HTTPS, SSL, HSTS and HTTP/2 – What do these mean and how do they affect your website?

So Many Acronyms!

The world of websites and digital marketing is full of acronyms, with HTTPS, SSL, HSTS and HTTP/2 being some of the newer additions to the list. As we are digital marketing experts – we can dig down into what these mean and why they’re important for your website.

HTTPS

Stands for HyperText Transfer Protocol Secure

HTTPS can be defined as a more secure version of HTTP, keeping user passwords, card details and other personal information safe when a user enters them on a website. The website server and the internet browser you wish to use, are able to send each other messages only each other can read, meaning third party users, hackers and anyone else are unable to eavesdrop on any individual user activity.

Important: From July onwards, Google Chrome will mark all HTTP sites as “not secure” with version 68 warning users about this with an additional notification.

Example of a nonsecure website

As discussed in our previous HTTPS update blog, here are some of the advantages of HTTPS;

Security and Privacy

  • Protects against third party spies and hackers
  • Encryption of all communication – including URLS, browsing history and credit card numbers

Improved website rankings

  • HTTPS websites are able to load much faster than HTTP, which is an influential ranking factor.
  • Studies have found a correlation between HTTPS websites and higher search rankings, however as more and more websites adopt HTTPS this may be less of a significant change.

Potential increase in conversions

  • Several studies have shown that 80%+ of website users would abandon a purchase if their data was sent over a HTTP website.
  • Website insecurity loses consumer confidence and trust – potentially impacting sales for ecommerce websites
  • When HTTPS is in place – users are much more willing to provide personal information including basic enquiry forms.

SSL

Stands for Secure Sockets Layer

In order to move your website over to HTTPS, you will be told that you need something called a SSL certificate. This is an encryption protocol and is responsible for the transport of data between the website server and the user. This encryption is essentially what transforms your HTTP website into the HTTPS version.

HSTS

Stands for HTTP Strict Transport Security

The HSTS policy, which was launched in July 2016, is implemented in conjunction with your move over to HTTPS. It’s not enough to just redirect your website over to HTTPS, the HSTS policy steps in and ensures the server only loads resources in your domain over HTTPS, and not over the old HTTP version. This forces all browsers to use HTTPS only, meaning no unencrypted information is sent over your old HTTP version.

HTTP/2

This is what we consider to be the next step to HTTPS. HTTP/2 is primarily designed to enhance communication efficiencies between the client and the server, with the added security of HTTPS. You cannot have HTTP/2 without the implementation of HTTPS, and we’d recommend this is implemented for any website owner wanting to keep up to date with modern-day internet usage requirements and trends. For example, unlike HTTP, the HTTP/2 optimises performance and security experiences for mobile users.

HTTP/2 is not just beneficial for individual websites – the potential for it has global benefits. With enhanced data communication efficiencies, underserved geographic locations across the world will be able to receive more resources and bandwidth, and network congestion for all users can be reduced. There are also financial benefits, as HTTP/2 can reduce operational expenses for telecom providers, resulting in cheaper internet for everyone – hooray!

Written by Bethany Weatherhead