why your website should be using https
Say what? What is it and why do I think you need it?
First things first. The “S” in HTTPS stands for security and you get that by having an SSL certificate (Secure Socket Layer). It’s a method of encrypting data flowing between your user’s browser and your site. It protects the security and privacy your users when they send you an email via a form, buy a widget from you with their credit card, or create an account with a password.
Traditionally it’s used by financial institutions, e-commerce sites and even Facebook.
Affects to Your Search Ranking
In 2014 Google said that it was starting to rate whether a site uses HTTPS as a ranking signal. They also mentioned that they aren’t weighting it very heavily so you’re not going to drop off of the search engine ranking results…yet!
…we’ve been running tests taking into account whether sites use secure, encrypted connections as a signal in our search ranking algorithms. We’ve seen positive results, so we’re starting to use HTTPS as a ranking signal.
For now it’s only a very lightweight signal — affecting fewer than 1% of global queries, and carrying less weight than other signals such as high-quality content — while we give webmasters time to switch to HTTPS.
But over time, we may decide to strengthen it, because we’d like to encourage all website owners to switch from HTTP to HTTPS to keep everyone safe on the web.
How to Get HTTPS
With talk like that we’ve seen more and more sites start to use HTTPS and many experts predict that it will soon become the norm.
So if it’s better for securing customer’s data and better for search results – and likely to be more so soon – why aren’t most sites using it yet?
Well, because a) it can be technically complicated and needs some developer know-how and b) it can cost something. I just checked a couple of the hosting companies I use and found the prices around HKD700 – 1200/year (Communilink, OnlyDomains)
The good news is that there is a new Linux Foundation project called Let’s Encrypt that’s going to make the SSL certificate free and easy to use – Coming in Q4 2015.
Although the free encryption might not be the best option for every site, it will be for many in light of coming SEO ranking changes. If you run a site that takes a lot of sensitive data such as credit card data you should definitely think about getting a paid SSL certificate that provides Extended Validation (EV) and therefore validates the organization behind the certificate.