Google has been saying for a long time (two years or so) that your website’s security is important.
First, they (and most browsers) started shaming websites with a small security warning in the browser URL bar. Google Chrome, among other browsers, have been doing this for a while already. It looks like this:
But starting in July, the warning will look like this for everyone who visits your site using Google Chrome (60% of the internet):
Making sure your website is secure (https) isn’t going to be optional anymore. Once Google Chrome does something, most of the other browsers take note and follow suit with their own upgrades.
You need to make sure the connection between you and the customer is secure.
Google security announcements
Hopefully this isn’t the first time you’re hearing about Google’s security warnings. If you want to read about them from Google’s blog, here are a couple key ones (and here’s a link to Google’s security blog so you can stay up to date):
As a rule, if Google starts using something as a ranking factor (and they announce that), we take it seriously – and so should you. Especially if it can be done semi-easily.
Why should you switch your site over anyway?
You’ve been through this before.
Remember Mobilegeddon? Here’s a refresher: Google rolled out an algorithm that gave a ranking’s boost to mobile-friendly sites. What if you were one of the many unfortunate sites who wasn’t mobile friendly, but still used AdWords?
Their AdWords results aren’t the best. But, you can choose the device you want your ads to show on – so it wasn’t all bad.
Lot’s of industries still don’t have mobile-friendly sites. One that comes to mind is commercial construction. Business just isn’t done (currently) online. But, they wouldn’t be running ads to bring in customers on AdWords.
If you are, the security warning is going to be bigger than switching to mobile. Your customer, regardless of age, values their safety – specifically their personal information’s safety.
The majority of your customers won’t understand the warning message. They’ll think the message means your site has been hacked and is unsafe to be on.
Remember all the huge security breaches in recent years?
Quality is big in your line of work. If someone goes to your website and they get a warning that your site isn’t secure, what does that say about your business?
We both know it might not say much about your actual work. But think about it from their view, if your website isn’t updated, what about your work?
Lots of times, your website is the first impression your customer has of you.
Protecting your site and your customers’ information
The most obvious option is switching your site to secure. To do that, here’s the process:
The Process In A Nutshell:
Buy a security certificate
Security certificates are offered by a couple key vendors and come in a couple different types. Search for one that’s right for your business and gives your site the protection it needs.
Install the security certificate on your server
Making sure the security certificate is installed correctly is important. The certificate you purchase should have instructions on how to install properly.
Update your .htaccess file
Your .htaccess file tells browsers how to look at your site, and they won’t know they’re supposed to show the secure version unless this file is updated.
Set up redirects from unsecured to secured pages
One of the most important parts of installing a security certificate is making sure it covers all your websites pages. A wildcard redirect on your server should cover everything.
Update internal links
Every link on your website needs to be updated to make sure it’s directed to the secure version. This is going to be very tedious, but it’s necessary for the security certificate to perform correctly.
Update all internal site resources
You can violate the security on your website by having unsecured pictures and resources loading on your newly secured site. The same way you go through all the links on your site, you’ll make sure all the pictures and resources are loading from secure servers as well.
Update your website’s sitemap
Google uses this file to know what pages are on your website and what importance they have. Make sure you don’t forget this commonly overlooked step.
Update robot.txt file
Google and other tools need to know you’ve made the switch to secure. Updating your robot.txt file will make sure they know.
This makes sure your site appears how it should in search engines. Head to your Google & Bing Webmaster tools to “fetch & render” the new version of your website.