Alert Properties | Alert Description |
---|---|
Alert Name | Website does not feature HTTPS security |
Code | S01 |
Description | Website is not secured enough for users, and is vulnerable to data leaks. |
Level | Error |
This alert gets triggered when your website is not enabled with the HTTPS
secure protocol.
HTTPS (Hypertext Transfer Protocol Secure) is an internet communication protocol that protects the integrity and confidentiality of data between the user’s computer and the site. Users expect a secure and private online experience when using a website.
Web search engines like Google encourage users to adopt HTTPS in order to secure their connections to the website, regardless of the nature of the website content.
Data sent using HTTPS is secured via Transport Layer Security protocol (TLS), which provides three
key layers of protection:
To know more about HTTPS protocol, check out Google webmasters article titled “Secure your site with HTTPS.”
To create a secure website connection, an SSL certificate is critical. This certificate can be generated and obtained through a Certification Authority (CA).
You can get a free SSL certificate from Let’s Encrypt, a popular CA that provides certificates in the interest of creating a safer Internet: https://letsencrypt.org/. For more information on SSL, check this article: Get an SSL certificate for your domain.