Typically all the websites have been using the common http SSL also termed as ‘intermittent S SL’. Do you think it is that safe? The answer is No! Since, it protects only certain pages, like logins and transactions and the remaining site is completely exposed and vulnerable to attacks. It doesn’t provide any protection against data theft or hacking and is similar to the situation when in a bank you lock the main door and keep the lockers open.
The major search engine Google also is encouraging the use of https for every site, and few days back in one of its blog posts it mentioned that ‘We hope to see more websites using HTTPS in the future,” and also that “Security is a top priority for Google.” “We invest a lot in making sure that our services use industry-leading security, like strong HTTPS encryption by default. That means that people using Search, Gmail and Google Drive, for example, automatically have a secure connection to Google” wrote Bahajji and Illyes.
Google cares about security and to back the use of https has also announced to reward that completely secure websites will rank higher. The plan is to give more weight or better search ranking results to sites that are HTTPS encrypted.
So does https will affect search rankings? Yes, but probably not that much as Google described HTTPS has a “very lightweight” signal affecting very few searches. This is what it said – “For now it’s only a very lightweight signal — affecting fewer than 1% of global queries, and carrying less weight than other signals such as high-quality content — while we give webmasters time to switch to HTTPS. But over time, we may decide to strengthen it, because we’d like to encourage all website owners to switch from HTTP to HTTPS to keep everyone safe on the web. “
As part of its efforts to encourage the use of HTTPS for sites, Google will publish detailed best practices for the strategy in the coming weeks to help make TLS adoption easier, wrote Bahajji and Illyes. However, they have mentioned some basic tips to get started.
- Deciding what kinds of certificates they need, whether they are single, multi-domain or wildcard certificates, while also ensuring they use 2048-bit key certificates
- Use relative URLs for resources that reside on the same secure domain
- Use protocol relative URLs for all other domains
- Website owners should also set up their HTTPS sites so they don’t block crawling using robots.txt
- Allow indexing of your pages by search engines where possible. Avoid the noindex robots meta tag
In all aspects it seems wise making a move from an “http” site to a fully “https” secure site. This way we can 100% ensure that every interface we had with every page of the website is completely encrypted. The cookies store a user’s session, protecting login and transaction areas alone doesn’t prevent hackers from stealing them and then using them to reestablish the website sessions and gain access to all kinds of sensitive data.
However, there is also a flip side to using https. The number one disadvantage can be that it is very costly as it requires the installation with an entrusted server and there your identity must be validated. The famous SSL providers charge exorbitant. Another downside that we could consider is how the websites perform; using HTTPS for a web request will be relatively slower than using HTTP. There would be more intensive CPU usage, required. Other downside is a lack of caching which will obviously affect speed. So, where there are some cons to using https there are pros as well of using the SSL. It is particularly required when there is a need of giving personal information. If you have a trust seal, definitely your customers will trust you even more and your business will be safe.