Why switch to HTTPS
This famous little "s" after the common "http" can leave you wondering...
HTTPS (Hypertext Transfer Protocol Secure) is in fact the secure version of HTTP, the protocol by which data is exchanged between your browser and the website to which you are connected.
The "s" at the end of "http" is therefore used for the term "secure". This means that all communications between your browser and the website are encrypted. The HTTPS protocol is used to protect your users' data and sensitive data, such as payment data.
Why should you migrate?
Firstly, it allows to have a safer browsing. The objective here, thanks to this protocol with encrypted connection, is to secure the exchanges. The information being encrypted, they cannot be intercepted.
Thanks to this certificate, the theft of information and data is no longer possible: this secures the data on your site.
Moreover, this is reassuring for Internet users. Indeed, since January 2017, the mention "not secured" appears next to the url of the connection page if the domain is not secured by an SSL certificate. The warning messages are increasingly visible, which can slow down potential interested customers. Trust is essential to continue shopping online. Since 2018, a red warning with the same "not secure" statement is making its appearance.
Finally, this is part of the important criteria taken into account by the Google algorithm for SEO: a site that is not in HTTPS will therefore be penalized. Indeed, 50% of the sites on the first page of Google are secure, so Google references them better than if they are not.
How to proceed?
Here is a list of good practices and pitfalls to avoid:
1- Generate the SSL certificate: buy or obtain this certificate : it is a data file that links a cryptographic key to the information of an organization or an individual, it's free at a registrar or a host.
2- Activate HTTPS on your servers: depending on your server and the language used, you must activate HTTPS with your certificate for it to be effective.
3- Make sure that the internal links of your site will work: check that the links between the pages are in relative format and not in classic format.
4- Remove mixed content (images, scripts that come from HTTP sites). Make sure they offer HTTPS and change that now.
5- Redirect HTTP to HTTPS: perform 301 redirects from all existing URLs to HTTPS to avoid losing your traffic generated today.
6- Add a canonical URL in HTTPS to simplify the migration by Google: This is in fact the final address of your web page. Add on each page of your website a canonical URL in HTTPS, which will tell Google that it is this HTTPS URL that takes effect.
7- Verify that your SSL certificate is effective: as soon as your site is switched to HTTPS, verify that your SSL certificate is installed.
8- Register the new HTTPS link on Google Webmaster: if you use Google Webmaster, submit your website in HTTPS with a new property. Your website in https is considered in search engines as a new site.
9- Change the URLs on your marketing campaigns and social networks: change the URLs to HTTPS on all your advertising campaigns (Facebook, Google Ads), emailing.
Switching your website to https becomes a necessity and will be beneficial for both you and your customers!