A little bit of statistics: In 2004, Google announced that HTTPS should be used for each site in the web. Google has three main reasons for this shift. This is due to the provision of a secure internet.
Why is it necessary to switch to HTTPS and SSL?
To get access to most sites, enough to use the HTTP protocol. This insecure version of the protocol for transferring data between a web server and a browser on your computer or on your gadget. Remember how you were afraid to enter card details on websites when shopping online? Yes, but attackers are interesting not only credit cards.
Google has identified three reasons for the protection of its site using HTTPS and SSL. These reasons are simple: authentication, data integrity, and encryption. These three reasons provide answers to most questions that webmasters are facing in the process of communication in the web.
Authentication allows you to resolve the issue of verification of ownership of the website. There are people who create exact copies of sites, and seek to divert traffic to it in an attempt to steal it from you. Most often, people know to check for green lock in the browser before entering sensitive information online. You can go ahead and check whether the SSL-certificate to a site with which it is associated.
Data integrity is related to the fact whether the data can be tampered with during transmission. If your site is not protected, attackers can distort the data transmitted from the server back to the client. As a result, the form that the customer fills out and sends you passed hackers.
The encryption associated with the security of communication between the client and the server, so nobody can read the data. It is crucial to many commercial sites. It is always important to protect information that is transmitted during the purchase of goods, it is equally important to encrypt data that is sent via forms.
Why 2017 will be the year of SSL?
Even in 2014, Google said that an HTTPS site will receive an additional signal to the ranking of search results. It’s very good for business, because Web sites often compete for space in the search. Google also said that they will not penalize sites that are accessible over HTTP. Yes, at least, the algorithm will not do.
In September 2016, Google noted that since January 2017 they will be taken into account HTTPS protocol in Chrome 56. If the page does not have a certificate and sends valuable user data and passwords, credit card data, then the page will be marked as unsecure. This corresponds to the Google plan for tagging all HTTP sites as unsafe.
Google conducted a study that showed that visitors do not consider the absence of the lock icon as a warning about unsafe pages. For this reason, Google has decided to take an extra step to notify users and site visitors in a browser that the site, which is visited by people, is unsafe, and entering their data on it is done at your own risk.
In addition, as part of its long-term plan, Google will include here also a contact form. While it’s not so bad, but in the future we will need to take care of switching to HTTPS. 2017 will be a year HTTPS and SSL.
There is no question of whether or not to switch to HTTPS. The question is, exactly when to do it. In 2017, every new project will include HTTPS and SSL. We want every site is safe, especially WordPress sites. Matt Mullenweg from Automattic, WordPress creator of the project, is in favor of all the sites on WordPress were HTTPS, and in the future he plan to add some options that will be available only to users with HTTPS WP.