HTTP, or hypertext transfer protocol, is what makes the internet run. Without it, links wouldn’t link, and there’d be no web to crawl. But as the internet grew in popularity, security—at least of some pages—became increasingly important. But now Google has gone so far as to not only recommend securing your entire website with the secure version of HTTP—HTTPS—but will even favor HTTPS sites in search engine results. So what’s the difference, and how does it affect your site?
How HTTP and HTTPS Work
The hypertext transfer protocol (HTTP) is a means of sharing the plain text and hyperlinks that make up everything we see online. HTTPS stands for Hypertext Transfer Protocol Secure, and is an encrypted way of transferring information securely across the internet via TLS, or Transport Layer Security Protocol. This protocol allows for three different layers including encryption, data integrity, and authentication. TLS encrypts data before it is transferred making it harder for hackers to decipher the information. Data integrity is then sustained by assuring that data cannot be changed or corrupted during transfer without being detected. TLS also allows for authentication of communication, meaning that it verifies that you are communicating with the intended website and not a site in the middle. So while security always made sense on pages that gathered sensitive and personally identifiable information, the sheer size of the internet today (and the increased malicious attacks against websites) make it easy to understand why Google and others would recommend HTTPS.
Google’s own sites all run high level HTTPS encryption by default. At Google’s I/O developer conference in 2014 they called for HTTPS everywhere. Google then decided to test out using HTTPS as a ranking signal, meaning that a site may appear lower in search engine results if it is not HTTPS-encrypted. For now, Google says that this new ranking signal affects less than 1% of global queries, but they may decide (and probably will) to strengthen HTTPS as a ranking signal in the future.
How to transfer your site over to HTTPS
The first step in transferring your site over to HTTPS is to contact your webmaster and/or developer to help you transfer over your site to HTTPS. You will also need to work with your hosting company to install (and perhaps purchase) an SSL certificate. Your hosting plan must support private (not just shared) SSLs.
There are a lot of common pitfalls and you should be comfortable in coding and working in a server environment in order to complete this task. Always have a backup of your site before starting, as just a few miswritten lines of code could reduce website functionality or even take you offline. If you do not have a webmaster that can do this and do not want to attempt to do it yourself, there are many companies that can help you in your transition. If you want more information on HTTPS you can read Google’s article on securing your site with HTTPS or check out tutorials like these to get started converting your site to HTTPS on your own.
Have questions about your website, search engine optimization and marketing, or HTTP vs. HTTPS? Give us a call at 630-393-1419 ext. 100 or contact us.