, ,

Your Webmaster: The Master of Some, Sometimes, When Possible

What do a VCR, a fax machine, a Walkman, and the term Webmaster have in common?

They’re all obsolete.

Yes, Webmaster is an outdated term.

It’s the year 2017; websites are interactive, dynamic, and imperative to business operations. They are the central command center for a robust, multi-faceted marketing approach.

In a way, a website is an organism. It is a complex system that only works well when various independent parts work together in harmony. If you look at your website under a microscope, what would you find?

Perhaps SEO and social media would serve as the respiratory system, breathing in new life…maybe passwords, firewalls, and encryption protocols are the skin, white blood cells, and spleen…the server could be the heart…the content management system could be the brain…with scripts and code transporting information and lifeblood like nerves and veins.

To look after and “maintain” these independent parts, many of us turn to a single web development company, a contractor, or look to hire someone in-house. Once on-boarded, briefed, and everyone is happy, we give our new “Webmaster” the keys to the city, and task them with the responsibility to:

“Look after all this, don’t let anything break, and build something that will make our company great. Oh, by the way–do all of this fast and on a limited budget.”

Ten years ago, you might have gotten away with this type of arrangement. Just like 200 years ago, the town had one doctor, who made his rounds on a horse and buggy, providing you with a one-size-fits-all treatment, regardless of whether or not you had syphilis, polio, or a broken arm from battle.

“Here’s a shot of bourbon, rub some dirt on it. I’ll notify the morgue, so they can free up a bed.”

I realized I wasn’t a Webmaster…

For a while, I considered myself, and all of Orpical Group, Webmasters. In my opinion, part of this misconceived notion comes from Google and Bing, who both subliminally knight us every time we claim and verify a client’s website for search engine optimization (SEO).

It wasn’t until June 2017 however, when I fully realized I wasn’t a Webmaster, nor did I want myself, or Orpical Group, to be perceived as one.

I always considered us a marketing agency and business consulting firm, but further verification (and understanding of what that meant) really took place once we made the conscious decision to focus a large portion of our time into developing a specialty web service under the growing web security spectrum. The productized-service: GOGET SECURE was born.

This post isn’t a sales pitch for GOGET SECURE, but I want to quickly share some background info on the brand, our motives behind it, and its initial reception to further emphasize how absurd our views of what a Webmaster is can be.

When I started cold prospecting…

At its core, GOGET SECURE is a 51-point proprietary process (it’s actually more now, but 51 still sounds cool) that we developed at Orpical Group to make websites more secure. The service safely, smartly, and thoroughly switches a website from HTTP to HTTPS. As far as we are aware, it’s the only branded SSL Installation and HTTPS Migration Service in the world.

In making the switch to HTTPS, businesses are able to encrypt the connection between their website and a user’s browser. This ultimately results in increased credibility and trust from prospects and customers, improved conversion rates, and higher search rankings.

When we decided to conduct our initial outreach, we aimed to first identify websites that weren’t on HTTPS. In addition, we looked for websites that had login forms or other areas on their website that collected sensitive information, like passwords or credit cards. We developed an app called Bandit that would find these types of websites, then generate a report and browser screenshot showing that the website was “Not Secure”.

Basically, we took this information and gave a courtesy heads-up to business owners and executives. Our message was simple. “Hey, your website is being shamed (flagged) by Google and other search engines and browsers. We have a specialty service, the only one of its kind, that can help you fix this to better secure your site.”

And prospects shut me down hard because they “have a guy” that handles their website already.

I quickly realized that most of my prospects were passing my report along to their existing Webmaster.

Thankfully, some kind souls did get back to me. Those that did agree to chat with me were hesitant and really put up their guard. But, I am immensely appreciative of those opportunities, mainly because they confirmed my suspicions that I wasn’t crazy.

“We already have a Webmaster.”

“Our website is managed currently by another company.”

I was thwarted like this over and over again. I’m not going to lie, it got frustrating.

So, I started to reply rather bluntly: “If you have a guy, why hasn’t this important security protocol been added to your website yet?”

As an agency, we understand the value of having a Webmaster on call to handle most of your website needs. It’s like having a family doctor when you get hit with a cold.

