Not moved to HTTPS yet? Best get your skates on

Getting on with search engines.

Ten months after it was announced by Google, it looks like the secure web is here to stay. And about time too.

Security is key to protecting users on the web, especially in a world full of hack-attacks and compromised data. Going forward TLS support will become the standard for all communications across the Internet – so why are so many web-sites still using insecure communication?

It’s odd that so many of the top agencies in the UK still refuse to move their sites to TLS/HTTPS and we don’t have a straight answer why. After all, it’s not hard to do and if you really have the best interests of your customers and their data at the centre of your communication is seems mad not to.

Wikipedia using httpsIn August last year Google announced it was to favour the HTTPS method (versus HTTP) of accessing all of it’s services and encouraged the outside world to follow suit. We’re now starting see the big boys move over to using secure comms. Recently, WikiPedia recently moved to “HTTPS all the time” after concerns over government (not necessarily our own) surveillance.

Going secure with WordPress

We published a short article at the end of last summer covering the hows and the whys for us as our last insecure digital service moved over to TLS. It was important to us, and to our clients’ need so we even offered a fixed-price migration service to existing customers and every new client since then has gone TLS, as it’s called.

More recently (Jan 2015) we discussed the pros and cons of going secure and whilst we actually said there was was no rush we made it clear you should have a plan.

If you have that plan, it’s time to execute it. We’ve banged on the secure drum for years now, as have Google and others, to little effect. I suspect Google just tipped the scales in the direction of HTTPS and suspect there will be a headlong rush into “going HTTPS”.

After the success of Google bullying everyone into using responsive sites 2 months ago I strongly suspect they’re just going to get on with it.

If you’ve got a WordPress-site and need a hand to go TLS then give us a shout – we’ll have you sorted in no time at all. Or you can access the Google Dev document on TLS, and remember to tell Google about it, properly.

Interestingly, when we last checked in January ’15 just 2 of the top 50 WordPress agencies in the UK were using HTTPS. A check today shows this number has grown 300% to 6, including WordPress themselves and one of their wholly-owned subsidiaries. It’s an improvement, but a poor showing for remaining 43, I think.