15.9.2018

HTTP vs HTTPS - 2 important reasons why one is better than the other

HTTP vs HTTPS, which one won? - Well of course HTTPS!

Today, there is no longer any reason to maintain a website without SSL encryption. To establish an HTTPS connection, you need a digital certificate, provided by a "certification authority" (CA). An SSL connection is a connection protocol used to secure the network connection between the client's computer and the server. SSL stands for Secure Sockets Layer.

In HTTP vs HTTPS, HTTPS takes all the way. It increases website security and it also improves your website's ranking in search engine results. For example, Google has said that it prefers SSL-encrypted websites in their search results. Google's Chrome browser even warns users if their pages do not have SSL encryption enabled.

Why do you need SSL encryption?

For example, when using an online bank, it is very important that any connection between the computer and the server is secure to prevent customer data from falling into the wrong hands. When a computer's web browser connects to a web page that supports encryption, others on the same network are unable to read the data between the computer and the server. The lack of SSL security on login pages is a major security risk.

Increasing conversion with SSL encryption

According to a GlobalSign study, up to 80% of all customers would not complete their purchase in an online store without an SSL encrypted connection. The main concern for these customers is the loss of their credit card details. Without SSL encryption, it is very easy for them to fall into the wrong hands.

How do I know when a connection is protected?

When the website address starts with the letters "HTTPS://" instead of "HTTP://". Most browsers now warn you if a site is not secure.

Always check the address of the website before logging in to any service! A login through a HTTP-only connection sends your login ID in plain text to the server, so any other proxy between your device and the server will see your ID.

Improve your site's ranking in search engines with an SSL certificate.

Data security is the main reason to get an SSL certificate, but it also has other benefits. For example, Google's search engine prefers websites that are SSL-secured. So if a company offering online services sells search engine optimisation, it should always include the installation of SSL security!

Also read our WordPress search engine optimization guide!

Where can I get an SSL certificate?

You can get it for free from Lets Encrypt. Lets Encrypt's free SSL Certificates are one of the biggest reasons why SSL encryption is becoming more and more popular around the world. The importance of cybersecurity is becoming increasingly important as all the services people use move to the internet.

How do I install an SSL certificate on my website?

If you are already familiar with managing your website, it shouldn't be too difficult to implement SSL encryption.

Buy a new SSL certificate from a trusted service provider or get a free certificate through Lets Encrypt.
Take a full backup of your website in case something goes wrong.
Install the SSL certificate according to your provider's instructions.
Change your website address to point to a new link that is already HTTPS. (For example, in WordPress: Settings -> WordPress Address (URL) and Site Address (URL))
Update all external links that you manage to point to an HTTPS address again. (For example, a link to a Facebook page or a link to a Google My Business site.)
Make a HTTPS Redirect rule on your web server to route all traffic to your website through the HTTPS address.
For search engine optimization, it is important to set 301 Redirect settings for each page separately. (this is a trick of advanced search engine experts)
Check all your digital marketing links. Also check the links used in the email distribution.
Update the HTTPS link to Google Search Console, as well as Google Analytics.

If your website is huge and has many different subpages, I recommend you ask an external search engine optimisation company for help. But if your site is relatively small, and the instantaneous counting of search engine results is not important, you can do all this yourself without worry.

HTTP vs HTTPS - a direct comparison

HTTP	HTTPS
Does not protect traffic between the browser and the server.	Secure traffic between the browser and the server with an SSL certificate.
Suitable for use on information pages where the content is static and the user does not need to log in or fill in any other information on the page.	Recommended for use when there is an option to log in on the site or in the case of an online shop.
Does not improve your ranking in search engine results.	Improve your ranking in search engine results.
The connection goes through the web server on port 80.	The connection goes through the web server on port 443.
New browsers will mark the site as unsecure.	More than one web browser means your site is protected.
Use of AMP protocol blocked. (Accelerated mobile pages).	You can use the AMP protocol.
The site is less trustworthy in the eyes of visitors.	Increases the reliability of your site and thus improves conversion.
No SSL certificate required.	Requires a signed SSL certificate to work.

Summary

An HTTPS connection can occasionally be slower than an HTTP connection, but countless procedures to optimise the loading speed of web pages fully compensate for this. Apart from this, I can find almost no other reason not to use SSL encryption on a website. Today, more and more web hosting providers offer a free SSL certificate, which is automatically installed when you purchase a web hosting service. It's not difficult to set up SSL encryption and a good provider will set it up for you for free. However, it is good to understand what is at stake and why SSL encryption is important. So the clear winner in the HTTP vs HTTPS battle is HTTPS!