In fact, we provide clients with general web maintenance services, so we would be a giant hypocrite if we advocated totally against it. With that being said, we developed GOGET SECURE because many Webmasters are not fully dedicated to search engine optimization, server configuration, and encryption. In addition, many are simply unaware of the importance of HTTPS themselves, therefore they have not acquired the knowledge and skillset to encrypt your website. This did not happen overnight for us. We have invested tremendous resources (1000+ development hours) to be able to call ourselves experts in SSL Certificates and HTTPS.

So, is your Webmaster a bad guy? A crook? Digital Pirate? Con? No, we’re not saying that. Nor are we saying that they are incompetent. What it boils down to is this:

Webmasters are freaking busy and frankly a little overwhelmed.

When it comes to something hyper-focused like HTTP to HTTPS migrations, your Webmaster isn’t always going to have 100% understanding and laser-focus. Not a big deal. After all, I wouldn’t want my family doctor performing open-heart surgery.

More times than not, the person managing a website is running around week-to-week, day-to-day, switching gears to meet priorities and deadlines.

A “webmaster” is your modern-day chicken with a head chopped off, working on dozens of things to keep you happy: plug-in and theme updates, designing and developing new content, sometimes hosting your website, UI/UX testing, fixing bugs, analyzing data, pick your poison. Oh, and there is dealing with the marketing department…Good luck, Mr. Webmaster!

Working with multiple agencies and vendors is the way to go.

Doesn’t your family doctor refer you out-of-office for additional diagnosis and treatment when it’s out of their capabilities? Isn’t there a reason why doctors affiliate themselves with hospitals and medical centers?

In the web development industry, there is plenty of work to go around. As our clients, you are relying on us to deliver our expertise, creative services, and technical support. With the growing complexities of the web and digital marketing, it’s foolish to think that anyone of us can cover all bases.

So, I learned that we are a marketing agency and business consulting firm. What does that mean? To me, that means that we’re essentially a hub for your web, marketing, and business operations. There are days when I might look at you and say, “We need to bring someone else in here,” and then I’ll make an introduction to a partner, or vendor that I have personally vetted and trust. There are other days, when I will say, “Oh yea, that’s right in our wheel house.”

Finding the right balance and the right partnerships is key. Embodying the web via a lone webmaster is virtual suicide.

“If you want to go fast, go alone. If you want to go far, go together.”

,

Why You Need HTTPS for Your Website

Do I need and SSL Certificate? 

Not necessarily, but it’s probably the best way to get HTTPS.

Do I need HTTPS for my website?

Absolutely.

HTTPS connections are enabled when an SSL certificate is configured for a website on a web server. For the record, there are other ways to enable HTTPS, like TLS (Transport Layer Security); this is why we said “not necessarily” in our initial response.

SSL Certificate Advantages

There are many advantages to using a commercial SSL Certificate over open encryption protocols. For one, SSL Certificates are offered by a trusted certificate authority. These authorities provide various types of SSL Certificates based on validation type and domain coverage.

You can also place warranty claims in case of misuse or data breach. In addition, most SSL Certificate warranties start at $10,000, come with a trust seal, and can usually be extended up to 3 years.

Why You Need An SSL Certificate HTTPS for Your Website

We want to be clear: every website is a little different. That’s why we’re rewriting the discussion here. You shouldn’t first be asking “Do I need an SSL Certificate for my website?” You should first be asking “Do I need HTTPS for my website?

With that being said, SSL Certificates are the most common, and most trusted way to enable HTTPS on your website. But why do you need HTTPS for your website? It boils down to five key reasons.

Trust

HTTPS notifies users that all data provided from the website they are visiting is trustworthy and has not been altered. Users are starting to get messages from browsers when they visit a web page that is Not-Secure. Sites with HTTPS display a “Secure” message, helping build trust.

Confidentiality

HTTPS confirms that all the activity complete on the website will be encrypted. This also means that the website and activity cannot be visible to someone who is trying to sniff through network traffic.

Protection

HTTPS protects sensitive information. Website users want to be confident that their sensitive information, such as credit card or personal information, stay secure and do not fall into the wrong hands.

