Chrome & Firefox now show regular HTTP web pages as “Not Secure” if the page collects credit card data or passwords. What does this mean for you as a WordPress website owner? In a nutshell, it means you should implement HTTPS on WordPress websites now!
Why is it Important to have HTTPS on WordPress Websites?
Because WordPress is a Content Management System (CMS), it requires a password to be able to edit your site. If you’re running on a regular HTTP connection, this means the password is submitted in plain text and is vulnerable to being intercepted. This means you could give your WordPress username/password to someone without even realizing it.
Enabling HTTPS on WordPress (or any other site) encrypts the traffic between your computer and your website. It ensures that you’re talking to the server that hosts your website and that only that server can read the data that is sent. Basically, it keeps your username and password for your WordPress site safe!
Even if you don’t manage or update your own site, chances are you have someone that does. Implementing HTTPS now is important if your site runs a CMS.
What if I Don’t Have a WordPress Website?
However, in the future, these browsers will be displaying these warnings on all Non-HTTPS pages, so you’re going to need to do this eventually. Otherwise, you risk scaring off visitors from your site. Also, it’s likely that sooner or later, other browsers will follow suit. Whether you do this now or later is ultimately up to you.
Finally, in 2014 Google announced that HTTPS is now a ranking factor in their search results. It’s likely only going to become a more important component in the future. So, implementing a certificate on your website could lead to a boost in your search rankings.
It is now my recommendation that all websites that use a CMS, including WordPress, implement HTTPS. The good news is there’s now a service out that offers these certificates for free.
Let’s Encrypt is an initiative that gives you free, automatically-renewing certificates for your site. This takes a couple of traditional headaches out of the process.
- They’re free.
- They renew automatically.
Traditional certificates cost money up front and also had recurring costs involved when it came time to renew. They were also a pain to update when it was time to renew. You don’t have to worry about either of those with these new certificates.
Have questions about the process? I’ll be glad to help in any way I can.