Online security has been a huge talking point in the last decade, and this is especially true if your website handles any type of sensitive information. This is one of the reasons why Google and other major companies are making a push toward HTTPS, a secure connection protocol that allows websites to interact with browsers in a safe environment.
But what exactly is HTTPS and how are big companies using it to promote a more secure internet?
Below, we’ll discuss Google’s latest security announcement, go over the definition of HTTPS, and tell you why all ads publishers should be using this technology on their website right now.
Google’s HTTP Warning
Google is among the big companies that are looking to create a secure internet for all. The technology giant has recently announced that the Chrome 68 update, which is due to be released in July of 2018, will display a visible security warning when a website uses HTTP.
Image by CloudFlare
HTTP is essentially a non-secure connection protocol that doesn’t encrypt communications between websites and browsers. This makes the connection vulnerable to cyber attacks, which may result in a severe security breache for users and websites alike.
Starting July of this year, when websites use HTTP instead of HTTPS, Chrome will display a “Not Secure” warning in the URL bar so users know that the site doesn’t encrypt its information.
Image by CNET
The Rising Popularity of Data Encryption
In a nutshell, encryption is the process of altering data or information so that only the intended recipient can interpret it.
Today, there are dozens of different methods that allow you to encrypt digital data for an array of different purposes. HTTPS provides a secure setup that publishers can implement on their sites without having to purchase new equipment or switch web servers.
As a matter of fact, encryption is so popular that according to Google’s transparency report, more than 65% of websites encrypt their data in both mobile and desktop devices alike. Not only this, but a stunning 81 of the top 100 most popular websites in the world use HTTPS technology for additional protection.
What’s the Difference Between HTTP and HTTPS?
Before the development of its successor, HyperText Transfer Protocol (HTTP), was in charge of determining how messages were formatted. At the same time, this told websites and servers how to respond depending on the commands they received.
HTTPS stands for HyperText Transfer Protocol Secure, and as the name indicates, it provides a more secure setup than its predecessor. The “S” in HTTPS stands for Secure Socket Layer (SSL) technology, which allows you to encrypt the information you send between your browser and a website.
Image by edreamhotels
This prevents “Man in the Middle” attacks where criminals intercept the information being transferred and extract sensitive information such as credit card numbers or sign-in credentials.
Keep in mind that Transport Layer Security (TLS) is a more effective alternative to SSL encryption, but we’ll cover more on this later in this article.
Why Publishers Need to Switch to HTTPS
Besides improving your website’s overall security, HTTPS also brings a number of advantages for publishers. Some advantages HTTPS include:
There are many elements that influence SEO ranking, one of them being the protocol a website uses to communicate with a browser. Back in 2015, one of Google’s high executives confirmed that HTTPS can be the tie-breaker between two identical websites.
Not only does Google favor websites that use HTTPS, but this setup can increase loading speed and other factors that also enhance your site’s overall SEO performance.
You may be under the impression that encryption will slow down your website. While encryption usually takes a toll on performance, there is a nice exception that may actually make your site work faster on HTTPS.
Modern browsers can implement HTTP/2, a significant revision that brings a number of performance improvements. Developers have made encryption a requirement to run HTTP/2, so you’ll need to support HTTPS in order to enjoy the performance boosters.
Boost Your Site’s Performance on Mobile Devices
There is no denying the power of mobile technology, so you should aim to create a site that works well on smartphones and tablets as well.
Google’s Accelerated Mobile Pages, simply known as AMP, can help improve critical features such as loading speed and slightly modify the layout to improve usability. But, as you may already imagine, only sites with HTTPS capabilities can be used with this initiative.
As well, keep in mind that Google ranks mobile-friendly websites higher.
According to our research (and it’s not just our conclusion, but rather an industry trend), websites that use HTTPS have higher ad revenues. The data on Native Subscriptions ad format shows an astonishing 50% growth, when publishers are moving from HTTP to HTTPS. Later, we’ll discuss how to make this transition correctly.
Enhance Security Levels
The most obvious benefit of HTTPS is that it improves security across your website. Although you should still take additional steps to assure your website is air-tight, encrypting the information is a great step to creating a safer platform.
Improve User Experience and Consumer Trust
HTTPS-enabled website may experience in faster loading times and other performance enhancements, improving the overall user experience. Plus, you’ll also build a trusting relationship with consumers because they will feel safe when browsing through your site.
