Some websites are Secure, and some area shows in Google Chrome as ‘Not Secured’. Is it important? Does it make that much difference, particularly if your site is not commerce, and not even processing any forms? Let’s discuss SSL and HTTPS to find out why it is important.
You should have a HTTPS Website – even if not Commerce
Your website should be HTTPS – “but we aren’t a commerce site, and we don’t have any forms”. While this is the usual thought process about websites, and about the reasoning for having HTTPS, it’s not longer the correct method to use. It’s kind of frowned upon. If you don’t have security, you haven’t “bothered”; that’s how Google and others see it. That’s the thought from many out there, considering SSL is now free for the basic level of certificates and installation. There was a time with SSL would be £25 per year – those days are thankfully long gone.
Secure Websites make Safer Websites
If you are visiting a website, you want to know you are looking at it safely and securely. That the information being sent to you cannot be seen by others, that it is encrypted. It’s not just about carts or forms either. It’s about being hidden and private. Above all, Google just prefers it, and your customers don’t get that horrid “Not Secure” notice in the browser, then it’s as though you don’t care for others security browsing your site.
We have never been asked by a client to make the site secure, as they always assume (quite rightly) that we will as part of the course! It’s our job as the designer to make sure the site runs correctly, and is safe and secure. All our website hosting is SSL as standard. If the owner doesn’t want that, we ask why? Sorry but these days security is high priorities for customers’ websites.
Where did SSL Websites begin?
Years ago it was only for commerce websites. This is true. The cart, adding to cart, forms etc were all secure. Then came contact forms and people liked to know they were emailing safe and securely, but eventually Google decided that HTTPS comes first. Checkout this page from 2014 to highlight when SSL became an issue and a requirement (this link with open in a new tab):
The issue then comes if your site can load with HTTP and HTTPS. In other words, if the website loads as insecure and secure. It’s worse. why? If we said to Google https://thislovelywebsite.co.uk is a site, but you can also see it at https://thislovelywebsite.co.uk, Google (believe it or not) sees it as TWO websites; this is the truth. There are easy fixes for it, but it requires back end code. WordPress can handle it, but not in the most efficient way.
You need one website that’s secure – not multiples
So you have to ensure that the HTTP points to the HTTPS, so Google only sees the HTTPS version. Else, you are basically spamming. If you aren’t too tech, this means little to you. But if you are a bit, then it’s serious. If you aren’t sure, let us know. We’d be happy to quickly look for you.
The site you are looking at now use to be HTTP. Then we converted to HTTPS a number of years ago. If you go to https://www.79design.org.uk, you will see it directs you to the https version. If yours can be opened with and without the https, let us know.
So when someone says they don’t need security because they are not commerce – with respect, they don’t understand the importance of it. Contact us on 01775 894479 and let’s discuss your website’s security, and get your Google position improved, and your customer’s experienced, nailed!