HTTP2 & SSL

what do you need to know

about http2 and ssl?

If you own a website then Cyber security is a serious business for you. Nowadays we share so much of our private information online that, whether we’re sending an email or doing our online banking, it’s never been as important to know that the page we’re on is secure. The first sign of this is often indicated by that wonderful green padlock in the address bar of the browser, but what about when a page isn’t secure – would you notice? There are some changes afoot in browsers that will help you find out how secure you are, and there are some steps you can take to make sure that your customers know your site is secure too.


Payment gateways

Payments Gateways are all moving to an SSL as a mandatory requirement over the course of 2017. Paypal is the biggest and this happens at the end of June 2017.

This requires at least the website checkout pages to have an SSL in place. Do you need your checkout pages changing to SSL?

Online Security

Improvements

Just recently both Firefox version 51 and Chrome version 56 will start showing warnings when websites served via HTTP – i.e. ones that aren’t using the secure HTTPS version – have a form on them. This means they will actively notify you when they aren’t secure but are asking for your information. The warning will show next to the URL address bar and is part of a long-term plan to show a warning on all pages that aren’t secured with HTTPS.

Until now, when you visited a website using HTTPS you would see a green padlock in the top left of the address bar, but the changes mean it will actually say when web pages collect passwords but don’t use HTTPS, flashing up with a ‘connection is not secure’ warning.

What is HTTPS?

HTTPS (Hypertext Transfer Protocol Secure) is an internet communication protocol that protects the integrity and confidentiality of data between the user’s computer and the site.

Users expect a secure and private online experience when using a website. We encourage you to adopt HTTPS in order to protect your users’ connection to your website, regardless of the content on the site.

ENCRYPTED

All transferred data is safely encrypted and therefore makes no real sense to the web hacker as they do not have the key to decipher it.

AUTHENTICATION

This prevents your website from the so-called man in the middle attacks, when a hacker gets full access to the data transmitted between your site and customers, browsing it.

CONTROLLED

Data integrity is controlled, which means sensitive data cannot be modified in any way during the transfer and without being noticed.

ID VERIFICATION

A certificate guarantees the information a browser is receiving originates at the expected domain. It’s a guarantee that when a user sends sensitive data, it’s being sent to the right place.

TRUST

That green padlock indicates that you take cyber security seriously and helps give users confidence in your website and handling of data.

BETTER SEO

It’s no surprise that Google prefers sites that are trusted and certified. This is because users can be guaranteed that sites will encrypt their information for further security.


HTTPS AND SSL ENCRYPTION

We all want our websites to be secure, especially at a time when even the tiniest of vulnerabilities could have such a huge and devastating impact upon day-to-day business operations. ‘Cybersecurity’ is certainly one of the most important considerations for modern website owners, but it’s never been more important than right now. Why? Because Google is about to change the face of online security forever.

What is an SSL?

So what is an SSL, and why does Google think it’s so important? Quite simply, an SSL, or ‘secure sockets layer’, is a protocol that adds an extra layer of security to your website through the use of encryption. And as an added bonus, an SSL also makes sure there’s a direct link between user and website, removing the need for confidential data to travel between one and the other via a third party.

so why use an ssl?

The obvious answer, of course, is because websites without an SSL are set to be penalised with an ‘insecure’ tag by Google Chrome from July onwards, which could significantly affect user behaviour. However, there are actually many ways in which your website could benefit from a little added security:

BETTER RANKING

If your search engine optimisation efforts aren’t quite delivering the results you’d hoped for, consider whether a lack of SSL is the reason. Google prefers HTTPS websites.

COMMITMENT TO SECURITY

We all understand more about online security than before, and many of us are actively seeking to use companies that demonstrate a commitment to safety.

IMPROVED UX

By using an SSL to encrypt user data, you’re being proactive in minimising the risk of breaches. A smooth transaction can really boost customer experience.

LOW COST

There are many, many different ways that you can choose to add extra security to your website, but very few are proven to be quite as cost effective as a low cost SSL certificate.

Your next step?

Unfortunately, while an SSL looks set to be an essential protocol for websites going forward, implementing and setting up a secure sockets layer can sometimes be time consuming, confusing, and downright frustrating. This is especially true given the recent changes to Google’s certificate transparency logs, which maintain a list of all publicly-issued certificates and identify fakes and frauds.

If your website gathers any sort of personal data from users, such as names, addresses, or financial details, then it’s time to call in the experts.

need an SSL Certificate?

We can work with you to set up your SSL certificate in time for changes coming this July. Give us a call 01282 618210 or...


Customer Support

We have over 15 years experience in building websites and everything that goes with them, so chances are we have experienced your problem before and we will know how to fix it! And if we don’t, we will help you find a solution.

We are driven by our clients satisfaction and are passionate about website design, website development and website functionality.

Need Help?

Managed

hosting

We offer a fully managed hosting service so we take care of the server operating system, security patches (heart bleed / poodle etc). We can also manage your content management system (wordpress), extension and plugin updates.

WordpressMagentoSellerdeckLearn more

make an enquiry

If you require a quote, further information or technical support you can send us your details below and we will be in touch with you as soon as we can!