Published on January 30, 2017
Serving a site securely over a HTTPS connection with the green padlock in the address bar—enabled by SSL/TLS Certificates—is a fundamental requirement of the secure web. Not only do HTTPS sites increase visitor trust, but they can also help prevent information compromise and even improve how quickly and how many visitors you can serve.
HTTPS is Faster and More Efficient
HTTPS offers a very big benefit you may not be aware of—or even contrary to what you heard in the past: speed.
While HTTPS used to require more more resources to match the non-secured HTTP speed, that’s no longer the case. Thanks to the newer HTTP/2 protocol, HTTPS sites should serve faster on properly configured servers.
Furthermore, faster sites improve user engagement. Anecdotally, we’ve seen increases of approximately 10% in organic traffic and 20% in page views for every second you cut from a page’s load time.
Why? Speed plays a big role in keeping visitors on your site. If a site loads slowly many users—especially mobile—will quickly get frustrated and leave. A great target page load speed is 2-seconds or less, sub-second page loads are even better.
The fraction of a second difference that a HTTPS server can shave off can help you reach those targets.
HTTPS Warnings have Arrived
But if speed alone isn’t enough, changes in browsers should make you reach for SSL today.
Both Firefox and Chrome, used by more than half of web visitors, have begun warning users on sites that don’t use SSL for pages with logins or that take payments.
Chrome security engineer Emily Schechter wrote about SSL last September. “In following releases, we will continue to extend HTTP warnings, for example, by labelling HTTP pages as ‘not secure’ in Incognito mode, where users may have higher expectations of privacy. Eventually, we plan to label all HTTP pages as non-secure, and change the HTTP security indicator to the red triangle that we use for broken HTTPS.”
That “eventually” arrived when Chrome 56 started rolling across the web last week.
If you don’t serve your site over HTTPS, your web visitors will be warned about insecure sites and eventually see a red-triangle warning. Your sites will look broken and untrustworthy. This even applies to the people just logging into your back-end content management interface.
Easily Serve Your Sites via HTTPS Today
Buying and installing SSL Certs typically means a painful back-and-forth experience with arbitrary waiting periods and coordinating between multiple people. But in MODX Cloud, it’s refreshingly hassle-free, and doesn’t require anything from anyone other than a few clicks and about a minute of your time. Done.
Like seat belts and airbags for cars, I think we will look back in the near future and wonder what people were thinking not using HTTPS for sites. HTTPS’ day has arrived.
Log into or sign up for a free trial and experience how simple HTTPS can be.