Google would like everything accessed on the web to use a secure connection. In the future, the Chrome browser will mark websites without a valid SSL certificate installed by displaying a red X over a padlock in the URL. The goal is for everyone to abandon HTTP for HTTPS.
When will the change take effect?
In January, 2017, Chrome began to mark HTTP pages that collect passwords or credit cards as not-secure, as part of a long-term plan to mark all HTTP sites in this way. “The goal of this proposal is to more clearly display to users that HTTP provides no data security,” Google’s Chris Palmer wrote. Google is also giving secure websites a bit of a search engine ranking boost as added incentive to move to a secure connection.
What Is HTTPS?
HTTP (HyperText Transfer Protocol) and HTTPS (HyperText Transfer Protocol Secure) are both protocols, or languages, for passing information between web servers and clients. HTTPS is a secure connection, whereas HTTP is unsecure. With an HTTP connection it is possible for unauthorized third parties to see the conversation between your device and the website. This “conversation” is often rather uneventful. That is, unless you are entering sensitive information such as your password, credit card information, or social security number. An HTTPS connection uses SSL/TSL protocol (Secure Sockets Layer and Transport Layer Security) to encrypt that conversation. This prevents eavesdropping, protects the integrity of data to prevent corruption in transfer, and authenticates the connection to ensure communication only with the intended website.
Therefore, it’s also important to know that HTTPS doesn’t just protect user data such as passwords and credit card information. It also ensures that the website visitor is accessing the right website and not an imposter. A go-to tactic of hackers is to set up a fake version of a website users normally trust. HTTPS ensures that a malicious third-party can’t hijack the connection to insert malware.
How to Secure Your Website?
To enable HTTPS on your website, you must first get an SSL Certificate from a Certificate Authority (CA). This certificate enables your website to communicate with its visitors using encrypted data that can’t be corrupted. The certificate also serves as a stamp of approval from the Certificate Authority. This stamp will offer your website visitors the added comfort of knowing that your website is legitimate and secure.
So, now that you have an SSL Certificate, there are still a few steps you need to take to make it active:
- Approve the certificate – In order to do this, you’ll first need to have a CSR code generated on your server by your hosting provider. You may also generate one yourself. In either case, note the following tips before you begin. Important: Usually, a dedicated IP address is required for SSL installation. However, if you have SNI technology available on your server, you can install your SSL certificate on a shared IP address. You can get this information from your hosting provider.
- Complete a full backup of your site – It’s important to back up both your website and your database before installing anything on your hosting server.
- Install the SSL certificate – This may vary slightly from registrar to registrar but generally you will need to generate a certificate sign request (CSR) and private key, request the SSL and lastly upload the certificate to your server.
- Change all of your links to HTTPS – Check internal links, code libraries, and update as many external links as possible.
- Create a 301 redirect to the secure HTTPS connection – If a visitor were to access HTTP it will redirect to HTTPS.
- Don’t forget to update your URLs to HTTPS on Google (Search Console Analytics), AdWords and anywhere else you are running paid aids, and on all your social profiles.
We’re here to help! Contact S2P Studio to help you with moving your website to a secure connection.
“The Art of Code…”
Pictured Below Left: Gottfried Leibniz invented the modern binary number system in 1679 which is the basis for binary code. Pictured Below Right: The detail of James Hugonin’s Binary Rhythm (VII), 2014, Oil and Wax on Wood, actual canvas size 74 9/16 X 66 1/2 Inches. Hugonin completed 9 paintings from 2010-2015, all identically sized and each continuing the artist’s unique exploration of the duality of order and chance within a very personal approach to abstract painting. His written handbooks for each painting look just like music scores.