Offering our customers a website with a secure connection has been a hot-topic ever since the Heartbleed bug became public. This allowed people to listen to all traffic passing from a user’s computer to their web browser. Although this bug was patched very quickly after its discovery, it was a necessary wake-up call for all website owners. We should all be encrypting any user information over the internet to prevent cybercrime.
Get Secure Hosting
A man in the middle attack occurs when a third party begins listening in on (or sniffing) this unencrypted traffic. In the process they can catch any information leaving your customer’s computer en route to your website. A man in the middle attack is one of the most effective means of stealing personal information made even easier by our reliance on our use of devices on public wifi.
But it’s not all bad news.
Google is trying to make it safer for everyone across the board by encouraging all websites to move from HTTP to HTTPS. Wired say that half the web is now encrypted, meaning that the web is getting safer in an important way.
Here’s how you can get up to speed.
HTTPS, HTTP. What’s the difference?
Before we explain why encryption is so important, we should examine what it actually means. Let’s break it down to its basic parts.
HTTPS stands for HyperText Transfer Protocol Secure. Though it sounds complex, it’s quite simple.
According to InstantSSL Hyper Text Transfer Protocol Secure (HTTPS) is the secure version of HTTP, the protocol over which data is sent between your browser and the website that you are connected to. The ‘S’ at the end of HTTPS simply stands for ‘Secure’. It means all communications between your browser and the website are encrypted and cannot be read by anyone intercepting this information. HTTPS is often used to protect highly confidential online transactions like online banking and online shopping order forms. You will know when using a HTTPS site because of the S at the end of HTTP (obviously) and a green lock and the word secure located to the left of the address bar.
That little lock indicates that the page you visited came to you via HTTPS, the web’s secure protocol, rather than plain old HTTP.
Why your web page needs to be secured
A man in the middle attack occurs when a user connects to an unencrypted or plain HTTP website. A hacker uses a small device to monitor this traffic. They can then extract any information they wish, such as credit card details and online banking credentials. If this traffic is encrypted, it cannot be read at interception.
There are also other major benefits to having a HTTPS certificate for your website:
- Customers are more likely to trust and complete purchases from sites that use HTTPS
- Visitors can verify you are a registered business and that you own the domain
- As HTTP/2 is rolled out, your website may perform 50-70 percent better than sites over HTTP/1.1
- HTTPS is now a lightweight ranking signal and can even see improvements in your search engine rankings
Chrome will show security warnings on http
Perhaps the best reason of all to migrate to HTTPS is to avoid the ”NOT SECURE” warning when users enter text in a form on an your HTTP page. Nothing is worse for business than a glaring warning to customers that in the ransomware age, their data is not safe.
Here’s how it will work
Starting October 2017, the following URLs on your HTTP site that include text input fields (such as < input type=”text” > or < input type=”email” >) (as is necessary on a contact form or a purchase page) will trigger the new Chrome warning.
The new warning is part of a long term plan by Google to mark all pages served over HTTP as “not secure”.
The only way to prevent this warning from appearing is to ensure that any field that requires customer text input is clearly on a HTTPS page. How is this achieved?
You will need to migrate your page from HTTP to HTTPS.
Making the move
To keep your data safe, we at Energise are taking steps in 2017 to ensure that we have SSL-certificates across all of our own and client websites.
Though there is no such thing as perfect security, this is one step on the way to a safer internet for everyone.
Safe and happy browsing!
Ready to switch to HTTPS? Get in touch! We’ll show you how.