Green light indicates doors are secured

Monday, November 14, 2016
mproctor

[av_image src=’https://ambergreeninternetmarketing.com/wp-content/uploads/2016/11/ssl-note.jpg’ attachment=’6517′ attachment_size=’full’ align=’center’ animation=’no-animation’ styling=” hover=” link=” target=” caption=” font_size=” appearance=” overlay_opacity=’0.4′ overlay_color=’#000000′ overlay_text_color=’#ffffff’][/av_image]

[av_one_full first min_height=” vertical_alignment=” space=” custom_margin=” margin=’0px’ padding=’0px’ border=” border_color=” radius=’0px’ background_color=” src=” background_position=’top left’ background_repeat=’no-repeat’]
[av_textblock size=” font_color=” color=”]

Green Light Indicates Doors Are Secured

[/av_textblock]
[/av_one_full]

[av_one_full first min_height=” vertical_alignment=” space=” custom_margin=” margin=’0px’ padding=’0px’ border=” border_color=” radius=’0px’ background_color=” src=” background_position=’top left’ background_repeat=’no-repeat’]
[av_textblock size=” font_color=” color=”]
What’s up?

As you arrived on the site today you no-doubt noticed that you were redirected to a secure url and were presented with a wee padlock next to the url.  The Ambergreen site is now fully HTTPS compliant throughout.

But what does that mean?

Well I’m glad you asked.  Basically it means that when people visit our website, the data sent to our server and back is encrypted in between.  On the old HTTP only site, someone could potentially get in the middle of that process and read the stuff being passed between the browser and the server. Now they can’t.

A good analogy is that of passing a note across the room in primary school – your http note can be opened by anybody in the note-passing chain and they’ll know exactly what you’re sending.  An https note can only be understood by the final recipient (as they have the key) – anyone else in the chain will see encrypted nonsense if they open it for a look.
[/av_textblock]
[/av_one_full]

[av_one_full first min_height=” vertical_alignment=” space=” custom_margin=” margin=’0px’ padding=’0px’ border=” border_color=” radius=’0px’ background_color=” src=” background_position=’top left’ background_repeat=’no-repeat’]
[av_textblock size=” font_color=” color=”]
For our site there are 2 main benefits.  The first is from a search perspective – because Google mentioned back in 2014 that they were rewarding sites that use HTTPS with higher search visibility.  We don’t accept payment details or have external logins, which is why it’s so important for e-commerce clients or businesses holding sensitive data to use SSL certificates, but at least we can be confident that no one is able to tamper with our staff photos.
[/av_textblock]
[/av_one_full]

[av_one_full first min_height=” vertical_alignment=” space=” custom_margin=” margin=’0px’ padding=’0px’ border=” border_color=” radius=’0px’ background_color=” src=” background_position=’top left’ background_repeat=’no-repeat’]
[av_textblock size=” font_color=” color=”]
Quoth Google:

“HTTPS sites receive a small ranking boost, but don’t expect a visible change. Google uses HTTPS as a positive ranking signal. This signal is one amongst many others, and currently carries less weight than high-quality site content; you should not expect a major SEO advantage for moving to HTTPS in the short term. In the longer term, Google may increase the strength of the HTTPS boost.”
[/av_textblock]
[/av_one_full]

[av_one_full first min_height=” vertical_alignment=” space=” custom_margin=” margin=’0px’ padding=’0px’ border=” border_color=” radius=’0px’ background_color=” src=” background_position=’top left’ background_repeat=’no-repeat’]

[av_textblock size=” font_color=” color=”]
The “should not expect a major SEO advantage” line was the main reason we didn’t make the migration to SSL a priority.  Anecdotally, I’ve seen little evidence of tangible visibility benefits in search engine results pages, plus we’re typically pretty busy working on client sites in the SEO team, so we sometimes need a kick to remember to spend time on the Ambergreen site.

The kick, and the second reason for migrating is related to Google’s long term plans for Chrome – in January this year they’ll start warning Chrome users when they arrive on a non-HTTPS page that collects passwords or credit cards as non-secure.

This is the first stage of a “long-term plan to mark all HTTP sites as non-secure”.

non-secure-warning

It doesn’t take a UX specialist to figure out that a big red warning shouting “Not Secure” at the top of your site might impact your conversions, and damage your brand, so we set aside some time to get it implemented.
[/av_textblock]

[/av_one_full][av_one_full first min_height=” vertical_alignment=” space=” custom_margin=” margin=’0px’ padding=’0px’ border=” border_color=” radius=’0px’ background_color=” src=” background_position=’top left’ background_repeat=’no-repeat’]
[av_textblock size=” font_color=” color=”]
Bit of tech: We’re using a free SSL from LetsEncrypt (a non-profit backed by some of the internet’s big boys) it’s bang up to date, with strong encryption tech and is set to auto renew.  It was relatively straightforward to implement (compared to battling with Plesk to generate encryption keys via 3rd party providers, it was a walk in the park).  Would recommend for sites like this one (for e-commerce and data-sensitive sites I’d consider extended validation certificates – but for non-transactional/informational sites, it does the job very well.)
[/av_textblock]
[/av_one_full]

[av_one_full first min_height=” vertical_alignment=” space=” custom_margin=” margin=’0px’ padding=’0px’ border=” border_color=” radius=’0px’ background_color=” src=” background_position=’top left’ background_repeat=’no-repeat’]
[av_textblock size=” font_color=” color=”]
That’s great.  Is there any more exciting news?

Well yes – in addition to the HTTPS, we’re also now serving the site over HTTP/2.

Wow – that sounds remarkably similar to the one you just mentioned.

Yes – it does. But it isn’t.  Our Technical SEO Executive Chris Schofield describes it as “sick”.

It’s a revision of the HTTP standard that ultimately allows the site to load into browsers a lot faster.  Rather than waiting on a load of different requests from a browser as it figures out what makes up the website, our server now goes “here’s all the stuff I think you need” and pushes a bunch of them at the users browser over one connection (standard http needs multiple connections for multiple requests and responses).

That’s why it loaded so quickly when you checked it out this morning.

You can read more about HTTP/2 over here.

So the Ambergreen site is a little faster and a lot more secure.  If you’d like to know a bit more about what’s involved in either of those processes (it varies depending on the type of site you have) just get in touch for a chat.
[/av_textblock]
[/av_one_full]