HTTPS has become a web-standard & one of those practices that every webmaster should follow. HTTPS is great for the security of data as it encrypts the data transferred between users & a website. Especially it protects them from common hacking practices such as data sniffing & man-in-the-middle-attack.
I won’t get much into the technical side of it, but let me quickly give you an overview of how HTTPS is useful for security of users like you & me.
HTTP (Hyper-text transfer protocol) S (secure)
When you open a website using HTTP protocol, or submit a form online, your data is transferred in plain text & a hacker can use sniffer tools to capture the transmitted data & see the information you have submitted. Sometimes which also includes your username & password. When you access a website that uses the HTTPS, the transmitted data is encrypted & your information is secure. This is one reason all banking & e-commerce sites are using HTTPS from day1. Below image shows the difference between HTTP & HTTPS protocol:
From my understanding on this topic, I believe it’s important to have HTTPS even for the blogs, as no middle-man can alter the information. If you are up for learning more about it, I suggest you to read this article on Man-in-the-middle-attack.
You can learn more about Google’s HTTPS everywhere mission with this video;
So far, I haven’t implemented HTTPS here at ShoutMeLoud, which is long over-due & will be done in the coming months.
One reason for the same is the mixed content issue, which I have explained at the end of this article. For now, here is a great news for BlogSpot blog owners, as Google have rolled out free HTTPS for them. In this guide, you will learn everything about enabling HTTPS on your .blogSpot blog & few important things related to it.
How to make your BlogSpot Blog HTTPS enabled for free:
This feature is already enabled for all the BlogSpot.com users. Those users who are using the custom domain name, they need to wait for a while before they can take advantage of it. If you have a blog with .blogspot address, follow the steps mentioned to enable HTTPS for your blog.
- Login to your BlogSpot dashboard
- Click on the dropdown & go to your blog settings
- Go to Settings > Basics & look for HTTPS Settings option
- From the HTTPS availability dropdown, select yes & save the option.
This can be caused by a few things such as images on your blog hosted on HTTP site. Mixed Content errors occur when a web page downloads its initial HTML content securely over HTTPS, but then loads the follow-up content (such as images, videos, stylesheets, scripts) over insecure HTTP.
These browser errors will degrade both HTTPS security and the user experience of your blog. If all your blog images & content are hosted on BlogSpot platform only, you might not face any such error. You can read this help guide to fix it or probably wait for few months before enabling HTTPS.
This feature will be available for bloggers using the custom domain name with their BlogSpot blog in the coming months. I believe most of the serious Blogspot bloggers have already purchased a domain name rather than using generic .blogspot domain address.
Here is official help page for enabling HTTPS on a BlogSpot blog.
I will update you once this feature is available for all BlogSpot bloggers. For now, I would like to hear your opinion on: Is HTTPS important for information based websites? Here are some of the best articles for BlogSpot users from ShoutMeLoud Archive:
Subscribe on YouTube
Very good information sir . i should read this article before buying a domain and hosting. i purchased a hosting without SSL.. so what will I do now?
@Navin
You can use Cloudflare to setup free SSL.
But how can we enable https for custom domain ??
This Articles help me lot and well explained . All my blogger blog now use https. thanks
Great articles. I never really tought that blogspot can also use HTTPS
I don’t see any importance of https for informational website or blogs. This is only important for websites where transactions take place. eCommerce are the best examples. For Blogs they don’t need to be necessarily implemented.
@Ismail
I agree with you but now we all need to enable HTTPS as it has become a major ranking feature.
great article thanks . can’t wait till google come out with HTTS for custom domains as one of my blogs needs that … as for my other blogs I switched them to HTTPS which I would prefer and I am sure my visitors would also .. problem is my pretty apps don’t work with HTTPS so I either have to put up with the errors or remove the apps which I am reluctant to do .. I have contacted my app developed to see if he can make a HTTPS version of them so they will show up . in the mean time I am on HTTP. my blogs are all google verified.. I found your article great and started following you as well .. If you come up with a solution for my issue let me know aye thanks !
whene i enabe i have this message
Editing your template so that it mixes HTTP and HTTPS may affect the security and user experience of your blog when it is viewed over HTTPS ……
any idea pls ???
Thank you Harsh for sharing with us. I’m wondering if there is any trick to enable HTTPS for custom domains on blogger ?
Thanks.i bumped to this article after saw my dashboard setting “https”. Make me wonder how to turn on the setting…
Good article but https most support to e-commerce site because online transection is safe to this site show https.
I don’t see any importance of https for informational website or blogs. This is only important for websites where transactions take place. eCommerce are the best examples. For Blogs they don’t need to be necessarily implemented.
Hai Harsh ,
Is enabling https will effect any changes in SERP ?
Hallo sir
Can I use Https in Custom Domain in Blogger Hosting
So plz Tell me
If we have hosted our blogs on blogspot then https will not work, so I am still yet to find an solution hope Google comes out with an solution for this as most of the custom domains is awaited to use https!
I tried activating https to my blog newandroidphones.in but my blog does not load and instead there will be blank page!
Hi Harsh,
How we handle the site map in this situation for Google Search Console, Where we have two versions of site like Http and Https. Whether it should be two sitemap ? one for http url and other for https url?
Currently I have single sitemap with https url, and I have migrated to https service.
Please help.
Thanks,
Abhishek
how can i know what bad affects, enabling https, caused to my website
@Himanshu
That can be seen by enabling HTTPS & after that if any part of your site is broken like widgets & all, you would know.
I will update my blogspot HTTPS… Thanks for sharing
Nice article bro, but it wasn’t clear for me of how can I make my self hosted wordpress blog into HTTPS? any reference articles you have for that? Thanks in advance for the reply.
Hey Harsh Bro. I wanted to know what I’m Godaddy domains can own Https. Please indicate if so how?