Not so long ago having your website 100% on HTTPS was an overkill. Usually, only the checkout and payment pages were https, the rest was plain HTTP.

Now it’s no longer a “nice-to-have”. It’s a “must-have”.

Why?

1. Google Chrome Marks all HTTP Websites as “Not Secure”

Starting from version 68, which was released July 24, 2018, Chrome is marking all HTTP websites as not secure – with no exceptions!

chrome-http-https

This is a pretty big deal. If you have an HTTP website and your clients get information that YOUR website is not secure, it will definitely diminish the users’ trust in your business. Currently, 6 out of 10 internet users use Chrome and it’s growing. So you can expect 60% of your users will see information that your HTTP website is NOT secure.

2. SEO Boost

Using HTTPs will give you a boost in Google rankings, and it will most likely increase in the future. In Google’s official announcement we read:

(…) over time, we may decide to strengthen it, because we’d like to encourage all website owners to switch from HTTP to HTTPS to keep everyone safe on the web.

3. It’s Very Easy to Hack an HTTP Website

When you have an HTTP website and your users connect to it in public spaces, anybody can hack it, even a 10-year old. It’s as easy as installing a special browser plugin or tools like WireShark. That’s it.

If an attacker is connected to the same WiFi network as you, he or she can have access to all the HTTP packets you send and receive. They can:

  • see exactly what content you’re viewing, which articles you read, what type of movies you watch on the internet, etc.
  • steal your login credentials
  • inject malicious code

4. Preventing Data Tampering

If you use an HTTP connection, internet service providers, or WiFi Hotspots can inject their own ads (and malware!).

If you use an HTTP connection, it’s also very easy for governments and Internet Service Providers to spy on the content your visitors are viewing.

5. If you Use HTTP, Google Analytics May Show the Wrong Data

Google Analytics is a great web analytics service. But, did you know that if you have an HTTP website, it may classify some Referral traffic as Direct and lead you to the wrong conclusions?

google-analytics-https

Here’s why:

Internet protocols work in the way that the referrer data is not passed if a user visits a secure (HTTPS) website and clicks on a link pointing to an insecure (HTTP) website.

6. HTTPS is the Future of the Web

If you want to implement the most recent technologies like AMP, HTTP /2, or PWA, it’s required to have an HTTPS website.

  • AMP (Accelerated Mobile Pages) – is a project designed to improve the performance of web content. AMP allows you to create lightweight pages intended for mobile devices. AMP pages consist of HTML and limited CSS. Only asynchronous JS scripts are allowed on AMP. Major Content Management Systems, including WordPress support AMP. For now, it is used by 25+ million domains.
  • HTTP /2 – is a relatively new internet protocol (used by 27% of websites – W3 Tech, July 2018). It provides many performance improvements over the 18-year old HTTP 1.1 protocol. If you want to use HTTP /2, you have to have an HTTPS website.
  • PWA (Progressive Web Apps) – if you want to implement a PWA, you have to have HTTPS. What are PWAs? This is an emerging trend of creating websites that act like apps (they respond quickly after user interactions, and load fast even when using a slow internet connection).

Conclusion

I hope it’s now obvious that every professional website should migrate to HTTPS. It should also be stressed that moving to HTTPS is much easier than it used to be. (If you have a small website, you can even get your SSL certificate for free, using Let’s encrypt or CloudFlare).

The takeaway is clear: take the time and move to HTTPS as soon as possible. It’s safer and it’s more effective, due to increased trust and no “Not Secure” labels right next to your URL in the browser.

6 Reasons Why you Must Switch to HTTPS

PS. Just a week or two ago I made the jump and GrowRevenue is no longer “Not Secure”:
growrevenue-https