Secure websites now or face the consequences that can occur in the future. Oh, you already have? Wonderful! But if not, then listen up. You need to know the reasons why.
What Are Secure Websites
Time is running out for you to change your website to a secure website. What do I mean when I say that? Let’s first take a look at your URL for your website. Does it start with http://? If so, then your website is not secure.
Having a secure website means that your URL will start with https://. See the difference? The little s at the end of http is an indicator that your connection to the Web is secure and any data on your site is encrypted. That “s” is part of technology that stands for Secure Sockets Layer.
According to ssl.com, their definition for SSL is:
SSL (Secure Sockets Layer) and it’s successor TLS (Transport Layer Security) are methods used to secure and encrypt sensitive information like credit cards, usernames, passwords, and other private data sent over the Internet. Website pages secured with SSL and TLS are those branded with the HTTPS in their URL address.
Why You Need a Secure Website
By now, you are probably wondering, “So what is the big deal? Why does my website need to be secure?” Let’s put it this way. If you collect information from clients through a form, you need to ensure that hackers cannot access that information. That information includes username and passwords, credit card numbers, or any other data that needs to be kept private. This not only protects you, but also your clients.
***Disclosure: This post and our website contain affiliate links and I will be compensated if you make purchases using them. Please see our affiliate disclosure.***
Since I need to update our four websites so they are secure, I went to my web hosting company. I have been with Bluehost since 2008, and they have provided comprehensive customer service and support. I needed to do my own research on what SSL certificates are and what types they have.
Driver of Secure Websites
So who is the driver behind everyone needing to switch to secure websites? Chrome. Who is Chrome? Chrome is a freeware web browser that was developed by Google in 2008.
So let’s dig a little deeper into the reasons everyone should switch. I read that in the beginning of July of this year, Chrome will tell EVERYONE that you have a non-secure website if you haven’t made the switch by then. How will Chrome do this? You may have already started seeing this. Right now, it looks like the image below. (www.borloktranscription.com is one of our other websites).
In July, Chrome is going to be updated to Chrome 68. Then, not only will you see the icon where the arrow is pointing (called the omnibox), Chrome is going to actually display the words not secure as shown below:
So your next question should be, “in order to become secure, are there different types of certificates I can get that don’t cost an arm and a leg?” Let’s examine the types of certificates that you can get. Of course, if you have other web hosting or want to use a third party, you can do that too.
According to Tatyana Svechkar on LinkedIn,
SSL certificates can be divided into 3 validation groups:
1. Domain Validation Certificates (DV):
Requires a certificate applicant to prove his/her control over the domain name only. The issued certificate contains a domain name that was supplied to the Certification Authority within the certificate request.
2. Organization Validation Certificates (OV):
Requires a certificate applicant to prove that his/her company is a registered and legally accountable business, and to pass domain validation. The issued certificate contains a domain and company name of the certificate applicant.
3. Extended Validation Certificates (EV):
Includes validation requirements of two validation types mentioned above and additional requirements. The issued certificate contains a domain and company name of the certificate applicant. It is worth mentioning that only Extended Validation certificates display a green bar with an owner’s company name in web browsers.
You may want to check with your web host to see if they offer the WordPress Free SSL. At least on Bluehost, they break the SSL certificates down into Positive SSLs, Positive Wildcard SSLs, Comodo SSLs and Comodo Wildcard SSLs.
Steps to Secure Websites
Getting secure websites is a multi-step process. Let’s take a look at the bulletpoints for the various steps for securing websites and add them below:
- Do your research. It can be costly in terms of time and money if you attempt to do anything when you don’t know what you are doing.
- If you have WordPress, locate your username and password to log into your website. You need to make sure that you have them written down somewhere where you can get them quickly because the link you use to log into your account will change.
- Backup your website. This would be a full backup. If you don’t know how to do this, get help from your web host.
- Purchase (or get your free) SSL certificate.
- Install your SSL certificate. If you need help with this, I would recommend starting with your hosting company first for support.
- Change Your Website’s Links – All of the links on your website will change from http:// to https://. This includes changing permalinks (even on WordPress). If you are like me, you will want to do the technical task of changing the text from “http” to “https” yourself to make sure they are all changed. According to Yoast, you can have a canonical link present in the <head> section of your website to properly route all traffic coming in from http:// over to https://
- If you are not using relative links (partial links using only part of a page’s entire url like “/2015/03/update-wordpress.html”), why not take the opportunity now to take time to review all of your site’s content to find links that point to other parts of your own site. Take advantage of this opportunity to switch to relative links now instead of just replacing “http” with “https.”
- Two more steps you need to take are to update Google Analytics and Search Console. In Analytics, you just need to change the Default URL to HTTPS. In Search Console, you’ll need to add the new site with HTTPS.
Final Thoughts on Secure Websites
I am not an expert on what I have presented here, so I don’t have all the steps you need. So I encourage you to do your own research and get web support.
If you are a small business owner and have more than 1 website, start with your smaller website first.
When researching in Chrome, search Google for current content to ensure you are getting trustworthy sites and have the most current data.
Time and money are two more factors to consider when selecting your certificate’s validation level: the higher the validation, the more work and the longer it takes to receive your certificate.
Pam Lokker is a master writer and a virtual assistant professional who enjoys writing. While we are not currently taking on new clients, Borlok Virtual Assistants, LLC has been the place to get global expert VA services with quality and on-time delivery for many years.
Please follow and like us: