We’re Changing the Sites with SSL to Default to HTTPS
With the recent SSL changes to the web, we’ve made it easier to obtain and install SSL certificates on your hosting account. There’s a new SSL interface where you can buy a yearly SSL certificate or enable Let’s Encrypt, a free, open-source SSL alternative. While in the midst of buying, enabling, and installing your SSL certificate, it’s easy to forget to make sure your site serves over HTTPS instead of HTTP. So on April 25th, we’re going to start automatically switching your sites to serve over HTTPS if you have an SSL certificate.
HTTP vs HTTPS: A Quick Summary
HTTP stands for Hypertext Transfer Protocol. This protocol is used to transport media between a client and a server. The client is something like your web browser and the server is what a website is stored on. So, when you use your web browser to visit a website, the interaction is fielded through HTTP. However, HTTP is unsecure. It does not encrypt the data that is transmitted between your browser and the website. This leaves the data open for exploitation. This may not seem like a big deal, but think about the number of sites that use login credentials, store user information, and, of course, process monetary transactions.
To keep such information safe, sites can install an SSL certificate. These certificates operate over a different version of the HTTP protocol. Instead of the unsecured HTTP, sites with SSL will use HTTPS protocol to actively encrypt information that is transferred between the visitor and the website.
The process for installing an SSL certificate on a website usually involved manually switching the site over from HTTP to HTTPS. However, now pair Networks accounts will automatically shift your site over to use HTTPS when you add an SSL certificate. No manual change needed.
So You’ll Be Defaulting to HTTPS Now?
We’ll only be defaulting to HTTPS if you’ve installed an SSL certificate. If you don’t have an SSL certificate, your site will keep using HTTP. However, we do recommend looking into an SSL certificate. Some search engines are now penalizing sites that don’t have them installed. While this should be a smooth transition, some possible issues may arise. If you have issues, you may want to check out our troubleshooting article: I Have SSL, but My Browser Says My Site is Insecure.
What if I don’t want to use HTTPS?
Though we don’t recommend this, if you don’t want to use HTTPS, you can force your site to revert to using HTTP. You can see more about the process of forcing your site to use HTTP in our article, How to Change Your Site From HTTPS to HTTP.
Why do this?
We feel that this feature will make it easier for pair Network users to implement SSL on their sites. As society continues to grow dependent on the web to operate, security has been spotlighted again and again as something that should not be underestimated. We wanted to make it easy for our customers to secure their sites, thus protecting themselves, their sites, and their visitors. We want you to succeed and are happy to supply you with the tools you need to do so.