Search

Security is a top priority for Google. They invest a lot in making sure that their services use industry-leading security, like strong HTTPS encryption by default. Now, more than ever, they are putting emphasis on HTTPS in the search ranking algorithms.

Conversions

Obtaining a SSL Certificate and converting your website properly over to HTTPS will result in a more noticeable, confidence evoking web address bar. This combined with user trust and physical trust seals equals more conversions.

Summary

Do you want data on your website to be visible to potential malicious use? Want potential customers to assume that you are not trustworthy? Looking forward to losing search engine rankings and missing out on more conversions?

If the answer is no to all of the above, then you know why you need HTTPS for your website.

Make Your Website HTTPS

There are many things that need to be done to properly switch your website to HTTPS. For example, choosing the right SSL certificate, server configuration updates, and 301 redirects are some of the challenges that businesses face during migration.

GOGET SECURE by Orpical Group helps alleviate these challenges. As the only specialized, branded SSL Installation and HTTPS Conversion service in the world, GOGET SECURE helps businesses secure their website quickly and affordably with zero interruption.

Our HTTPS migration process and tools have been refined over countless website conversions. In turn, this provides us with a unique capability to fully secure the connection of your website, while allowing time to make other optimizations that are often overlooked or negated.

Make the Switch to HTTPS

Contact us for a free quote to convert your website from HTTP to HTTPS.

,

2017 Data Breaches Draws Attention to Small Businesses

When word dropped that Equifax, one of the three largest credit agencies in the U.S., suffered a breach from a “website flaw that could have been easily fixed”, people started to take notice. With more than 143 million people having lost their personal details, there’s no wonder why Equifax is facing questions from legislators and the public.

Think about this: there are roughly 326 million people in the United States today (9/14/2017). 143 million consumers would represent about 40% of the country’s population.

With that being said, web and cyber security isn’t just for the Fortune 5000 companies like Equifax, Chipotle, Gmail, and DocuSign, who all faced data breaches this year. While big names make headlines, attacks against small businesses have fallen under the radar.

Per Bryan Seely, a network engineer famous for hacking into the FBI: “Most small-business owners don’t think they’re at risk. As a result, it’s fair to say they are indeed ill-prepared to safeguard against an attack.”

Seely adds, “That the problem is that most small-business owners don’t know where to begin when it comes to ramping up their web and cyber security.”

The problem is that most small-business owners don’t know where to begin when it comes to ramping up their web and cyber security.

But, it doesn’t need to be that way. There are plenty of easy things that can be done in-house, such as regularly running software updates, updating passwords, and making sure that your data and files are backed up routinely.

Beyond that, relying on web and IT professionals for security products and services will continue to be a growing trend–for good reason. There isn’t any single task that will prevent your website from being hacked, your customer’s data being compromised, or the integrity of your company being potentially jeopardized.

Implementing a multi-layered approach is the best line of defense. While the inevitability of an attack looms, the outlook may seem bleak, and investing in security perhaps not worthwhile. But that couldn’t be further from the truth.

Did the U.S. Men’s National Team hang up their skates when everyone said they couldn’t beat the Russians in the 1980 Olympics? Did Bill Gates give up on Microsoft Office when WordPerfect was the dominant word-processor at the time? Did Hannibal retreat his 20,000 member army at Cannae when a superior Roman force of 72,000 warriors were bearing down on their throats?

Failing to prepare is preparing to fail. The only way to beat the odds is to get on an even playing ground. Educate yourself on best practices, seek guidance on where you might be most vulnerable, patch any weaknesses, and develop a security response plan for potential incidents and recovery.

Request Web Security Consultation

About Orpical Group

Orpical Group is a full-service online marketing agency. Based in New Jersey (NJ), we specialize in logo design, branding, web design and development, search engine optimization (SEO), and search engine marketing (SEM).

Since 2012, we have helped our clients realize and sustain high levels of individual and organizational performance. We don’t believe in a one-size-fits-all marketing approach. We believe in our clients. And our clients believe in us because we are invested in success.

, ,

Why Secure Your Website With HTTPS

The green padlock and little Secure message you see in the URL bar on some websites (including ours) looks pretty snazzy, doesn’t it?

