Follow

FAQ: HTTPS and HTTP/2

During the first half of 2017 sites on the Tempest platform were transitioned to serve all pages using HTTPS. The benefits, as well as a few other details, are explained in this document.

What is HTTPS?

HTTPS (Hypertext Transfer Protocol Secure) is an internet communication protocol that protects the integrity and confidentiality of data between the user's computer and the site. HTTPS provides a secure, encrypted communication channel to ensure privacy (nobody can “listen” to your web activity) and data integrity (nobody can modify your web activity) while browsing the web.

Why transition to using HTTPS?

There is an industry-wide push to move to HTTPS as the standard for all web traffic to improve security and privacy for everyone using the internet. To encourage adopting HTTPS, Google began to introduce HTTPS as an SEO signal in 2014. Modern browsers are also beginning to introduce visual signals to help users browse the web more safely. Google recently announced that eventually Chrome will label all HTTP pages “Not secure.” Additionally, HTTPS pages receive a performance benefit from being able to use new HTTP/2 features, which are only supported with HTTPS. In summary, the transition to HTTPS will improve SEO, user security, and page speed performance.

What is HTTP/2?

The HTTP version is a specification for how HTTP is expressed “on the wire.” HTTP 1.1 was standardized in 1997, and is beginning to show its age. In 2015 the HTTP/2 specification was published by a working group including many major internet companies and browser vendors. HTTP/2 is designed to improve performance by transferring data on the wire more efficiently, and improving how multiple simultaneous requests and responses are handled. The benefits of HTTP/2 are only available to sites that adopt HTTPS.

Why do embeds have to be secure?

In 2016 the Tempest CMS began requiring that new embeds be secure in preparation for migrating sites to HTTPS. For a page to be secure, all content on the page, including images, embeds, analytics trackers and advertisements, must also be secure. When a secure page attempts to load insecure files it may result in a mixed-content warning (for static content such as images) or a blocked request (for dynamic content such a javascript). To ensure that embeds work properly on secure pages, the embeds must also be secure.

How does HTTPS impact ads?

Most advertisers are already using HTTPS as a default, since HTTPS is used across most major platforms and search engines. The ads managed by Say Media are served via HTTPS. However, if you accept ads from an advertiser directly, you must make sure they provide a secure version of their ad tags. Many browsers will not load certain types of insecure ad tags on secure pages.

How does HTTPS impact Google Webmaster Tools?

If you use Google Webmaster Tools, a new property was added to your account for the HTTPS version of your site when it was migrated. If you would like to access Google Webmaster Tools for your site, please ask Tempest Support to provide you access.

Is my sites on HTTPS?

All sites were migrated to HTTPS during the first half of 2017. All originally HTTP sites are now switched to HTTPS when they migrate to Tempest.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.
Powered by Zendesk