Does your website show the dreaded “your connection to this site is not secure”? More internet browsers are showing this message on sites that don’t have an SSL certificate installed on them (ie: aren’t HTTPS). In some cases, a website has an SSL certificate installed but the site is still not secure and the message still displays. Why? And how do you secure a website?
What Does Secure Site Mean?
The “http” before a website address stands for “hypertext transfer protocol”. It’s the basic method of communication of the internet.1 Some websites start, instead, with “https”. Https indicates that the site is communicating via http over a secure connection. These sites are said to have a secure connection because the data that is communicated to their server and back to the user is encrypted by Transport Layer Security (TLS) or Secure Sockets Layer (SSL).
Without getting too technical this just means that no third party can intercept the data that’s going back and forth between the website and the person visiting the website. So, when a website user enters a credit card number or personal information into the website the data can’t be stolen by a third party.
Do I Need an SSL Certificate for My Website?
Any site that passes user information across it should have an SSL certificate. That means if your customers can shop on your site and use a credit card, you need an SSL cert. Even if you’re asking visitors to enter their name or email address, it’s recommended you do this over a secure connection.
In addition to protecting your site’s visitors, having an SSL cert may help boost you with SEO (search engine optimization). In August 2014 Google announced that they were “starting to use HTTPS as a ranking signal”. What does that mean?
Google uses a complicated “algorithm” to determine which sites to display in their search engine results and in what order they’ll display them. The higher you appear in Google’s results the more likely you are to get traffic to your site. For most businesses, more traffic correlates to more potential customers, which translates into more potential revenue. A good thing. 🙂
So, the better your site looks to Google, the more likely they are to show it to users and the more likely you are to get visitors to your site.
In addition, which do you think your customers would prefer, a big red padlock and “your connection to this site is not secure” warning or a nice green padlock showing next to your website address?
How to Secure a Website
Now that we understand what a secure website is and why it’s important. Let’s talk about how to secure a website.
In order to make a website secure your site must have an SSL certificate from a recognized certificate authority (CA).
Without getting too deep into the technical stuff, here’s what you need to do to secure your website:
- Get an SSL certificate
- Install it on your website
- Redirect your http pages to https
- Check for insecure components
Those are the basic 4 steps to making your site secure. However, this is the bare minimum. There are several other things you should be doing and checking when you make the change.
In addition, I’ve seen many people forget step #4 which can lead to https without a secure connection. In other words, if you don’t follow up with thorough checks you could have an SSL and your customers could still get a “your connection to this site is not secure” warning.
Will My Site Experience a Traffic Drop After HTTPS Migration?
So you’ve decided to switch from http to https, great! Will your google search rankings drop or traffic drop after the https migration? They shouldn’t. However, the 4 steps listed above to make your site secure are the bare minimum required to get the green padlock on an internet browser. They don’t ensure that you won’t lose traffic or rankings.
Some other steps that are required to ensure your website doesn’t take a traffic hit when you switch to https are:
- make sure your sitemap is updated
- update your robots.txt file to reference your new sitemap
- let Google (and other search engines) know that your site is now on https so they can index the new site
- change up your Google Analytics so you’re evaluating the traffic to your new site (moving from http to https is essentially like moving to a new site address)
- update internal links on your site as necessary
- update external links to your site that are within your control (ie: on facebook or social media sites)
- check your plugins for insecure content (ie: over http connection)
The items are all good SEO practices when making a conversion.
No More “Your Connection to This Site is Not Secure” Warning!
That’s it! If you’ve gone through the steps above you should have removed the red lock in the internet browser and shouldn’t have the “your connection to this site is not secure” message any more.
Want Help Making Your Site Secure?
Are you having difficulty getting rid of that nasty insecure message? Or do you need to make your site secure and just don’t want to deal with it? We can help. German Pearls offers http to https migration assistance at reasonable rates. Fill out the form below and we’ll be in touch quickly to provide you a quote: