In this post, we examine why a WordPress website needs SSL to remain competitive in search rankings and build trust with your audience. But SEO and audience trust are benefits of HTTPS that apply to all websites, even non-WordPress sites. If your company website doesn’t use SSL certification and you’re worried about the potential negative impacts on your business, this post is for you.
Prefer not to think about any of this? Reach out today and Turkey Burg will be happy to help secure your website. Or click here to learn more about our website services.
Your WordPress Website Needs SSL… Are You Ready?
Cybersecurity is an ever-changing issue. As technology advances, so do security threats. This is an ongoing cycle in which companies that use WordPress should remain up to date and vigilant. One of the best ways to do this is by updating to HTTPS and SSL. First, you need to understand what these terms mean.
What Are HTTPS and SSL?
HTTPS stands for Hypertext Transfer Protocol Secure, which is the secure version of HTTP. In the most basic of terms, data is sent between your website and visitors’ browsers over this protocol. All of the data sent over HTTPS is encrypted.
SSL stands for Secure Sockets Layer, and it’s the standard website security technology that encrypts sensitive data. Your website needs an SSL certificate to create an SSL connection and use HTTPS.
An SSL certificate is a small data file that digitally binds a cryptographic key with the identity and location of a company and its domain, host and server names. This creates the encryption. When you install the SSL certificate on your server, it triggers the padlock and HTTPS to allow the secure connection between the server and web browsers.
You likely have experience with HTTPS and don’t even realize it. Many websites start with “https://” to indicate the secure encryption. Additionally, browsers such as Google Chrome, Mozilla Firefox and Microsoft’s Internet Explorer display padlocks in their URL bars next to web addresses with HTTPS.
Secure Site in Microsoft Edge
Secure Site in Google Chrome
Why Your Website Needs HTTPS
HTTPS is particularly useful to keep financial and other personal details confidential for online banking and shopping. Some examples of financial and personal information include bank account numbers, credit card transactions, Social Insurance Numbers (SIN) and website log-in details.
You should always have an SSL certificate for HTTPS if you run an online shop because this is the best way to keep safe all of the personal information about your customers. In fact, most payment processors require online stores to have this.
Along with making your website secure, using HTTPS makes your site more attractive to customers. Online security is at the forefront of consumers’ minds, and more of them are becoming aware of HTTPS. Seeing the green padlock in their browser bars gives them peace of mind, making them more likely to buy from you.
WordPress Requires HTTPS for Enhanced Safety
Website security and consumer appeal aren’t the only reasons to use HTTPS. Another major reason is that it has become a requirement with the new 4.7 WordPress platform to enhance safety. In early December 2016, Automattic CEO and The WordPress Foundation founder Matt Mullenweg announced that users of the platform will need SSL certificates to support HTTPS.
Mullenweg believes that HTTPS is the next logical step in keeping online user communications safe. He revealed that the company would start promoting hosting partners with default SSL certificates early in the year. Next, they will assess the features that benefit the most from SSL and only make them available when SSL is present.
Google Requires HTTPS for Search Rankings
Changes in Google ranking factors are yet another reason to have HTTPS. In August 2014, the search engine giant announced that it would starting using HTTPS as one of its factors in search rankings. Websites with SSL and HTTPS rank higher in its searches than websites without them. The purpose of this is to help the internet become safer for users.
At the time of this announcement, Google said that fewer than 1 percent of global searches were affected when using HTTPS signals in its search algorithms. However, the company is strengthening its use, encouraging WordPress site owners to use the more secure protocol.
In addition, Google plans to display an “X” beside domain names that don’t have HTTPS. This will appear within the search results to warn users about pages that could be unsafe.
Here are examples of what this looks like in Google Chrome…
Browser Warning for Site without SSL
Step1: Page Warning for Site without SSL
Your eye is likely drawn to the blue Back to Safety button. But for users to advance to your site, they need to click on the easy-to-miss ADVANCED link.
Step 2: Page Warning for Site without SSL
Clicking the ADVANCED button only reveals the lower part of the warning page. Users then need to click on the “Proceed to www.domain.com (unsafe)” link to advance to your site.
This is not exactly a good way to instill confidence with your website visitors. It also won’t help your website rank in search engines.
SEO Benefits of Using WordPress HTTPS
Along with ranking higher on Google search results, switching to HTTPS provides other SEO benefits. One of these is additional security. Having HTTPS with SSL certification verifies communication between your site and its server. This encrypts communication and data such as credit card details and user browsing history.
You also benefit if you use the Google Analytics Dashboard plug-in for WordPress. With HTTP, you may see traffic that passes through referral sources as direct traffic. Having HTTPS preserves the security of the referral source in Google Analytics.
How to Apply HTTPS and SSL to a WordPress Site
The first step to adding HTTPS to your WordPress website is buying an SSL certificate. This is typically procured through your hosting provider. Although free options are available, they usually cause a security error for users because they’re designed more for private usage. After buying one, it needs to be installed on the server that your website uses. Next, you can install WordPress as normal and change the URL to “https://”.
However, just setting up the WordPress SSL certificate and changing the URL isn’t enough. You might need to make some tweaks to a few of your web pages.
Second, you must ensure that your server redirects requests for HTTP to the new HTTPS.
Finally, update any CSS, JavaScript and images to use the new protocol. You have to do this because a lot of browsers don’t allow HTTPS sites to transfer these files via HTTP.
Contact Turkey Burg for WordPress Management
If you have a WordPress website but don’t know how to make these changes yourself, you need someone who can. We’re here to answer questions if you want to learn more about why your WordPress website needs SSL. Even if you’re not running a WordPress website, SEO and audience trust are two important pieces to any website execution plan.
As a full-service marketing communications consultancy, Turkey Burg provides dedicated marketing and website management to keep your business relevant and secure. All we need is initial direction from you. Then you can get back to focusing on your business while we oversee the changes for your site. It’s a worry-free process for you.
Learn more by viewing our website portfolio.
Don’t let your WordPress website fall in Google search rankings or put customer information at risk. Contact us today about upgrading your site to HTTPS or to ask about our other WordPress management services.