Jamie Balfour

Welcome to my personal website.

Find out more about me, my personal projects, reviews, courses and much more here.

Google's great idea of HTTPS

As a web developer, it is becoming increasingly harder to make your website become recognised as number 1 in searches with Google (although I still am the number 1 Jamie Balfour :P ) since Google is making changes all the time to the way they rank websites.

One of these changes that Google has brought across is that of the requirement of a mobile based website. They currently rank websites without a mobile website as being incompatible and therefore rank them lower than ones which do adhere to the standard.

The newest enforcement that Google has thrown at website is that of requiring HTTPS, that is an SSL or TLS certificate, on your website. Now I'm going to admit that I only recently adhered to this due to the fact I was using CloudFlare which did not permit me to use HTTPS (it did provide SSL but the URL did not show HTTPS on it).

This requirement is a good requirement since HTTPS ensures two things. The first of those is to ensure that the website you are visiting is what it says it is, meaning that you are not connecting to a website that is not the one you want to visit. The second reason is that HTTPS ensures that all content is encrypted, so it means that the content you receive is not some malicious JavaScript or whatever and that you get what you hoped for. It also means that if you login to a website the user name, password etc. is all encrypted so no one can just open it. All of this is fairly important nowadays and I'm glad Google is enforcing this across their search engine because if they didn't I don't know who would!

Now I would say that this is a good idea since it means that since my website uses SSL it will be ranked higher. But I also believe this is good because this also encouraged me to implement SSL, even though my website is personal and not necessarily going to be used for transactions. This will benefit me personally for my login system as well as for my blog logins. 

Most importantly, I feel that this is the correct move since a lot of us are now using public WiFi. Before HTTPS became a requirement, any website could use standard HTTP and therefore not encrypt data. On an unsecured public network this data can be read by anyone. This means, for example, anyone in the café that you happen to be in surfing your webmail or visiting some online shop.

There's more in the Google I/O conference here.

Posted in Web Development
google
mobile
enforce
enforcement
push
http
https
io
rules
Comments
Powered by DASH 2.0