HTTPS has become a web-standard & one of those practices that every webmaster should follow. HTTPS is great for the security of data as it encrypts the data transferred between users & a website. Especially it protects them from common hacking practices such as data sniffing & man-in-the-middle-attack.
I won’t get much into the technical side of it, but let me quickly give you an overview of how HTTPS is useful for security of users like you & me.
HTTP (Hyper-text transfer protocol) S (secure)
When you open a website using HTTP protocol, or submit a form online, your data is transferred in plain text & a hacker can use sniffer tools to capture the transmitted data & see the information you have submitted. Sometimes which also includes your username & password. When you access a website that uses the HTTPS, the transmitted data is encrypted & your information is secure. This is one reason all banking & e-commerce sites are using HTTPS from day1. Below image shows the difference between HTTP & HTTPS protocol:
From my understanding on this topic, I believe it’s important to have HTTPS even for the blogs, as no middle-man can alter the information. If you are up for learning more about it, I suggest you to read this article on Man-in-the-middle-attack.
You can learn more about Google’s HTTPS everywhere mission with this video;
So far, I haven’t implemented HTTPS here at ShoutMeLoud, which is long over-due & will be done in the coming months.
One reason for the same is the mixed content issue, which I have explained at the end of this article. For now, here is a great news for BlogSpot blog owners, as Google have rolled out free HTTPS for them. In this guide, you will learn everything about enabling HTTPS on your .blogSpot blog & few important things related to it.
How to make your BlogSpot Blog HTTPS enabled for free:
This feature is already enabled for all the BlogSpot.com users. Those users who are using the custom domain name, they need to wait for a while before they can take advantage of it. If you have a blog with .blogspot address, follow the steps mentioned to enable HTTPS for your blog.
- Login to your BlogSpot dashboard
- Click on the dropdown & go to your blog settings
- Go to Settings > Basics & look for HTTPS Settings option
- From the HTTPS availability dropdown, select yes & save the option.
This can be caused by a few things such as images on your blog hosted on HTTP site. Mixed Content errors occur when a web page downloads its initial HTML content securely over HTTPS, but then loads the follow-up content (such as images, videos, stylesheets, scripts) over insecure HTTP.
These browser errors will degrade both HTTPS security and the user experience of your blog. If all your blog images & content are hosted on BlogSpot platform only, you might not face any such error. You can read this help guide to fix it or probably wait for few months before enabling HTTPS.
This feature will be available for bloggers using the custom domain name with their BlogSpot blog in the coming months. I believe most of the serious Blogspot bloggers have already purchased a domain name rather than using generic .blogspot domain address.
Here is official help page for enabling HTTPS on a BlogSpot blog.
I will update you once this feature is available for all BlogSpot bloggers. For now, I would like to hear your opinion on:Â Is HTTPS important for information based websites? Here are some of the best articles for BlogSpot users from ShoutMeLoud Archive:
HTTPS is great for confidence too. Plus, Google says it considers SSL to prioritise appearance in search results (but to a very minor degree). Nonetheless, for those wondering if it’s possible to get that elusive https green lock in the address bar, yes you can. And it’s free of cost!
I have a self-hosted WordPress blog and I use Cloudflare CDN (free) to keep my site super fast. The great thing about Cloudflare is it also lets you use a “Flexible SSL.” Give it a shot.
May be I’ll write a detailed step-by-step at a later date.
very helpful post . I try to make my new web site Hyper-text transfer protocol. your article is beneficial . Harsh Agrawal thank for sharing .
Very educating!
Even though I see the enormous benefits, I doubt if I would be able to pull this through myself. I will have to talk with an expert, just to make sure nothing is lost in the process.
Thanks Harsh
Hi Harsha
Lot of people have confusion about HTTPS but it is important for blog. Thanks for the useful post…
Ah ah !!!
It is high time that blogspot introduce a new feature. But unfortunately I can’t use this feature because I use a custom domain. Waiting for the time when they enable its for custom domain. BTW thanks Bro
Hi Harsh,
It is fa speciality of your each blog post that you always notify pros and cons of each thing. I am not using blogpost for blogging but this feature will be really helpful for those who are working on it. Some flaws may reside in the new feature but as the time passes, things get clearer and more useful.
Hi there. I found your site by way of Google even as searching for a similar subject, your web site got here up. It seems to be great. I’ve bookmarked it in my Google bookmarks to come back then.
Hello harsh
I am reading your blogs since 2 years.
I have a query, by which tool you make such beautiful photos to use in blog ?
(like the first one in this post)
Harsh, thanks for the blog, but sadly its not available for my custom domain blogspot blog, how much time it will take to available for custom domain or any other information you have about custom domain with HTTPS?
Hlo Harsh, I want to know more about SSL Certification.
Hi Harsh Agrawal,
HTTPS is very important for Blog.i am confused about it.Thanks for Detailed information very helpful for me.Keep up it.
Thanks @Bilal. It’s a good concept to know & benefits of it.
Awaiting for https in custom domain
Yah, it would be pretty effective then. I guess they would roll out for all in couple of months.
Hi Harsh,
Can we can turn on HTTPS for custom domain using CloudFlare SSL?
Yes, @Harsh. They have said that they will enable it for custom domains too within some months. This time, they are testing it on Blogspot domains.
I wish they give it for free… 😀
Why this feature is not for custom domain?
I guess they rolling out in phases & in few months it would be available for all BlogSpot users.
It’s technically complicated to give valid SSL certs (that are working on any browser) for many different domains on a shared server. CloudFlare has done so, so I guess Blogspot will do it at some point.
i will update my blogspot HTTPS… Thank You for Share..Good Job
Hello Harsh,
What is the name of the plugin you used showing in your top widget? The one that shows social media buttons and counters. Another thing is the optin form as well… Thanks in advance.
– Felix
@Felix
That’s not a plugin. It’s custom coded by ShoutMeLoud WordPress developers.
Thank to inform
Seen it but waiting when this feature will be available for custom domain.
Thank you for sharing information for blogger user.
share some blogger SEO tips @harsh
Or Give me a link
There are any effects on my blog in terms of SEO If I Enable HTTPS to My Doman..?
@Bharath
It’s an official search engine ranking factor. It should affect your organic ranking positively.
It should be beneficial, just make sure you use proper (301) redirects for all your content to HTTPS version once you switch over, otherwise you may lose old backlinks and have issues with duplicate content.
Hi Harsh
very nice article and well explained. but still I am confused to opt HTTPS option for my blog need your advice on this harsh.
How can I make HTTPS:\ on WordPress?
Any plugins that you recommend?
This plugin hasn’t been updated in over 2 years, but its still useful for https in wordpress. I recently use in my client project.
https://wordpress.org/plugins/wordpress-https/
For installation go through https://wordpress.org/plugins/wordpress-https/faq/
make sure all your assets & images have https path