Published on 29 June 2017 (Updated 29 June 2017)
Since January 2017, browsers such as Google Chrome or Firefox have started identifying and reporting websites collecting information without using the HTTPS security protocol. Are you one of the good or bad students?
What is HTTPS?
It is a security protocol that verifies the identity of a website thanks to an authentication certificate issued by a third-party authority.
The abbreviation HTTPS stands for “HyperText Transfer Protocol Secure”. It is a combination of HTTP and encryption like SSL or TLS, which are security protocols. Simply put, the data you transmit is encrypted, and therefore unrecoverable, which is not the case with HTTP.
A typical HTTP request
A typical HTTPS request
How to know if a site is secure?
Secure sites have 2 distinctive signs:
- the URL of the site simply begins with “https://” – instead of “http://” for a non-secure site
- a green padlock appears before the URL of the site, like on our agency’s site:
If you visit a site with a crossed-out padlock (not green), then the encryption is not assured. This may indicate that the site is being queried in HTTPS but the server has not detected the SSL certificate correctly, or that some links on the site are being accessed in HTTP.
Why use HTTPS?
As a visitor
- the data collected by the server are confidential (in particular your bank details during online purchases)
- you can register and validate your identity in complete security, as for example on social networks, which have had this security feature since the beginning of 2010
- you are assured that the site you are visiting is the original and not a modified version
As a website owner
- the visit is secure and the visitor will be less reluctant to enter his personal information
- no more warning message for the Internet users (which could slow down the Internet users)
- the referencing of your site is improved: Google considers HTTPS as a signal taken into account for the referencing of sites since 2014
In terms of natural referencing strategy, the transition of the site in HTTPS is essential. Google will give more and more importance to HTTPS in the years to come. Note that the visitor does not become a phantom because it will always be possible to know the sites visited and their IP address.
The migration of an existing site is delicate and technical. It is necessary to be accompanied to generate an SSL certificate and install it on your server. Contact our agency.
Want to know more about all forms of web development? Don’t hesitate to send us a message, we will be happy to help 🙂