Some of you out there may not be computer geeks, but it´s immensely important to surf the Internet safely, following some protection requirements that make information sent between the browser and the server encrypted. You should know some of the basic definitions first. Before, sites where called HTTP, which meant “Hyper Text Transfer Protocol”, which sent information between browser and server in plain text. Nowadays, with so many hackers breaking in and stealing vital information, the “S” at the end was added, and what did that mean? Secure, and that´s exactly the difference between them.
While using HTTPS servers, the information sent between server and browser is encrypted, which means that if a hacker breaks in, he would not be able to understand the information he stole. HTTPS servers are regularly related with online banking and shopping, browsers that deal with vital personal information. However, more and more websites are using HTTPS because of the trust message it sends to users; also because of the pressure some browsers such as Google put into them.
With the new Chrome version 62 coming up next month, Google has changed the way of handling HTTP sites; any non HTTPS websites were blacklisted as “Not Secure”. Do you remember that green padlock that suddenly appears when you enter a website? That means that the site is secure.
We have two security protocols that the HTTPS pages usually choose: SSL (Secure Sockets Layer) or TLS(Transport Layer Security). When the famous SSL handshake takes place, it means that all your information is encrypted.
What truly happens next month?
Google, in order to give some punitive incentive to the websites that handled input text and are still HTTP, will show the “Not secure” message to the users in the address bar. This message means that any information you put in can be taken from you by hackers. Google is starting to adopt a policeman role in this subject.
Does this affect my website?
If you have any text input, such as login panels in which you have a user and a password, it does affect you. Everyone that enters your website will see the “Not secure” message, which will give them a not trustable image of your site, persuading the users not to go in your webpage.
How to get a SSL certificate?
Normally you would have lots of options to get it, most of them have the option that generates a Let´s Encrypt certificate. To gain this certificate, you ought to be the website´s administrator, then, you need to know what operating system you´re using, afterwards you go to the Cerbot Website, follow the instructions and you´ll have your certificate, then take care of the mixed content warnings and verify your site on the Google Search Console. Finally, you submit an updated sitemap with the new URL.You have paid certificates and free ones, but they all have the same security level encryption-wise.