Secure your site with HTTPS

What is HTTPS?

When your web browser connects to a regular HTTP server, all data transferred between your web browser and the website (such as page data, images, downloads, contact forms, orders etc) is sent over an unencrypted connection. This information can be intercepted, read and even altered by third parties. There is no way to detect if someone is "listening in" on your connection, nor can you be sure that the website you are viewing is in actual fact the website you expected to see.

HTTPS is a protocol for secure communication over a computer network which is widely used on the Internet (the "S" in HTTPS meaning "Secure"). This protects both the privacy and integrity of the exchanged data, and prevents any eavesdropping. The difference can easily be seen in the URL bar of your browser: any address that starts with "https://" is encrypted (normally with a small "lock" icon next to it), whilst any other site running regular HTTP doesn't show this at all or shows just "http://" depending on what browser you are using.

In simple terms, when viewing a website using HTTPS, all data transferred between the web browser and the website is encrypted and private. A HTTPS server has something called a "secure certificate" which is used to both validate that the site being viewed is actually the site the browser requested to see. It is used to encrypt the connection between the browser and the website, prevents anyone else on the network to modify the site before it gets to you.

Why should my website have HTTPS support?

Any website that shares any confidential or private information with its viewers, or has online enquiry forms or ordering facilities should switch to HTTPS to protect their users. Even if you are think that "my website has nothing that important on it", there are still three very good reasons to seriously consider switching to HTTPS for your website:

1 Google give sites that run HTTPS a ranking boost.

Whilst this is not a "silver bullet" that will boost you from the 10th to the 1st page, Google do indicate that the ranking algorithms they use do give more weight to sites that run with HTTPS, which will have a positive impact on your search ranking simply by having HTTPS.

2 Google Chrome and Mozilla Firefox are now warning users when visiting an unsecured website (ie: using regular HTTP).

In early September 2016, Google Chrome started warning users when viewing non-secured websites by adding an "information icon" in the address bar next to their website address. When the icon is clicked it displays the message "your connection to this site is not private".

They also announced that this warning is going to get a lot more prominent starting in January 2017, which is also going to have the words "Not secure" next to their domain name in the address bar as seen above.

In the same article, they also stated that they are fully aware that users tend to get used to warnings and eventually overlook them, so they intend on making this much more prominent. As seen below, they will be changing the information icon and text to an exclamation mark and wording in red.

This is a BIG one to consider! At some point in the near future, users viewing your website will start seeing a red warning telling them that your website is insecure. Mozilla Firefox, Apple's Safari and Microsoft Edge will apparently be following suit too by adding more and more prominent warnings. If you have not yet upgraded to HTTPS then their web browsers will start notifying users that your site it is insecure, in bright red letters! This will be likely scare a lot of people, and may lead to them not trusting your website.

3 The cost of having a HTTPS certificate for a website has dropped significantly in the last two years.

HTTPS certificates used to be expensive luxuries, and were initially only seen on websites belonging to banks and other major organisations. With this rise in demand for use on all websites, fuelled by the need for user privacy & security, and now being pushed by Internet giants such as Google, Mozilla, Microsoft and Apple, HTTPS certificates have become much easier to get, a lot more affordable and easy to come by!

How much will it cost me?

We are now able to provide HTTPS support for your website for as little as $5 (+gst) extra per month!

The additional costs for HTTPS will simply be added to your website hosting bill, and we will set this up for you on your website.

Will I need to change my website address?

No, not at all. Your website address stays exactly the same. Anyone accessing your website on the HTTP method will get automatically redirected to the "secure version" (same address, but http://www.yourwebsite.co.nz will automatically redirect to https://www.yourwebsite.co.nz).

Most non-technical people probably won't even notice that you're using HTTPS. They are however likely to notice a warning next to your website address if your site is still running on the unencrypted HTTP protocol.

Okay, so how can I get HTTPS for my website?

Simply get in touch with us, and we'll take care of the rest! You don't need to do anything else.

Contact us about your website hosting