It’s Time to Migrate Your E-commerce Site to HTTPS (Here’s How)

When we talk about the connection between SEO and website security, one of the first points typically mentioned is the importance of an SSL certificate. Of course, there’s more to maintaining an e-commerce site’s security than an encrypted and secure HTTP connection. However, with changes Google made with its recent release of Chrome 62, this is one security measure you can no longer afford to bypass.

Google now marks all HTTP pages with data entry fields collecting any type of personal information as “Not Secure” when visitors:

  • first enter the site
  • attempt to enter data into a form field
  • view a page in Incognito mode

 

It is Google’s mission to create a safer web, and they suggest that an SSL certificate is necessary site-wide. As was explained in the Chromium blog announcement, “Passwords and credit cards are not the only types of data that should be private. Any type of data that users type into websites should not be accessible to others on the network.”

One of the ways Google is creating a safer web is by penalizing websites that remain on HTTP with this security warning. There could be serious ramifications for e-commerce sites, in particular, that don’t abide by Google’s strongly suggested change. So, let’s talk about how you can add an SSL certificate to your site and swiftly migrate to HTTPS, which will help you hold on to your current customers’ loyalty and trust while also instilling a sense of security in new visitors.

Here is how to do it:

1. Know Which Type You Need

All SSL certificates are not created equal – so you need to know which would be the best choice for your business. There are three types of SSL certificates you can choose from:

  • Domain Validated Certificate
  • Organization Validated Certificate
  • Extended Validation Certificate

Because e-commerce sites need (and want) to gain the full trust of customers, you shouldn’t skimp on security. For this reason, you should consider investing in an extended validation SSL certificate, which, of the three, provides the highest level of trust and security.

2. Buy the SSL Certificate

Before running out to buy an SSL certificate, check with your web hosting provider or shop builder to see if they offer one with your hosting plan. For example, Shopify forces HTTPS for all stores hosted by them. If you do have to look elsewhere, check with a CDN and security provider like CloudFlare or one like Comodo that specializes in e-commerce security.

3. Migrate Your Site to HTTPS

Your web hosting provider should have an area in the control panel where you can upload your SSL certificate (for example, here’s WP Engine’s explanation on how to do this on WordPress). Once it is installed, your entire site will instantly move over to HTTPS.

4. Add a 301 Redirect

Migrating to HTTPS at the server level should migrate your entire site, including image paths and internal links. If that doesn’t happen, however, your store could be in serious trouble. A “Not secure” warning isn’t good for business, but a mixed content warning that blocks users from accessing your store is downright bad. Don’t let that happen. Be sure to create 301 HTTP redirects to ensure that all content on your site is served through HTTPS.

5. Activate HSTS

There is no way to inform customers that you’ve made the switch to HTTPS, so you need to activate HTTP Strict Transport Security, or HSTS. This will automatically redirect everyone to your new secure site path. You can do this through your web server.

6. Update Google

Both Google Analytics and Search Console need to be updated with your new https:// domain. Once you’ve updated your accounts, create a new sitemap (for both desktop and mobile) and send to Google to re-index.

7. Test

With your site migrated and Google notified, make sure Google has re-indexed your site in its new HTTPS state and that everything looks fine. You can do this by using Fetch as Google (probably wait a week or two to do this).

As the owner of an e-commerce website, you’re well aware of how many points of engagement you hope for with customers. If your site currently remains on HTTP and your visitors arrive from a Chrome browser, you may be compromising your ability to safely communicate with them. By migrating to HTTPS and adding a new layer of encryption to your store, you’ll give customers just one more reason to trust you.

About Endicia

Endicia is a leading provider of internet-based postage services that make it easier and more affordable to ship parcels through the U.S. Postal Service®. We know that shipping can be complex and our goal is to simplify your shipping operations so you can focus on doing what you do best. Visit us at endicia.com to learn more.

Ramon Ray

He’s a bestselling author, event producer, journalist, technology geek and speaker. In short, he is simply passionate about helping small businesses thrive. Ramon actively pushes his readers and listeners past their comfort zones, leaving them with the tools and the mindset for taking their business to the next level.

Share
Published by
Ramon Ray

Recent Posts

How to Navigate the CUPW strike 

12-17-24 Update Effective December 17, 2024, Canada Post resumed operations and will be accepting new…

4 weeks ago

USPS HOLIDAY SHIPPING RATE INCREASE STARTS OCTOBER 3

The United States Postal Service (USPS) is temporarily raising rates for select package services from…

3 months ago

 2024 USPS Rate and Service Changes

Last updated September 10, 2024 At least once a year – and sometimes multiple times…

3 months ago

How Carriers Like FedEx, UPS, and USPS Are Turning to Dynamic Pricing

This year, we have seen fixed pricing on postage rates is becoming less common as more…

4 months ago

What Are Demand Surcharges and How Do They Affect Your Mailing & Shipping Costs?

What are demand surcharges? Demand surcharges are extra fees that shipping carriers add during busy…

5 months ago

 2023 USPS Rate and Service Changes 

Welcome to our United States Postal Service Updates blog, the hub for staying in the…

1 year ago