the browser’s URL bar. You should see a little padlock on the left side.
That means HTTPS is enabled on the website.
HTTPS builds encryption into the connection between your computer and a website. (Hence the padlock icon.) It protects important data—your credit card numbers, bank account logins, etc. Think of HTTPS as a security blanket, shrouding your information from hackers and malware.
Does My Website Need HTTPS?
Does your site collect sensitive visitor information like passwords or credit card information? If so, you should already have HTTPS enabled.
“But my website doesn’t collect any personal information.” You’ll still need HTTPS soon. Google’s Chrome 56 update will compel all websites to adopt HTTPS—even if you’re only asking for email addresses.
If your website isn’t configured for HTTPS, your audience will soon see this every time they visit:
Google will keep adding warnings for unsecure websites going forward, as well. Before long, websites without HTTPS will lose most of their traffic to HTTPS-enabled websites. It’s no longer an option.
How do I Enable HTTPS on My Website?
To enable HTTPS, you’ll need:
- An SSL Certificate. This is a “certificate of approval” from a trusted authority, saying your site is secure. PlanetMagpie gets all of its SSL certificates from Thawte.
- Updates to your website’s link structure. You’ll need to change all your webpages from HTTP to HTTPS. This takes some behind-the-scenes work, both on the hosting servers and within your website's content management system (CMS). But once it’s done, it’s done.
Unfortunately, enabling HTTPS is more than just flipping a switch. However, it’s worthwhile to protect visitors’ data, and to keep your traffic levels healthy.
Check your website. If it’s not HTTPS-enabled yet, please contact the website’s administrator and ask them to institute HTTPS.
Got a tech question you need answered? Please email us at firstname.lastname@example.org and we may make it our next Tech Tip.