Glossary
security
HTTPS
Definition
The secure version of HTTP, using encryption to protect data between websites and visitors. Indicated by a padlock icon in the browser.
What is HTTPS?
HTTPS (HyperText Transfer Protocol Secure) is the secure version of HTTP, the protocol used to send data between your browser and websites. HTTPS encrypts this data, protecting it from interception.
HTTP vs HTTPS
HTTP
- Data sent in plain text
- Can be intercepted and read
- No security verification
- Shows "Not Secure" warning
HTTPS
- Data encrypted
- Cannot be read if intercepted
- Certificate verifies website identity
- Shows padlock icon
Why HTTPS Matters
Security
Protects sensitive data like:
- Login credentials
- Payment information
- Personal details
- Form submissions
Trust
Visitors see the padlock and feel safer. "Not Secure" warnings drive people away.
SEO
Google confirmed HTTPS as a ranking factor. Secure sites rank better.
Functionality
Many modern browser features require HTTPS:
- Geolocation
- Camera/microphone access
- Service workers (PWAs)
Compliance
GDPR and other regulations effectively require encrypted data transmission.
How HTTPS Works
- You install an SSL/TLS certificate on your server
- Browser connects and receives the certificate
- Browser verifies the certificate is valid
- Encrypted connection established
- All data transferred securely
Getting HTTPS
Free Options
- Let's Encrypt (most hosts offer this)
- Cloudflare (free tier includes SSL)
Paid Certificates
- Extended Validation (EV) certificates for maximum trust indicators
- Wildcard certificates for subdomains
- Rarely necessary for small businesses
Migrating to HTTPS
- Get SSL certificate
- Update internal links to HTTPS
- Set up 301 redirects from HTTP
- Update Google Search Console
- Update external links where possible
Most hosts make this simple. If your site isn't on HTTPS yet, that should be an immediate priority.