Website Design and Consulting Services

https graphic

New and Important Website Security Issues

Google has once again flexed its mighty muscle and is forcing the online world into totally adopting secure websites. Previously only considered for sites that conducted financial transactions and maybe had an online enquiry form to submit, it would seem that everyone is going to need a secure site if they wish to remain reasonably high on search engine rankings and not subject their visitors to warnings that may make them hightail it out of their site!

The original World Wide Web was built using an electronic protocol and programming language called HTTP (HyperText Transport Protocol). It was the original “lingua franca” of the web. Buried in that HTTP code are the instructions of what is placed and where it is placed on a page when you visit a website. It also contains other information – too much to detail in this posting and irrelevant. The primary problem with HTTP is that it isn’t very secure; it can be “eavesdropped” upon by others who might spot some interesting information being transmitted (e.g. credit card details) and use it for nefarious purposes.

The way to stop this from occurring is to use the HTTPS protocol (the ‘S’ stands for “secure” or “Secure Socket Layer – SSL”), which is built on HTTP2 and encrypts all the electronic communications passing between the user and server. You know you’re on a secure HTTPS connection when you not only see the added S in the URL, but also a little green padlock icon in the address bar of your browser.

One significant advantage to using a secure channel is that the performance of the website increases significantly. Pages and media load a lot more quickly because HTTP2 is inherently faster than HTTP.

As I indicated earlier, there is another good reason for having your website run under HTTPS: Google will like it better and rank it higher in its search engine. Google has taken that a step further. As of this writing, anyone using the Chrome browser, which is, of course, built and supported by Google, will receive a warning directly in the browser when they visit an unsecured site.

town of stony plain website not secure

Few things will scare away a potential customer more than warning them that their computer’s security is potentially about to be breached! As of this writing, approximately 60% of web users employ the Chrome browser. (Yes, at the time of this writing, the Town of Stony Plain did not have SSL on its website.)

So, to summarize, you want to update your website to be delivered to users via HTTPS because:

  1. Your customers and prospects will access and browse your site much more quickly.

  2. You will get a ranking boost from Google. (At least you’ll get a boost until all of your competitors follow your lead.)

  3. Visitors will interpret your site as being one they can trust and the credibility of your business or organization will increase.

  4. No matter how benign, your website will not intercept anything passing between it and its visitor.

  5. Visitors using Chrome to browse your site will not be scared off.

Without going into a lot of detail, the first step in getting your website upgraded to the current secure standard is to acquire an SSL Certificate. Once a costly item, such things are now free and can be acquired from several online sources. The next steps are considerably more difficult because your website will need to be rejigged to work properly with a new URL. That is, where you used to be http://mysite.com you are now https://mysite.com. As well, any external links you might have on your site will have to lead to other secure websites. Doing these tasks can take a lot of time and effort and things might still not work properly if there’s even one lingering “http” as the needle in the proverbial haystack.

Fortunately, if your site was built using WordPress or I built it for you, I’ve acquired a number of software tools that will let me finish this task in an hour or two! Give me a day or two’s notice and I can complete this job, and I can even get the SSL Certificate for you.

Get your website secured. Now. Resistance is futile.

Did you find this post interesting? Perhaps you’d like reading one of these others:

Share this post

fireworks animation

And that's nothing compared to what I can do!