Provide Precise Referral Traffic Data
Referral data is extremely important to publishers. Collecting accurate numbers will help you create a precise roadmap to success and help you pinpoint your areas of improvement.
Referral traffic that is credited to the wrong source may paint an inaccurate picture and prevent you from evaluating the true efficacy of your marketing spend.
Moreover, some publishers may even have financial incentives based on referral traffic, which makes the accuracy of these statistics even more important.
Image by OptimizeSmart
When referral traffic is sent from a website that uses HTTPS to a site that uses HTTP referral data is lost, so the traffic is often miscategorized. This problem can be solved by implementing HTTPS, in which case it will maintain precise referral data from both secure and non-secure sources.
It’s also worth noting that ads shown on publisher websites that run on HTTP can be changed by local internet providers to show their own advertisement. In other words, when users access your website, their internet service provider (ISP) may swoop in and display its own ads instead of yours.
HTTPS encrypts the information traveling between your website server and a browser, so ISPs can’t see or tamper with the information before it’s delivered to your device.
Build Brand Reputation
Creating a secure browsing experience is great, but implementing HTTPS also tells your customers that you care about their safety and well being. Upgrading to a secure setup can help build your brand’s reputation, especially if you complete the transfer before Chrome starts showing warning notifications.
How to Migrate from HTTP to HTTPS
So, it’s pretty clear that migrating to HTTPS is pretty much a requirement for all publishers. That being said, you’ll have to check your settings to verify your website is running on HTTP and migrate to HTTPS, after choosing a reliable SSL provider of course.
Image by AnimusRex
Checking Your Settings
The easiest way to check if your website is secure, simply access your website, check your URL bar and make sure there is a green lock icon next to your site’s address. The green lock may sometimes be accompanied by the word “Secure” although this depends on the device and operating system you’re using.
If your website shows any other icon or the words “Not Secure” you should look into upgrading to HTTPS.
Migrating to HTTPS
Below, you’ll find some basic recommendations on migrating to HTTPS.
- Use your content management software (CMS) to use HTTPS as a default setting. Most CMS providers, like WordPress, allow you to switch between protocols very easily.
- Setup permanent 301 redirects for all HTTP pages and link them to an HTTPS version. You can probably use one redirect rule for all instead of setting them up individually.
- Inspect all meta tags and confirm that all of them point to the correct HTTPS pages.
- Update all internal links and external links you control, including social media. You can also reach out and inform traffic sources you can’t control, who may potentially change the link to your site.
- Setup or transfer your website’s analytics account, depending on which options you have available. Adjust your analytics details and update other pieces of information to make sure the tracking feature is running optimally.
- Monitor your traffic for any possible errors or improvements.
- Run a SSL server test to identify vulnerabilities (if there are any). We recommend SSL Labs.
Remember that the setup of your HTTPS website is extremely important. You’ll also have to find an SSL certification provider that helps verify the source of your domains and web pages. These certifications give the green light for the exchange of information and financial transactions.
Image by Netolink
Top SSL Providers
Before covering the best SSL providers, we’ll take a quick look at the difference between SSL and TLS. SSL is a cryptographic protocol that was developed in 1995 with the purpose of securing communications over the internet.
TLS was developed in 1999 to address shortcomings with SSL and has since become the standard encryption protocol for websites. The name “SSL certification” is still widely used because this is the term that most people are familiar with, but although has become the most common encryption protocol.
It may also be referred to as “SSL/TLS certification” or simply “TLS certification” by different companies, but the service itself remains the same. Here are our takes on the top SSL providers out there:
Comodo SSL: An affordable and reliable SSL certification provider with a superb support team. Their premium SSL solutions usually feature a fully validated certificate, damage coverage, and strong encryption.
DigiCert: After recently acquiring Symantec’s PKI and website security solutions, DigiCert is now one of the most popular SSL provides in the world. They even have a wildcard option that covers a complete multi-level domain and unlimited servers aimed towards conglomerates.
Entrust Datacard: A well-established company in the industry, Entrust has a reputation for developing a wide variety of quality security products. The company also offers a wildcard option with unlimited servers and subdomains suitable for larger projects.
Start Reaping the Benefits of HTTPS Today
Setting up an HTTPS website is not only a great security improvement, but it will soon be a requirement to maintain a good online reputation. Building a trustworthy reputation is critical especially for ads publishers, so follow the tips above and set up an HTTPS website for better performance.
Posted by Tom Hooker