As of October 2017, more than a quarter of the Alexa Top 1,000,000 websites are using HTTPS by default (source). 62% of the world’s 140,000 most popular websites have implemented the protocol (source), and nearly 60% of page loads across the web (as measured by Firefox Telemetry) now use HTTPS (source).
So just what does this all mean? And why does it matter to the success of your website? Well, to understand that you’ll need to know what HTTP is, and how it’s different from HTTPS.
What is HTTP(S)?
HTTP, or HyperText Transfer Protocol is the protocol through which your computer or mobile device communicates with sites across the World Wide Web. Put simply, it’s how your browser sends requests to and receives information from servers, which in turn is displayed as a website on your screen. That’s why if you look at the address bar at the top of your browser while on any given website you’ll notice the address starts with the letters “HTTP.”
The “S” you’ll sometimes see after those four letters stands for “Secure” and it has become increasingly significant in recent years.
Why Does the “S” Matter?
HTTP’s origins date back to the late 1980s, and it has been the foundation for data communication on the web since the 90s; it is not, however, perfect. Standard HTTP communications leave users vulnerable to attack. Any hacker with the tools and knowledge to do so can use an unsecured HTTP connection to eavesdrop on a person’s browsing session and steal potentially sensitive information.
A secured HTTPS connection, on the other hand, uses a special set of keys to encrypt data sent between the user and website, keeping it safe from prying eyes. While pages asking for credit card information or similarly sensitive data were among the first to commonly make use of the HTTPS protocol, websites are increasingly implementing it across the board as a measure to secure all data, not just that which may be the most easily exploited if stolen.
Users like their privacy and security, and Google has taken note. A safer Internet is a better Internet, so to encourage the adoption of HTTPS the search giant has chosen to prioritize sites which use it above those which d no’t in its results.
It’s no secret that Google has a massive impact on web traffic, which means anything a company can do to stay in the search engine’s good graces should probably be done.
Being seen at the top of a Google search today can also have a long-term impact on your site’s traffic. The sooner your site ranks highly the quicker users will find it, and people seeing it on Google today may skip the search engine entirely tomorrow if they already know your site has what they’re looking for.
Not everyone out there understands the difference between HTTP and HTTPS, but that doesn’t mean there are no tech-savvy individuals who may be looking for a website like yours and backing away when they see it’s unsecure.
Even less technically inclined users may pick up on the clues their browsers are sending them; Firefox, Chrome, and others have taken to displaying a padlock icon next to the URL in the address box. When a site uses HTTPS the lock stays closed, but on HTTP pages it opens up–a worrisome sign for anyone paying attention to the top of his or her browser.
How Do I Set Up HTTPS for my Website?
To set up HTTPS you’ll want to speak with the service hosting your website and verify the steps you need to take. You’ll likely have to obtain and activate an SSL (Secure Sockets Layer) certificate, and you may need to have the site hosted from its own dedicated IP address. With that, your web developer and host should be able to help you finish the process and have your site’s pages default to HTTPS.