When you are building a new site these days all the cool kids are building their sites “Secure”.
What does SECURE mean?
Should you build your site SECURE too?
That’s a great question for today!
Back when, all sites were not secure. Everyone had http at the beginning of their URL. Online banking and financial institutions started encrypting the data that was transferred over the internet. That’s so that someone couldn’t just listen in and see your password, social security number and so on.
Remember when Facebook had two different versions? They had a Secure and Not Secure website available for a while. Now when you log into Facebook you’ll notice that the little green padlock and the S at the end of http.
You’ll see that also on Twitter, Instagram and pretty much every social site you visit these days. AreWeConnected.com is Secure too! HTTPS is the bomb!
That secure function comes from…
#1: Listing your site as https: in your WordPress Dashboard,
#2: Listing it as such in your Hosting Dashboard,
#3: Having a corresponding SSL Certificate that matches to your site. It used to be tha you had to pay for these. Nowadays some hosting companies offer free versions. For the DYI types you can even skip the host and do it yourself with https://letsencrypt.org/
Those three items all work together and will get you started. If your site is blank – yeah! You’ll be miles ahead. If your site already has content you’ll have a lot of work ahead of you.
Here’s why. Just because you have done #1 thru #3 that doesn’t mean that the page will render securely. For it to do that, everything that loads, everything that makes the page what it is, all of it now needs to come from a secure server! It’s that chain of security that provides your browser a green lock.
Not getting a Padlock? You might also get a warning from your browser.
Some items that break that chain of security might be simple little scripts, or images that you are pulling in from somewhere else, or old style YouTube embed codes (before YT went secure). Real estate has an issue with this as a lot of site like to use an IDX. That IDX creates pages of homes. The problem with that is that most MLS sites are currently not pushing out that info from a secure server. You might log into a secure server to upload the pics and description into your MLS, but the public side (the part that the IDX pulls from) comes from an http server. Because of this, if you want an IDX and HTTPS on your site right now I would wait. IDX companies and MLS organizations are working on the issue- but until they get it figured out IDX will generally break your HTTPS site.
NOTE: The embedded podcast for this post comes from a secure server. You can see how that’s important, right?
I hope that better explains what SECURE vs Not SECURE means. If you have a question there’s a form below.
Latest posts by Mike Mueller (see all)
- How to “properly” build a WordPress Website - February 13, 2018
- Secure or Not Secure? - February 6, 2018
- What’s the difference between a Domain Name and Hosting? - January 30, 2018