Alright everyone, you know what time it is?
Scary story time.
It was a dark and stormy...you know what, let's skip past that…
You type your website into the address bar in your browser.
You hit enter.
You look up at the URL and right next to it are two words that you’ve only seen in your
nightmares: not...secure.
Okay, I guess that’s only scary for me.
Either way, in 2019, secure websites are not only key for building trust with site visitors,
but they can also rank higher on Google.
Google announced back in 2014 that SSL was now a small ranking factor in their algorithm.
Before we talk about how you can fix this "not secure" issue, let’s talk about exactly
what it means.
Without getting overly technical, a not secure warning means that your website is using HTTP
instead of HTTPS.
These protocols are how information is passed back and forth between your computer and the
website server.
The S in HTTPS means that SSL encryption is enabled which helps encrypt and protect data
passed back and forth between your machine and the web server.
Basically, if your website says not secure it’s easier for people to gain access to
sensitive information shared across HTTP like credit card data, passwords, medical information,
basically anything sent between your browser and the web server.
Not secure doesn’t necessarily mean that your website has been hacked that you have
a virus on there, but it tells a user not to trust the site with their information.
And that can be a big problem for most businesses.
Imagine how customers would feel if you hung a sign outside your brick and mortar location
that said “Not Secure” in big, bold letters.
A couple of years ago, I was traveling and like most days, I needed a coffee fix.
I wanted to buy some coffee from a local shop.
Unfortunately, their credit card processor was down so they were actually having people
write down their credit card info on a binder that they laid on top of the counter.
As much as I needed caffeine, it was a no-brainer to skip coffee that day.
You’re giving off the same not secure vibe on your website if you are asking for personal
or sensitive data while still using HTTP...
If people think their information is at risk, they’re going to head away from your website
as quickly as possible and check out a competitor's website that's properly secured.
So - if your website is showing up as not secure you either need to purchase and install
an SSL certificate or fix one that is incorrectly installed on your website.
A quick way to check this is to use the site whynopadlock dot com.
This free tool helps troubleshoot if your site has an SSL certificate and if so if it
is installed correctly.
A common question we get is do all sites need an SSL certificate?
I definitely recommend it for any site with a shopping cart, but also for sites with contact
forms, user-generated content, login functionality -- basically 99% of sites out there need an
SSL certificate.
The answer is almost always yes.
As more of the web moves over to HTTPS you don’t want to left behind when it comes
really really important to users like security.
As I mentioned earlier, Google is starting to use SSL as a ranking factor, so you’re
not just forming a trusted relationship with consumers who visit your website, you're also
helping your website stand out in search engines.
Google’s really, really pushing for the entire web to move over to HTTPS, so this
is something that you want to prioritize and take action on soon.
If you want to learn more about how exactly to secure your website, chead over to a blog
post we wrote about how to set up SSL.
