Not so long ago, only e-commerce sites and other sites that handle secure information used HTTPS, the secure (encrypted) version of the protocol for web communications. But nowadays, it is increasingly common for any site to use HTTPS. There are many reasons to use HTTPS on your site, but here are 5 big ones:
A couple years ago Google announced that HTTPS will be used as a ranking signal. This means that sites that use HTTPS will get a small boost in SEO juice. While Google states this will start as a “very lightweight signal” they have stated that they may decide to increase it over time.
Google has announced beginning in July 2018 Chrome will mark all HTTP sites as “not secure”.
The speed test at www.httpvshttps.com shows there is a significant speed advantage for HTTPS. This may be a surprise to some, as historically running over an encrypted connection was considered slower. This has changed with HTTP/2.
All major browsers support HTTP/2, the latest version of the protocol of the web. But there is a caveat – they only support it over secure connections. The speed test at www.httpvshttps.com is really comparing HTTP 1.1 with no encryption versus HTTP/2 with encryption. HTTP/2 offers significant performance improvements, so having your site load over HTTP/2 can improve the page load speed significantly, but it only works if you use HTTPS.
This, of course, is the original and most important reason to use HTTPS. The other reasons are really just nudges to encourage us to make the web more secure. HTTPS connections are encrypted. This helps ensure that no one is eavesdropping on your communications. HTTPS is required for any forms that capture credit card data, and any sites that capture sensitive data including login credentials. It also prevents a proxy from injecting content such as advertising into your site.
Okay, it’s not really a reason to use HTTPS, but it’s a good reason not to not use it. The SSL certificates required to run a site over HTTPS used to be expensive. You can now obtain free digital certificates from the Let’s Encrypt certificate authority. Another free option is to use the Cloudflare CDN.
HTTPS is not a panacea. Just because a site has HTTPS, does not mean everything is safe and secure. There are many threats to information security out there. But HTTPS is becoming a ‘must have’ for just about every website.3 people recommend this