Do anything... but don't call me "non-HTTPS."
Do you own a website?
Well … if not, do you KNOW a friend or family member who owns a website?
Either way, look at that website and tell me if you see this in your browser bar (we’re just using our own web address as an example):
Pay close attention to the details.
- The grey encircled “i” to the left of the address.
- The fact that it doesn’t say “Secure”. Nor does it have a green padlock 🔒.
While #2 does stand out (and we’ll explain why in a moment), you wouldn’t think that just having #1 on its own would drive any customers away immediately upon sight … now would you?
Update Google Chrome to the newest version, and this is what you’ll now see.
See the difference?
The words “NOT SECURE” are what now display in your customers’ Chrome browser bars if your website does not have a security certificate.
If this were someone else’s website, wouldn’t you think twice before browsing one like this!?
Why is it important to have a secure site?
- Google Chrome has a market share of 58%. In fact, it’s used by 78% of visitors to our own website. Whether or NOT you personally use Chrome, the people who search DO!
- Digital privacy is a cornerstone of modern society. Think about Facebook’s stock plummeting by over $100 billion. The EU GDPR law. What do these 2 things have in common? You guessed it: their motive is protecting consumers from intrusions on their privacy.
Think about it… more than ½, maybe even ¾, of YOUR customers… they all use Google Chrome.
When these 50%+ or 75%+ see that your site is “NOT SECURE”, it’ll repel them very quickly.
There’s no way you can afford to alienate such a huge audience.
Having the green padlock 🔒, AND an address that begins with “HTTPS”, are no longer optional. Together, they are now an industry standard of the Internet. It assures you that your customers’ privacy is fully protected using Secure Socket Layer (SSL). It’s the end-to-end security that encrypts any information or form that’s submitted to that site.
Hence, that information is kept out of the great wide open where nasty hackers can reach out and touch it.
What is the Green Padlock?
Don't know what we mean by "green padlock"? Look at this image below to see what a properly-secured site looks like in the Chrome browser bar:
When positioning websites in search results, Google prioritizes sites that are SSL-secured.
A Brief History on Secure Socket Layer and HTTPS: How did they become so important?
Having been an avid Internet user all my life (meaning ever since the age of 2!), I’ve experienced the evolution of HTTPS first-hand, and to say the least, it is very interesting.
[click_to_tweet tweet="Before 2010, #HTTPS #SSL security was used only to encrypt e-commerce transactions. Now it's ubiquitous. It's used to protect everyone's privacy. - @tripleagent_dm #SEO #webdevelopment" quote="Before 2010, #HTTPS #SSL security was used only to encrypt e-commerce transactions. Now it's ubiquitous. It's used to protect everyone's privacy."]
10 to 15 years ago - more precisely, somewhere around 2005 to 2010 - I only ever saw addresses beginning with “HTTPS” on order forms for e-commerce websites, as well as government apps and online banking platforms. (Some irony about the big Canadian banks - while TD EasyWeb still has proper SSL to this day, Apple’s Safari browser can’t establish a secure connection with Scotiabank Online.)
At the time, SSL was used mostly for one purpose: to encrypt sensitive personal data, such as credit card information, transmitted in e-commerce payment transactions. After all, nobody would want their credit card hijacked when they’re ordering something off of eBay, Amazon or some other online store … right?
Outside e-commerce platforms, and government and bank websites, most other sites - even the ones which did have forms you could submit to the webmaster - didn’t have an address that began with five comfy, trust-securing letters, instead of just four. HTTPS instead of HTTP.
Fast forward to about 2012.
All of a sudden, I noticed things changing. I noticed that big sites like YouTube and Google (well, YouTube is essentially Google) began to use only “HTTPS” addresses site-wide.
Whenever I’d go to an “HTTP” address on one of those websites, that one ever-important letter - “S” - would be automatically added there too after I hit Enter.
Hmm… why was this happening?
It was certainly an interesting phenomenon.
Over the years, I’ve seen the whole HTTPS thing sprawl out from there and dominate almost the entire Web as we know it.
As I got into the wide world of Internet Marketing and Search Engine Optimization, I finally began to understand why.
Website HTTPS Explained in Google's Own Words
Here’s how Google summarizes today’s situation (and they put it really, really well):
“All websites should be protected with HTTPS, even ones that don’t handle sensitive data. HTTPS prevents intruders from tampering with or passively listening in on the communications between your app and your users.”
[click_to_tweet tweet="@Google says: 'All websites should be protected with HTTPS, even ones that don’t handle sensitive data. HTTPS prevents intruders from tampering with or passively listening in on the communications between your app and your users.' - via @tripleagent_dm" quote="@Google says: 'All websites should be protected with HTTPS, even ones that don’t handle sensitive data. HTTPS prevents intruders from tampering with or passively listening in on the communications between your app and your users.'"]
It’s simple. On a regular website beginning with an “HTTP” address, kind of like an open, public Wi-Fi network, there isn’t any concealment for the information that gets transmitted back and forth between a website’s residing server and its customers. Meaning, ANYONE can intercept and steal that information.
So if your website has a login form, and it’s not HTTPS-secured, your customers’ passwords are in the great wide open where they can be stolen by hackers.
Interesting Fact: Recall that I said that at one point, HTTPS and SSL were almost exclusively used on e-commerce sites. In fact, this was the case for over a decade and a half.
According to CloudFlare, SSL was first introduced waaay back in 1995, the nascent “Wild Wild West” days of the Internet, by the developers of then market-dominating browser Netscape Navigator. They specifically developed SSL and HTTPS to “facilitate ecommerce online.”
Webmasters took for granted the vulnerability of a non-HTTPS website for 15 straight years. Naturally, it was towards the end of this time period that hackers began to compromise nonsecured data - it was that trend that prompted the Web-wide standardization of HTTPS.
And Google is giving non-HTTPS sites the final nail in the coffin with Chrome version 68, which - again - is the first version to mark all non-secure websites, as, well, Not Secure. And they are prioritizing secure websites above non-secure websites in search results.
So even if you have a tiny blog with no contact form, or maybe even a website that’s nothing more than a digital business card, you cannot sleep on proper SSL security.
With evolving consumer trends, more and more companies—from the Facebooks, Googles & Twitters to the CEOs, influencers & changemakers of the world—are working harder to protect the privacy of all their online customers.
Now it’s your turn to keep up with them. Don’t sleep on switching to the green padlock 🔒 :
to win back the trust of your online audience.
But I don’t have any technical knowledge. How do I do this?
You already know your website DOESN’T DESERVE to be buried under the shackles of The Asylum of Obsolete, Non-Secured Websites.
So here’s what we’re going to do:
For a one-time investment of $100, we will install a fully-functional SSL certificate on your website. We’ll keep you up-to-date through every step of the process, so if any challenges or issues arise during the installation (which, of course, depends on your web hosting provider), you will not feel left out or ignored.
Ready to get (and stay) ahead of the game? Expect our SSL offer to go live by the end of the week (i.e. before August 4, 2018).
To get notified when it's released, click here to sign up for our mailing list.
Wouldn’t you rather keep your site hacker-safe BEFORE it happens, instead of trying to clean up the mess afterward?
Go get it.
To your success,
We know you find this article useful, helpful or even LIFE-SAVING. Click on one of the buttons below to share on social media!