Why should you use HTTPS instead of HTTP?

Google Favors SSL

Firstly, HTTPS has been a confirmed Google ranking factor since 2014, so getting a small rankings boost is good reason #1 for switching to HTTPS.

Users Favor Secure Websites

Secondly, if your website is not using HTTPS/SSL, your website credibility and search engine rankings may be affected.

We'll explain how...

Since July 2018: Visitors Are Reminded That Your Site is Not Secured by HTTPS

This has the potential to directly affect the credibility of your website.

As announced in September 2016, Google Chrome had already begun to mark non-secure pages containing password and credit card input fields as Not Secure in the URL bar.

Previously, this only appeared on non-SSL pages that ask for a password or credit card information. This includes simple WordPress password-protected pages.

However, Google confirmed, that as of July 2018, this warning appears on ALL pages served over HTTP vs. HTTPS, like this:

This type of  warning may easily be interpreted by visitors to mean that your site has been hacked or compromised affecting the perceived credibility of your website. (SSL Shaming anyone?)

Convert from HTTP to HTTPS to Avoid the 'Not Secure' Warning

By converting your website to HTTPS, assuming it is implemented correctly, your visitors will see a "Secure" message indicating that your site is secure.

More Reasons Why You Should Convert Your Website to HTTPS/SSL

1. SSL is a Google Ranking Signal

Google introduced SSL as a weak ranking signal way back in 2014. At the time, Google hinted that over time, they might decide to strengthen it as a signal because they wanted to encourage all website owners to switch from HTTP to HTTPS.

The time has come to step up your SEO game.

Every day, more business owners get hip to the fact that competing online requires digital marketing and a more advanced strategy for SEO, way beyond on-page SEO basics. Paying attention to this SSL detail could be the factor that allows your site to rank higher than a competitor.

2. Research Shows that Google HTTPS Ranking is Real...SSL DOES Correlate with Higher Rankings

Research from analyzing 1 million search results found “that HTTPS correlated with higher rankings on Google’s first page”.

The correlations in Moz’s latest Search Ranking Factors survey leads to the same conclusion.

3. It's Safer for Your Visitors

HTTPS is especially important over unencrypted Wi-Fi networks. Anyone on the same local network, such as a coffee-shop or other public network can “packet sniff” and discover sensitive information about your visitors.

Parisa Tabriz, who manages Google Chrome's security engineering team, tweeted that Google's intention is to "call out" HTTP for what it is: "UNSAFE."

Several companies and organizations have been pushing for more encrypted sites as part of a campaign to "Encrypt All The Things," which consists of promoting more websites to abandon the traditional, less secure HTTP protocol and adopt HTTPS.

HTTPS protects user data, but it also ensures that the user is connecting to an authentic site and not a fake one. This is important because setting up a fake version of a website is a popular phishing tactic.

Why a Website Might Choose To Not Switch to HTTPS

Cost

One reason why a website might not implement HTTPS is cost.

Whether it is the cost of paying your developer or webmaster to make the switch or the cost of the SSL certificate (an annual fixed cost), encrypting the transmissions between the browser and your website server costs money.

The costs of an SSL certificate can range from free (The Let’s Encrypt initiative to spread the use of HTTPS) to $1,499/year at Symantec. Check with your hosting provider for SSL options to compare.

Check out this guide for installing a free Let's Encrypt SSL certificate »

Fear of Losing Existing Rankings

Fluctuations in search engine rankings can happen with any major site change, but Google is very good with changes from HTTP to HTTPS. Up until now, this was a somewhat valid reason to remain on HTTP, but it's probably no longer an option with the "Not Secure" label.

This brings us to the next point...

Use 301 permanent redirects when implementing HTTPS on your website to maximize SEO.

Be Sure to Implement HTTPS Correctly

AHREFS analyzed the HTTPS settings of the top 10,000 domains and found that only 1 in 10 had a flawless SSL/HTTPS set up. One of the most common errors is failing to use 301 Redirects which is probably the most crucial one to get right.

So don't feel too bad if your set up is not perfect initially. Most issues are typically relatively easy to identify. This free SSL redirect scanning tool is helpful for identifying issues with SSL set up.

We won't address the details of switching from HTTP to HTTPS in this post, but Kinsta has written a very thorough guide.

Here is an overview of their HTTP to HTTPS Migration guide and some of the basic requirements that you will need and some things to be aware of.