Per ColorPsychology.org, the impact that colors have on our brains is used to manipulate our decision making.

The color green is no exception. It is a color that carries a lot of weight.

The color green:

  • Provides a strong emotional correspondence with safety.
  • Suggests stability and endurance.
  • Symbolizes trust, loyalty, wisdom, confidence, intelligence, faith, and truth.
  • Slows human metabolism and produces a calming effect and tranquility.

Those are pretty powerful and positive emotional responses, especially when your website users are the end recipient.

Securing your website with HTTPS, however, has benefits beyond what simply meets the end user’s eye, or a recognizable green notification in this case.

Secure HTTPS websites have proven results in conversion rates, rank higher in search results, and provide brand boosting capabilities. On top of all of that, it’s the responsible way of the web.

Data Encryption

Arguably the most important reason of having a secure HTTPS website is encryption.

The secure message you see in your URL bar comes from first obtaining an SSL (Secure Socket Layer) or TLS (Transport Layer Security) Certificate. From there, a number of changes are made to your web server and website to make it more secure.

Both SSL and TLS are cryptographic protocols that provide communications security over a computer network. When active on your website, they are what enable another protocol known as HTTPS: HyperText Transfer Protocol Secure.

For a web browser such as Google Chrome, Safari, Firefox, or Internet Explorer to access a website it needs to be able to communicate with it in a language they can both understand.

Historically, HTTP, the “not secure” version of HTTPS has been fine for this type of communication, with the exception of websites with ecommerce capabilities, or forms that obtain data like credit cards or sensitive personal information.

Like most things with the web, HTTP has become outdated. And recently it has been hammered by key browsers and search engines.

As a whole, web security is a growing concern. In fact, a report from the TRUSTe/National Cyber Security Alliance (NCSA) Consumer Privacy Index reveals that more Americans are worried about their data privacy than they are about losing their main source of income.

HTTP vs HTTPS

Having a not secure website (HTTP) is a lot like making out with your significant other in public: everyone can see your business.

On the contrary, a secure website (HTTPS) provides you with a space to safely conduct your business “behind closed doors”. In other words, a passerby cannot eavesdrop in on your session.

HTTPS is simply a more mature way for a browser and a website to communicate.

If your website is strictly on HTTP, let us be the first to tell you: PDA (public display of affection) isn’t cool. It’s time to “get a room”.

Improve Trust & Conversions

You are either building trust, or destroying it.

When it comes to relationships, trust can take years to build. But when it comes to your website, you don’t have years. You have seconds.

A series of experiments by Princeton psychologists Janine Willis and Alexander Todorov reveal that all it takes is a tenth of a second to form a first impression.

So, with that being said, take a second and decide which website you would choose to interact with from the options below.

What Website Would You Trust?

Option A:

Option B:

Option C:

Why You Likely Chose Option B

The three options that you just glanced at are the current options (written August 15, 2017) for how a website will appear in the address bar of Google Chrome, which makes up roughly 60% of the desktop browser market share.

In January 2017, Google Chrome began to mark HTTP pages that collect passwords or credit cards as non-secure, as part of a long-term plan to mark all HTTP sites as non-secure.

So, what does that mean exactly?

Simply, this means that even websites that display like Option A, which currently doesn’t look that bad, will begin to look like Option C, pending they are not converted to HTTPS.

Assuming that you prefer Option B, you confirmed a well-known web marketing truth. And a reason to switch to HTTPS beyond getting shamed by Google and other browsers:

Trust seals help convert.

It’s pretty obvious why most of us choose this option at a glance. Option B is green. It says “Secure” and even has a padlock symbol that we associate trust with.

Things become obvious after the fact though. And the fact here is this:

48% of online shoppers do not trust a website without a valid trust seal. In addition, an SSL Certificate can increase conversions up to 87%.

What you see in Option B is an opportunity to constantly reinforce trust. Migrating your website fully over to HTTPS provides a trust seal (in the address bar) with the opportunity to add a secondary trust seal (perhaps in the footer, sidebar, or other areas on your page).

As a user navigates a website on HTTPS, they will be reminded (over and over again) that the connection they are on is “Secure”. This promotes the confidence that is needed to ultimately convert a visitor to a lead or sale.

