HTTP vs HTTPS. HyperText Transfer Protocol (HTTP) or HyperText Transfer Protocol Secured (HTTPS) adds a layer of security to your data. Which one should you use on your WordPress blog or website? ? The one you use depends on what type of blog or website you have.
Google has been reminding webmasters to upgrade their blog from HTTP to HTTPS. This will prevent an SEO downgrade before January 2018. Google is putting a disclaimer in red on a blog that has not upgraded to HTTPS. The disclaimer states that the content is not secure, and visible to hackers.
The S in (HTTPS) means your data is secure. It ensures you have an enhanced layer of security over the standard HTTP protocol. It secures sensitive data and transactions: such as billing details, credit card transactions and user login data.
If you capture and store user or customer private information, the green lock indicates the data is secure. This includes names, addresses, phone numbers and credit card information. You will need to take due care to keep it private and secure with encryption technology.
HTTP = Hypertext Transfer Protocol and HTTPS = Hypertext Transfer Protocol Secure.
HTTP is the standard protocol, that adds a layer of security on the data in transit through a secure socket layer (SSL). HTTPS is the secure version of the protocol. This means the data is secure as it passes between computers.
To have a secure HTTP vs HTTPS blog, you need to install an SSL Certificate, which authenticates and encrypts the data on the blog to protect your information and keep it private while you are searching websites for information, or to purchase products or services.
If you have a personal blog without any form of monetization, you may eventually have to migrate your blog to HTTPS.
If you monetize your blog with the following:
- affiliate offers and links,
- you collect names and email addresses in exchange for free information
- if you run an E-Commerce store and collect and store end user's personal data, such as name, address, credit card information or social security numbers
then Google has deemed you must convert your HTTP blog to HTTPS by early 2018 to encrypt user data with an SSL (Secure Sockets Layer) certificate, which uses an encryption key that scrambles the data and renders it useless.
The end users website or blog must also have an SSL certificate, to authenticate the data and unscramble it, so it can be viewed normally.
What is HTTPS anyway?
Hypertext Transfer Protocol Secure (HTTPS) is the secure version of Hypertext Transfer Protocol (HTTP). It uses an SSL (Secure Sockets Layer) certificate that uses technology to encrypt the data that is transferred between your blog's web server and the search engine.
The SSL (Secure Sockets Layer) certificate uses SSL technology to scramble and encrypt the data to make it virtually unusable for anyone who attempts to intercept and steal the data.
The SSL certificate certifies and authenticates the data using an encryption key. The receiving computer must also have an SSL Certificate. Once the receiving computer's SSL certificate certifies and authenticates the data that you are the one with permission to receive and view the data, it will be unlocked.
Without SSL, any of your public and private information is at risk of being viewed or stolen and used for potentially illegal purposes.
If someone gets hold of your name, address, social security number, banking details or credit card information, you can become a victim of identity theft or have money stolen from your bank account.
Any website or blog owner should want to provide their readers with a secure environment and give them the confidence that their online activities are secure and private.
How Does SSL Work?
History of HTTPS
HTTPS (Hypertext Transfer Protocol Secure) was originally introduced by Netscape Communications in 1994 for its Netscape Navigator web browser, and was used with the SSL protocol.
Google adopted HTTPS in 2010. It was predominantly used for the following:
- ensure web page authenticity.
- securing accounts.
- keep user communications and identities encrypted.
- Keeps personal and financial transactions secret.
- encrypts user web browser histories.
At the time, HTTPS only accounted for about 1% of global web searches, and was focused primarily on E-commerce sites that collected users personal and financial transaction data during checkout while purchasing products and services online.
In 2014, Google rolled out HTTPS. They encouraged all webmaster to provide users with a user experience, regardless if the blog or website is used for E-Commerce or not.
The goal is to ensure user personal data stayed private and out of the hands of those who should not have it.
Google also said that in early 2018, HTTPS will become required for all blog and website owner. This will become a search ranking signal, albeit a small signal.
If there are two sites in the same niche and one has a secure HTTPS URL, while the other has an unsecured HTTP URL, the secure site will be given priority in the search results. In addition, sites that lack encryption with an SSL Certificate by this date, will have a warning displayed in the search results. The warning indicates site is not secure, and your information is at risk of being stolen.
What's in an SSL Certificate?
An SSL (Secure Sockets Layer) Certificate contains the following information to encrypt and protect the data on the blog or website:
- The certificate holder's name and website URL.
- The certificate's serial number and expiration date.
- A copy of the certificate holder's access key.
- The digital signature of the certificate-issuing authority, which is usually the web hosting company, or company that sells SSLs to website owners.
Why Should Your Blog or Website be Protected by HTTPS?
Google said that HTTPS is so important to improve user experience on Google, it’s going to become a ranking factor that people should look out for.
Having an paid or free SSL Certificate gives your readers the confidence that their information is secure, encrypted and can't be used if it is ever stolen. Google will indicate your site is secure, showing a Green lock on search results.
Simply go to the CPanel of your web host and click:
You can either choose to purchase an SSL Certificate or install a Free SSL from your web host.
It will walk you through the process to select either a paid or free SSL Certificate.
If you are or will be storing private user information, such as:
- phone number
- credit card information
- social security number
- other personal information
then you will need to purchase an SSL certificate, which provides the highest level of security and encryption to protect your reader's information from those seeking to steal information from your website and users, for nefarious purposes.
If you will monetize your blog with affiliate offers, you can use a free SSL Certificate, which offers basic level of security and encryption. This is sufficient to protect and secure web search history.
With a Free SSL Certificate, your website will display a Green Padlock and the word "Secure | HTTPS://" is in green, yet the URL of your website is in black.
What Level of Security Does My Blog Need?
Since this site, Affiliatemarketingmastermind.net, does not capture or store your personal or private information, a free SSL is sufficient.
Benefits of Having an HTTPS blog?
- Encrypts your personal data.
- Authenticates your website and you as the owner, and authenticates the receiving website and owner.
- Tells people your website is secure, displaying a Green Padlock next to the website URL.
- SEO boost due to higher search engine ranking
How to Get a Free SSL Certificate For Your Blog
InMotion Hosting offers both free and paid SSL Certificates.
When I upgraded my blogs from HTTP to HTTPS, the process was quick a seamless. The process includes validation to ensure my blogs were ready and able to support an SSL. The process took about 5 minutes.
After the process was complete there was no green Padlock next the URL, which indicates the website is secure.
The issue turned out to be unsecure links on my blog.
They showed my how to quickly find, replace or delete the bad links. Once this process is complete, the Green Padlock and Secure label appeared next to the URL. This indicates my blogs are now Secure.
- DMCA Takedown Review: How to Protect Website Content from Hackers - 09/17/2020
- 6 Ways to Overcome a Google Algorithm Update - 09/02/2020
- Are SEMRush SEO Tools for Bloggers Worth the Money? - 08/18/2020