What You Need To Know On Migrating from HTTP to HTTPS

Everyone wants a safer internet, be it the user or search engines such as Google. Terms such as HTTPS, SSL certificate and hacking are terms that more businesses are getting familiar with.

HTTP (Hyper Text Transfer Protocol) is the method by which data is moved around the internet and HTTPS is the secure version.

Google has always taken security very seriously. Google announced on its Google Security Blog that effective January 2017, Chrome will mark certain webpages as non-secure. Currently, it marks HTTPS pages as secure, however has a neutral approach to HTTP pages by not marking them as unsafe.

The key elements from the announcement are:

  • Effective January 2017, all HTTP pages where a user needs to submit sensitive information or involves transactions, will be marked as non-secure. This includes passwords, important personal information, credit card details, etc.
  • It is not expected that when rolled out in January 2017, this will impact a http page that just requires an email address to allow access or to subscribe to a newsletter.
  • It is Google’s long term plan to mark all http pages as non-secure to ensure webpages are secure for all users.

Below are few basic tips from Google on migrating from HTTP to HTTPS site:

  • Select certificate type: Single, Multi-domain, or Wildcard certificate
  • Use 2048-bit key certificates
  • Use relative URLs for resources that are on the same secure domain
  • Use protocol relative URLs for other domains
  • Check out Google’s Site move article for guidelines on how to change your website’s address
  • Don’t use robot.txt to block your HTTPS site from being crawled
  • Allow search engines to index your pages where possible. Avoid the no-index robots meta-tag.

In September 2015, Google reported on Google Webmaster Central Blog a 180% increase in the number of websites getting hacked for the year. HTTPS provides multiple layers of security on the webpages and reduces the risk of hacking.

For those with an eye on SEO, Google had announced in August 2014 that ‘we’re starting to use HTTPS as a ranking signal’. As the importance of a secure internet is a top priority for Google, it is an obvious conclusion that HTTPS is increasing in importance as a ranking factor.

You should contact your web hosting company to determine an SSL (Secure Sockets Layer) certificate that works best for your website. There are 3 types of SSL certificates. In increasing order of security, these are Domain validation, Organisation validation and Extended validation. HHTPS includes installation of the certificate and setting up redirects from http to https.

Infinity Online, as part of its hosting services, can manage the transition of your HTTP webpages/ site to HTTPS. We are also encouraging all those looking to build or redesign their website to move to HTTPS. We would love to hear from you.