Increase Search Rankings

If protecting your user’s data and increasing your conversions aren’t enough for you, then this should do it.

Search Engine Optimization (SEO) is an accumulation of strategies, techniques and tactics used to increase the amount of visitors to a website by obtaining a high-ranking placement in the results page of a search engine (SERP) — such as Google, Bing, Yahoo and other search engines.

If you’re wondering why we simplify the above description to “strategies, techniques, and tactics”, it is because Google uses a BEASTLY algorithm that includes about 200 ranking factors.

And guess what?

Having an SSL Certificate and a website on HTTPS is part of the algorithm.

Don’t take this from us–take it directly from Google, who made this announcement first in 2014.

Since then, a lot has obviously changed. But one thing has remained the same, the importance of HTTPS in regards to search rankings is steadily growing.

Just check out this year’s progression of HTTPS websites that fill up Page 1 search results per Dr. Pete Meyers of Moz:

Another important consideration for SEO is site usability and bounce rate. As we explored in the previous section, sites that are secure are likely to have higher conversion rates.

As result, we should expect the average duration of users on secure HTTPS websites to be relatively higher than HTTP websites. Again, good for SEO.

What this further demonstrates is that we are in the Age of Encryption. Securing your website is not just a responsible web practice, it provides brand boosting capabilities that can positively impact your bottom line.

Make Your Website HTTPS

There are many things that need to be done to properly switch your website to HTTPS. Things like choosing the right SSL certificate, server configuration updates, and 301 redirects are some of the challenges that businesses face during migration.

GOGET SECURE by Orpical Group helps alleviate these challenges. As the only specialized, branded SSL Installation and HTTPS Conversion service in the world, GOGET SECURE helps businesses secure their website quickly and affordably with zero interruption.

Our HTTPS migration process and tools have been refined over countless website conversions. This in turn provides us with a unique capability to fully secure the connection of your website, while allowing time to make other optimizations that are often overlooked or negated.

Make the Switch to HTTPS

Contact us to learn more about SSL Certificates and for a free quote to convert your website from HTTP to HTTPS.

,

HTTPS and SSL are Not the Same Thing

FAQ: Are HTTPS and SSL the same thing?

No. Many people will use the acronyms interchangeably. And while HTTPS and SSL can and should be used in the same sentence, they are not synonymous.

Just like peanut butter and jelly, HTTPS and SSL, create a nice one-two punch, but outside of their relationship, they are strong independents. They are the Marvin Gaye and Tammi Terrell of web communications.

The Technical Definitions

SSL

SSL, short for Secure Sockets Layer, is a standard security protocol for establishing encrypted links between a web server and a browser in an online communication. The usage of SSL technology ensures that all data transmitted between the web server and browser remains encrypted.

A certificate is necessary to create an SSL connection. There are many different kinds: check out this guide for more info on the different types of SSL Certificates. Once purchased, validated, and installed, two cryptographic, a Private Key and a Public Key, are created.

HTTPS

HTTPS is a communications protocol for secure communication over a computer network which is widely used on the Internet. HTTPS consists of communication over Hypertext Transfer Protocol (HTTP) within a connection encrypted by Transport Layer Security, or its predecessor, Secure Sockets Layer.

The Layman’s Version

HTTPS connections are enabled when a SSL certificate is configured for a website on a web server. To make matters more confusing, you could also use TLS (Transport Layer Security) to obtain HTTPS.

Either way, without setting up a TLS/SSL certificate a web browser can only access websites via HTTP and all data sent to the server can be read over the network. This is becoming increasingly problematic, especially as major search engines and web browsers begin to put more stock in HTTPS.

Still Confused?

We find that the easiest way to remember the relationship between SSL and HTTPS is to sing tune:

Ain’t no mountain high enough, ain’t no valley low enough, ain’t no river wide enough, to keep me (SSL) from getting to you babe (HTTPS).

Make the Switch to HTTPS

Contact us to learn more about SSL Certificates and for a free quote to convert your website from HTTP to HTTPS.

About Orpical Group

Orpical Group is a full-service online marketing agency and business consulting firm. With locations in New Jersey and Philadelphia, we specialize in logo design, branding, web design and development, search engine optimization (SEO), and pay per click management.

