HTTP is short for HyperText Transfer Protocol, and HTTPS the abbreviation for HyperText Transfer Protocol Secured. Now that you know what they mean, which one should you use on your WordPress blog or website? The one you use depends on what type of blog or website you have. HTTPS adds a layer of security to your data, over the standard HyperText Transfer Protocol.
Google has been reminding webmasters since 2014 to upgrade their blogs from HTTP to HTTPS. This will prevent an SEO downgrade before January 2018. Google is putting a disclaimer in red on a blog that has not upgraded to HTTPS. The disclaimer states that the content is not secure, and visible to hackers. Google will actually give your blog a bit of a bump in ranking if you secure your URL, or may give you a penalty if you don't upgrade.
What is HTTP or HTTPS anyway
HTTPS stands for HyperText Transfer Protocol Secured. The "S" ensures you have an enhanced layer of security over the standard HTTP protocol. It secures sensitive data and transactions on your website: such as billing details, credit card transaction data and user login data.
If you capture and store user or customer private information, the green lock indicates the data is secure and encrypted. This includes names, addresses, phone numbers and credit card information. You will need to take due care to keep user information private and secure with encryption technology.
HTTP = Hypertext Transfer Protocol or HTTPS = Hypertext Transfer Protocol Secure.
HTTP is the standard protocol for data communication that is transferred or shared along the World Wide Web. With HTTP, users can easily access and share information and there is minimal security of the data. This is not an issue for some information. Where users personal, financial or other sensitive data is involved, the data should be encrypted to prevent the information from being accessed or read.
To have a secure HTTP or HTTPS blog, you need to install an SSL Certificate, which authenticates and encrypts the data on the blog to protect your information and keep it private and difficult to access, while you are searching websites for information, or to purchase products or services.
If you have a personal blog without any form of monetization, you may eventually have to migrate your blog to HTTPS.
If you monetize your blog with the following:
- affiliate offers and links
- you collect names and email addresses in exchange for free information
- if you run an E-Commerce store and collect and store end user's personal data, such as name, address, credit card information or social security numbers
then Google has deemed you must convert your blog from HTTP to HTTPS by early 2018, to ensure you encrypt user data with an SSL (Secure Sockets Layer) certificate, which uses an encryption key that scrambles user data and renders it useless.
The end users website or blog must also have an SSL certificate, to authenticate the data and unscramble it, so it can be viewed normally.
History of HTP or HTTPS
HTTPS (Hypertext Transfer Protocol Secure) was originally introduced by Netscape Communications in 1994 for its Netscape Navigator web browser, and was used with the SSL protocol.
Google adopted HTTPS in 2010. It was predominantly used for the following:
- ensure web page authenticity.
- securing accounts.
- keep user communications and identities encrypted.
- Keeps personal and financial transactions secret.
- encrypts user web browser histories.
At the time, HTTPS only accounted for about 1% of global web searches, and was focused primarily on E-commerce sites that collected users personal and financial transaction data during checkout while purchasing products and services online.
In 2014, Google rolled out HTTPS. They encouraged all webmaster to provide users with a user experience, regardless if the blog or website is used for E-Commerce or not.
The goal of HTTP or HTTPS is important to ensure user personal data stayed private and out of the hands of those who should not have it.
Google also said that in early 2018, HTTPS will become required for all blog and website owner. This will become a search ranking signal, albeit a small signal.
If there are two sites in the same niche and one has a secure HTTPS URL, while the other has an unsecured HTTP URL, the secure site will be given priority in the search results. In addition, sites that lack encryption with an SSL Certificate by this date, will have a warning displayed in the search results. The warning indicates site is not secure, and your information is at risk of being stolen.
What is an SSL Certificate?
The HTTP or HTTPS SSL certificate ((Secure Sockets Layer) certifies and authenticates the data using an encryption key. The receiving computer must also have an SSL Certificate. Once the receiving computer's SSL certificate certifies and authenticates the data that you are the one with permission to receive and view the data, it will be unlocked.
Without an SSL certificate, any of your public and private information is at risk of being viewed or stolen and used for potentially illegal purposes.
If someone gets hold of your name, address, social security number, banking details or credit card information, you can become a victim of identity theft or have money stolen from your bank account.
Any website or blog owner should want to provide their readers with a secure environment and give them the confidence that their online activities are secure and private.
How Does thr HTTP or HTTPS SSL Work?
An SSL (Secure Sockets Layer) Certificate contains the following information to encrypt and protect the data on the blog or website:
- The certificate holder's name and website URL.
- The certificate's serial number and expiration date.
- A copy of the certificate holder's access key.
- The digital signature of the certificate-issuing authority, which is usually the web hosting company, or company that sells SSLs to website owners.
Why Should Your Blog or Website be Protected by HTTP or HTTPS?
Google said that HTTP or HTTPS is an important step to improve user experience on Google. They said it is eventually going to become a ranking factor that people should look out for.
Having a paid or free SSL Certificate gives your readers the confidence that their information is secure, encrypted and can't be used if it is ever stolen. Google will indicate that your site is secure, showing a Green lock on search results.
How to Get an SSL Certificate from your web host:
You can either choose to purchase paid SSL Certificate or install a Free SSL from your web host.
They will walk you through the process to select either a paid or free SSL Certificate, and help you install your SSL certificate.
If you are or will be storing private user information, such as:
- phone number
- credit card information
- social security number
- other personal information
then you will need to purchase an SSL certificate, which provides the highest level of security and encryption to protect your reader's information from those seeking to steal information from your website and users, for nefarious purposes.
If you will monetize your blog with affiliate offers, you can use a free SSL Certificate, which offers basic level of security and encryption. This is sufficient to protect and secure web search history.
With a Free SSL Certificate, your website will display a Green Padlock and the word "Secure | HTTPS://" is in green, yet the URL of your website is in black.
HTTP or HTTPS: Level of Security Does My Blog Need?
Since this site, Affiliatemarketingmastermind.net, does not capture or store your personal or private information, a free SSL is sufficient.
Benefits of Having a Blog with HTTPS URL?
- Encrypts your personal data.
- Authenticates your website and you as the owner, and authenticates the receiving website and owner.
- Tells people your website is secure, displaying a Green Padlock next to the website URL.
- SEO boost due to higher search engine ranking
How to Get a Free SSL Certificate For Your Blog
InMotion Hosting offers both free and paid SSL Certificates. If you are not handling users private or financial information, a free SSL certificate generally offers sufficient security.
If you are handing or storing users private data or processing financial transactions on your blog, then you must have a paid SSL certificate. A paid SSL offers the highest level of security and encryption. A blog with a paid SSL, has a green lock, and the URL is green as well.
When I upgraded my blogs from HTTP to HTTPS, the process was quick a seamless. The process includes validation to ensure my blogs were ready and able to support an SSL. The process took about 5 minutes.
After the process was complete there was no green Padlock next the URL, which indicates the website is secure.
The issue turned out to be unsecure links on my blog.
They showed my how to quickly find, replace or delete the bad links. Once this process is complete, the Green Padlock and Secure label appeared next to the URL. This indicates my blogs are now Secure.
Free HTTPS SSL Certificate
A free HTTPS SSL Certificate offers basic security and encryption. You can identify a blog that is protected by a free SSL when you see the lock is green and the blog URL is black.