Marissa Russman

Internet Marketing Consultant, SEO

The Foundational Elements of Securing Your Website

Although website security has become expected and demonstrates clear advantages, fewer than .1% of websites are HTTPS-secured. There are several measures that businesses can take to ensure online security of their visitors’ data, but oftentimes, standard methods of encryption go unused. Without proper online security, a brand may offer a poor customer experience with data insecurity warnings or endure a security breach. It’s essential to understand the basics of securing your website and the common challenges to improving online security. The following actions can help brands ensure their websites are secure.

Preparing for Website Security: Converting SSL Certificates

The first step to creating security on a website is transitioning your site from HTTP to HTTPS. This is called “Converting SSL Certificates.”

What are SSL Certificates?

Secure Sockets Layer (SSL) Certificates are key to protecting sensitive information and securing an HTTPS site. They create an extra layer of security between a business and its customers and verify to both consumers and Google that a site is a trusted online source. These SSL certificates are granted by online certificate authorities, such as Digicert. The people working there look into the authenticity of a website before issuing a certificate. Once an SSL certificate has been verified, the website will become an HTTPS site.

Switching From HTTP to HTTPS

Hyper Text Transfer Protocol Secure (HTTPS) is the secure version of HTTP. It is the protocol over which data is sent between your browser and the website that you are connected to. The “secure” in HTTPS indicates messages between your browser and a website are encrypted. HTTPS protects online transactions such as online shopping order forms and banking interactions.

The risks of security breaches and hackers in HTTP make it wise to transfer. According to Google, converting HTTP websites to an HTTPS format is the preferred protocol for ensuring all online information remains secure. A bonus benefit is the small SEO ranking boost businesses receive when operating under this protocol.

Addressing Challenges With Conversion

As with any site change, problems can arise when implementing these new security protocols. During Rise’s work on website redesign projects, we were alerted to one of the most common challenges of establishing website security: SSL certificate errors. We uncovered two main problems with SSL certificates, how to discover these, and how to resolve them.

Security warning image from https://blogs.msdn.microsoft.com/ieinternals/2009/06/22/handling-mixed-httpshttps-content/
 

Problem 1: Mixed Content

  • Definition: A secure (HTTPS) website contains outsourced content from a non-secure (typically HTTP) site. The secure site will recognize the missing layer of security of the outsourced content.
  • How to identify: Moz Crawl Reports and Google Chrome identify the SSL issue on the site and send an SSL Certificate Error message. Brands can see a “Mixed Content” report in Chrome browser’s JavaScript Console.
  • Example: An image file in an HTTPS site links to an HTTP site, resulting in a non-secure linking connection.
  • How to fix: To determine if your site is experiencing mixed content issues, use the JavaScript Console in Chrome or search for HTTP (or HTTPS) signals in your page’s source code. Once you’ve identified the mixed content, you will be able to either remove the content entirely or properly convert it to the same protocol as your site.



Unreliable certificate error image from http://www.paulc.eu/webcms/modules/smartsection/item.php?itemid=198
   

Problem 2: Unreliable certificate authority

  • Definition: The SSL certificate came from a non-credible certificate authority.
  • How to identify: Error messages indicate an unreliable certificate or domain connection, with messages such as, “Certificate not trusted” or “Your connection is not private.”
  • Example: Some untrustworthy domain authority sites claim to provide a free SSL Certificate, which can lead to frequent problems like customers encountering warning messages that the certificate is not trusted or it ends up being a less reliable, slower source of SSL Certificate layer.
  • Customer Implications:When you have an unreliable certificate authority, customers receive a warning indicating that their personal information may not be secure when visiting your site. This can lower customers’ trust in your brand which often decreases site traffic.
  • How to fix: To correct the unreliable certificate error, you must acquire an SSL Certificate from a trusted certificate authority such as GoDaddy or Digicert. An SSL Certificate through a certificate authority ensures a fast, stable experience for your site visitors.
 

The Bottom Line

When managing sensitive information online, security should be a top priority. If your business has not done so already, upgrading your website to the secure HTTPS protocol will ensure customer information is protected by the security it needs. Large-scale website changes come with challenges including SSL Certificate errors, but securing your website prevents the damage that happens from security breaches and protects your brand with a seamless customer experience.

To receive more information about trending topics in digital media, sign up for our monthly newsletter.

11/04/2016 at 07:42

You might be interested in:

Blog / SEO

Top 3 Site Design Errors That Kill Organic Traffic

Read More

Websites are not meant to be static properties. Updates and redesigns that add useful new [...]

Blog /

4 Best Practices for Improving Email Deliverability

Read More

It’s a marketer’s worst nightmare: After spending days—or even weeks&mdash [...]