That’s a good question.
Like you, I didn’t think it would make my site more secure or that I had any data worth encrypting. Here’s what changed my mind about it and why I converted my sites to HTTPS.
What is HTTPS anyway?
Have you ever sent a check through the mail?
If you didn’t use a security envelope or take other measures to hide the info on the check, anyone could hold it up to a light and see what was inside.
That security envelope is like HTTPS.
It hides the data being sent across the internet from prying eyes.
Picture HTTPS as sending your mail in a security envelope instead of on a postcard.
So who’s spying?
A man-in-the-middle attack is a hacker trying to spy on data as it travels through the internet. They copy whatever data will fetch a price on the black market.
- Email addresses
- Log in credentials (even just passwords)
- Credit card info
Selling lists with this kind of info has become a multi-billion dollar industry.
So, hackers have major incentive to spy on data as it travels through the internet unencrypted.
How do hackers spy?
The easiest way to capture data as it travels is over wifi.
And they don’t even have to be anywhere near you to do it.
They can be thousands of miles away.
All they have to do is hack the wifi router at your favorite coffee shop and they can spy on everybody using the free service.
Every time you log in to a site or give your email address, spying hackers can see that info if it’s not encrypted.
HTTPS stops peeping Toms
If every site on the internet sends its data via the HTTPS protocol, it will be encrypted.
That means no more easy spying for hackers.
That means safer data for everyone.
Everybody has to do their part
To make this work, every link on the web has to be converted to HTTPS.
So, even if your apple pie recipe doesn’t contain any critical data, it still has to be encrypted in an effort to make the entire internet encrypted.
Want folks to sign up for your newsletter? They may start checking to see if your site has a green padlock before they enter their name and email address.
It’s not just Google saying so
Google has started issuing both perks and penalties to entice us to make this change on our sites. But, it’s not just them.
Government agencies all over the globe that deal with cyber security are pushing for it too.
Free SSL certificates, like Let’s Encrypt, are now easy to obtain through most hosts.
And hosts are starting to turn them on by default now, and require all new sites to be HTTPS.
(If your host isn’t doing these things, consider how far behind the times they are think about switching.
See my recommended hosts here.)
Sooner rather than later is better
It took me a while to come around to seeing why I needed to convert my sites to HTTPS.
In fact, I waited until Google announced penalties that would affect my member sites that have a log in bar on every page.
And at some point, Chrome, Firefox, and other major browsers are going to splash a big warning in the face of anyone visiting any site that is not HTTPS.
That day is coming, quicker than most folks think.
Getting your site converted to HTTPS sooner rather than later puts you well ahead of the game.
And, you get SEO perks for doing it right now too.
How do I get my site converted to HTTPS?
Getting a green padlock is not all there is to it.
There are all kinds of tutorials on how to convert a site to HTTPS. Some look super duper easy.
Grab a certificate, grab a plugin, viola!
Oh, were it that simple!
After spending 90 hours researching those tutorials and methods, I can tell you for certain there are bunches of ways to FUBAR a conversion!!!!!!!!
And you’ll be sorry you followed that advice, especially when you try to mop up the mixed media or broken plugin problems, or switch back.
And good luck finding someone to help you clean up that mess!!!!!
I’ve even seen some hosts booger up a conversion too.
It’s worth getting done right the first time
Do yourself a huge favor.
Get your site converted in a way that won’t give you problems down the road and will actually make your site more secure in the process.
Learn how to convert sites to HTTPS
Are you a designer who needs to learn how to provide this service for your clients?
Check out Level 3 of my Webmaster Training Course
Want to partner with someone who knows how to set up sites securely from the root up and convert them to HTTPS? Contact me. Both me and my webmasters stand ready to help you.