HTTPS, the secure version of HTTP, encrypts the connection between a visitor's browser and a website's server, protecting any data exchanged between them — from login details to payment information. Sites using it show a padlock icon in the browser's address bar; sites without it are increasingly flagged as "not secure."
How HTTPS Protects a Connection
- Encryption — scrambles data so it can't be read if intercepted in transit
- Authentication — confirms visitors are genuinely connecting to the real, intended site
- Data integrity — prevents data from being silently altered while in transit
Why It's No Longer Optional
- A confirmed Google ranking factor, favouring HTTPS sites over HTTP ones
- Required to process any kind of payment securely
- Modern browsers actively warn visitors away from non-HTTPS sites
- Essential for protecting any login forms or personal data collected on a site
Setting It Up
HTTPS requires an SSL/TLS certificate — most hosting providers now issue one for free automatically through Let's Encrypt. Once installed, a plugin such as Really Simple SSL can handle migrating an entire existing WordPress site from HTTP to HTTPS with minimal manual work.
« Back to Index