Transcript: Alright, everyone, you know what time it is? Scary story time. It was a dark and stormy…you know what, let’s skip past that…
You type your website into the address bar in your browser.
You hit enter. You look up at the URL and right next to it are two words that you’ve only seen in your nightmares: not…secure. Okay, I guess that’s only scary for me.
Either way, in 2019, secure websites are not only key for building trust with site visitors, but they can also rank higher on Google.
Google announced back in 2014 that SSL was now a small ranking factor in their algorithm. Before we talk about how you can fix this “not secure” issue, let’s talk about exactly what it means.
Without getting overly technical, a not secure warning means that your website is using HTTP instead of HTTPS. These protocols are how information is passed back and forth between your computer and the website server. The S in HTTPS means that SSL encryption is enabled, which helps encrypt and protect data passed back and forth between your machine and the web server.
Basically, if your website says “not secure,” it’s easier for people to gain access to sensitive information shared across HTTP like credit card data, passwords, medical information—basically anything sent between your browser and the web server. Not secure doesn’t necessarily mean that your website has been hacked or that you have a virus on there, but it tells a user not to trust the site with their information.
And that can be a big problem for most businesses.
Imagine how customers would feel if you hung a sign outside your brick and mortar location that said “Not Secure” in big, bold letters. A couple of years ago, I was traveling and like most days, I needed a coffee fix.
I wanted to buy some coffee from a local shop. Unfortunately, their credit card processor was down so they were actually having people write down their credit card info on a binder that they laid on top of the counter. As much as I needed caffeine, it was a no-brainer to skip coffee that day.
You’re giving off the same not secure vibe on your website if you are asking for personal or sensitive data while still using HTTP… If people think their information is at risk, they’re going to head away from your website as quickly as possible and check out a competitor’s website that’s properly secured. So—if your website is showing up as not secure, you either need to purchase and install an SSL certificate or fix one that is incorrectly installed on your website.
A quick way to check this is to use the site whynopadlock.com. This free tool helps troubleshoot if your site has an SSL certificate and, if so, if it is installed correctly.
A common question we get is do all sites need an SSL certificate?
I definitely recommend it for any site with a shopping cart, but also for sites with contact forms, user-generated content, login functionality—basically 99% of sites out there need an SSL certificate. The answer is almost always yes.
As more of the web moves over to HTTPS you don’t want to be left behind when it comes to things that are really, really important to users like security. As I mentioned earlier, Google is starting to use SSL as a ranking factor, so you’re not just forming a trusted relationship with consumers who visit your website, you’re also helping your website stand out in search engines. Google’s really, really pushing for the entire web to move over to HTTPS, so this is something that you want to prioritize and take action on soon.
If you want to learn more about how exactly to secure your website, head over to a blog post we wrote about how to set up SSL.