Why your site needs to be secure right now

Trust and security is important in all aspects of life and Google has now made it pretty crucial in terms of your website as well.

Back in January Chrome started flagging sites not running under https (or SSL) as insecure in the browser when the pages contain a password or credit card input fields. In July they expanded this to cover pages with form or other input fields.

Google has also made it clear that in the future (some time in 2018) all pages not running under https will be flagged as Not Secure in the browser.

Chrome Not Secure

What is https?

https is a secure protocol to serve website pages under. Essentially it uses a Secure Socket Layers (SSL) certificate on the server to encrypt all of the information going back and forth between you and the server preventing anyone else intercepting or reading that data.

It's not just about security

In addition to this drive by Google to secure the Internet they have also made it known that websites running under https will also be gaining a small ranking advantage in the Google search results as well.

While this may be a small advantage anything that helps you rise above your competitors has to be a good thing.

It's also important (arguably more so) to reassure your site visitors that your website is secure and any information they provide to you is safe. Having your entire site running under https will show the nice green padlock in the address bar.

How do I make my site secure?

It is really very easy to make your website secure. Most website hosts will be able to sell you an SSL certificate for a small amount of money and many now offer them for free.

The Let's Encrypt project provides a fairly easy way to generate a certificate for free if your hosts do not offer one and you do not want to pay for a commercial certificate.

For WordPress websites there are a few steps that need to be followed to make sure it run under https, you can either use a plugin or you simply need to run some scripts against the database and setup redirection within your .htaccess file. You may also find some issues with full file paths for some resources that need to be updated as well.

Want some help?

If you need some help or advice getting your WordPress website setup to run under https then please feel free to contact us.