Now that the Chrome browser is showing URL warnings when you visit sites that don’t use HTTPS, it’s time to consider your own setup.
If your own site is still not secure, you absolutely needs to change that. The SEO advantages alone should have had you change it a few years ago, but this latest warning situation means you shouldn’t even think twice about it.
There’s a two step process to getting HTTPS.
Step 1)
You need to buy an SSL certificate (usually through your host), and have it installed on your hosting account.
These are often free these days via systems like ‘Let’s Encrypt’ – which hopefully your host will support.
Step 2)
The site needs to be set up to run through the SSL certificate, which results in HTTPS.
Someone (possibly me) needs to spend time making sure every single reference to your URL in the database and site code is updated. This can take anything from 15 minutes to a couple of hours – depending on what content management system you use (if any).
You’ll also want to ensure your site is forced to run through HTTPS. If users can hit both the secure and non-secure version of the site – that’s no good.
HTTPS isn’t really considered an option these days, more of a requirement.
[…] In my last post I mentioned the importance of forcing HTTPS if you’re using it on your website. (Which you absolutely should be.) […]