HTTP vs HTTPS, which one should you use on your WordPress blog or website? Well that depends on what type of blog or website you have, if you use WordPress or other content management system (CMS), and whether you will be selling products directly from your site, and will be capturing and storing private and delicate personal and financial information on your site.
If you will be capturing and storing private user or customer information, including names, addresses, phone numbers and credit card information, for example, you will need to take due care to keep it private and secured with encryption technology, to prevent people’s private information from being accessed, viewed or stolen.
Google has been reminding webmasters, to upgrade their blog from HTTP to HTTPS to prevent an SEO downgrade before January 2018.
HTTP = Hypertext Transfer Protocol and HTTPS = Hypertext Transfer Protocol Secure.
This is the protocol used between the web server that your blog is hosted on and the browser your readers are using to search for data on the Internet.
HTTP is the standard protocol, while HTTPS is the secure version of the protocol. This means the data is secure and encrypted as it is passed between the web host and ultimately displayed on your computer screen.
To have a secure HTTP vs HTTPS blog, you need to install an SSL Certificate, which authenticates and encrypts the data on the blog to protect your information and keep it private while you are searching websites for information, or to purchase products or services.
If you have a personal blog without any form of monetization, you may eventually have to migrate your blog to HTTPS.
If, however, you monetize your blog with the following:
- affiliate offers and links,
- you collect names and email addresses in exchange for free information
- if you run an E-Commerce store and collect and store end user’s personal data, such as name, address, credit card information or social security numbers
then Google has deemed you must convert your HTTP blog to HTTPS by early 2018 to encrypt user data with an SSL (Secure Sockets Layer) certificate, which uses an encryption key that scrambles the data and renders it useless.
This is to protect your personal information between your web servers and the search engine, if it is stolen by hackers, so it can’t be viewed or stolen and from getting into the hands of those who would use it for nefarious purposes.
The end users website or blog must also have an SSL certificate, to authenticate the data and unscramble it, so it can be viewed normally.
Any HTTP blogs that have not been converted to HTTPS will run the risk of having Google put a warning label on those blogs that users information is not secure and my be stolen.
What is HTTPS anyway?
Hypertext Transfer Protocol Secure (HTTPS) is the secure version of Hypertext Transfer Protocol (HTTP), uses an SSL (Secure Sockets Layer) certificate that uses technology to encrypt the data that is transferred between your blog’s web server and the search engine, and ultimately to the end user’s computer.
The SSL (Secure Sockets Layer) certificate uses SSL technology to scramble and encrypt the data to make it virtually unusable for anyone who attempts to intercept and steal the data.
The SSL certificate certifies and authenticates the data using an encryption key. The receiving computer must also have an SSL Certificate. Once the receiving computer’s SSL certificate certifies and authenticates the data that you are the one with permission to receive and view the data, it will be unlocked.
Without SSL, any of your public and private information is at risk of being viewed or stolen and used for potentially illegal purposes.
If someone gets hold of your name, address, social security number, banking details or credit card information, you can become a victim of identity theft or have money stolen from your bank account.
Any website or blog owner should want to provide their readers with a secure environment and give them the confidence that their online activities are secure and private.
How Does SSL Work?
History of HTTPS
HTTPS (Hypertext Transfer Protocol Secure) was originally introduced by Netscape Communications in 1994 for its Netscape Navigator web browser, and was used with the SSL protocol.
Google adopted HTTPS in 2010, and it was predominantly used for ensuring web page authenticity, securing accounts and keeping user communications, identities, and personal and financial transactions and web browser histories remained private, by encrypting the data.
At the time, HTTPS only accounted for about 1% of global web searches, and was focused primarily on E-commerce sites that collected users personal and financial transaction data during checkout while purchasing products and services online.
In 2014, Google indicated that they were rolling out HTTPS to all websites and blogs and encouraged all webmasters, regardless if the blog or website is used for E-Commerce or not, to provide users with security while on a website or buying products online; to ensure their personal data stayed private and out of the hands of those who should not have it.
Google also said that in early 2018, HTTPS will become required for all blog and website owner, and will even become a search ranking signal, albeit a small signal, but a ranking factor indeed.
If there are two sites in the same niche and one has a secure HTTPS URL, while the other has an unsecured HTTP URL, the secure site will be given priority in the search results, and in addition, sites that are not eencrypted with an SSL Certificate by this date will have a warning displayed in the search results that their site is not secure, and your information is at risk of being stolen.
What’s in an SSL Certificate?
An SSL (Secure Sockets Layer) Certificate contains the following information to encrypt and protect the data on the blog or website:
- The certificate holder’s name and website URL.
- The certificate’s serial number and expiration date.
- A copy of the certificate holder’s access key.
- The digital signature of the certificate-issuing authority, which is usually the web hosting company, or company that sells SSLs to website owners.
Why Should Your Blog or Website be Protected by HTTPS?
Google basically said that HTTPS is so important to improve user experience on Google, it’s going to become a ranking factor that people should look out for.
Having an paid or free SSL Certificate gives your readers the confidence that their information is secure, encrypted and can’t be used if it is ever stolen.
The process to implement HTTPS used to be complicated and expensive.
Now the process is simple.
Simply go to the CPanel of your web host and click:
You can either choose to purchase an SSL Certificate or install a Free SSL from your web host.
It will walk you through the process to select either a paid or free SSL Certificate.
If you are or will be storing private user information, such as:
- phone number
- credit card information
- social security number
- other personal information
then you will need to purchase an SSL certificate, which provides the highest level of security and encryption to protect your reader’s information from those seeking to steal information from your website and users, for nefarious purposes.
If you will be monetizing your blog with affiliate marketing offers where a user clicks a link on your blog or website, and is sent to a website, like Amazon.com where the final purchase is made, then you can use a free SSL Certificate, which offers the least amount of security, generally enough to protect the user’s web search history from being viewed or stolen.
With a Free SSL Certificate, your website will display a Green Padlock and the word “Secure | HTTPS://” is in green, yet the URL of your website is in black.
What Level of Security Does My Blog Need?
Since this site, Affiliatemarketingmastermind.net, does not capture or store your personal or private information, a free SSL is sufficient.
Benefits of Having an HTTPS blog?
- Encrypts your personal data, which prevents it from being stolen. If it is stolen, the thief will not be able to use or read it.
- Authenticates your website and you as the owner, and authenticates the receiving website and owner.
- Tells people your website is secure, displaying a Green Padlock next to the website URL.
- SEO boost due to higher search engine ranking
InMotion Hosting Offers a Free SSL
InMotion Hosting offers both free and paid SSL Certificates.
When I upgraded my blogs from HTTP to HTTPS, the process was quick a seamless.
The tech support analyst walked me through the process to install an SSL on my blogs, from clicking the link to begin the process and walking me through the validation process to ensure my blogs were ready and able to support an SSL.
The process took about 5 minutes.
After the process was completed I noticed that I didn’t have a green Padlock next the URL.
The issue turned out to be I had unsecure links to websites on my blog.
They showed my how to quickly find, replace or delete the bad links. Once this process was completed, the Green Padlock and Secure label appeared next to the URL indicating my blogs were now Secure.