Since 2012, we have helped our clients realize and sustain high levels of individual and organizational performance. We don’t believe in a one-size-fits-all marketing approach. We believe in our clients. And our clients believe in us because we are invested in success.

,

Different Types of SSL Certificates Explained

Tall, Grande, or Venti?

Just like Starbucks coffee, SSL Certificates come in different shapes and sizes. However, unlike your favorite cup of Joe, a slip up in your order can set you back more than a few fluid ounces.

Knowing what type of SSL Certificate you need ahead of time will make securing your website less difficult, save time, and prevent unnecessary administrative costs and third-party expenses.

In this post, we’ll explore the different types of SSL Certificates based on two groupings:

  1. Validation level
  2. Secured domains

SSL Certificates by Validation Level

When you purchase an SSL Certificate, you need to show the Certificate Authority that you are who you say you are. There are a couple of different types of SSL Certificates based on the method that you choose the confirm your identity.

Domain Validated SSL Certificates

The Domain Validated SSL Certificate (DV certificate) validates that the domain associated with the SSL Certificate is registered. To validate this type of SSL Certificate, you simply need to have someone with admin rights approve the certificate request.

Validation is typically performed over email or DNS. The email recipient is asked to prove their administrative privileges over the domain by acknowledging receipt and sending confirmation to the provider. Additionally, they may be required to configure certain DNS records for the associated domain.

On average, it usually a few minutes to a few hours to order and validate a DV certificate.

Organization Validated SSL Certificates

The Organization Validated SSL Certificate (OV certificate) validates the domain ownership, plus organization information included in the certificate such as name, city, state and country.

The validation process is similar to the domain validated certificate, but it requires additional documentation to certify the company identity. The order can take from a few hours to a few days, due to the company validation process.

The Organization Validated SSL Certificates display the company information in the certificate details, not the address bar.

Extended Validation SSL Certificates

Extended Validation SSL Certificates (EV certificates) require more validation than DV and OV Certificates.

Domain ownership, organization information, and legal proof and documentation are all required. The order can take from a few days to a few weeks, due to the extended validation process.

A green address bar in the browser containing the company name is the distinguishing attribute of Extended Validation Certificates.

 

SSL Certificates by Secured Domains

An SSL certificate is also further defined by the amount of domains that it secures.

Single-name SSL Certificates

Single-name SSL certificates protects one subdomain (hostname).

For example, if you purchase a certificate for www.example.com it will not secure blog.example.com.

Wildcard SSL Certificates

Wildcard SSL certificates protect an unlimited number of subdomains for a single domain.

For example, if you purchase a certificate for *.example.com it will secure blog.example.com, mail.example.com, etc. However, it will not secure example2.com.

Multi-Domain SSL Certificates

Multi-domain SSL certificates protect different domains with a single certificate, using the SAN (Subject Alternative Name) extension.

You can generally secure a combination of different host names, from the same or different domains. For example, example.com, blog.example.com, example2.com, and different-example.com,  would all be covered.

Get Help Choosing the Right SSL Certificate: Migrate to HTTPS

Selecting the right SSL certificate and migrating to HTTPS doesn’t need to be a hassle.

GOGET SECURE by Orpical Group provides professional web security specialists to assist in the HTTP conversion process. This allows business owners to obtain the proper SSL Certificate for their website, and ensure that installation and conversion to HTTPS is done properly and thoroughly.

GOGET SECURE is the only specialized, branded SSL installation service in the world. We have a unique process and proprietary information that enables us to streamline conversions. We do not provide a “quick and dirty” solution. We manually modify your server’s configuration and update old files and URLs.

Make the Switch to HTTPS

Contact us to learn more about SSL Certificates and for a free quote to convert your website from HTTP to HTTPS.

About Orpical Group

Orpical Group is a full-service online marketing agency and business consulting firm. With locations in New Jersey and Philadelphia, we specialize in logo design, branding, web design and development, search engine optimization (SEO), and pay per click management.

Since 2012, we have helped our clients realize and sustain high levels of individual and organizational performance. We don’t believe in a one-size-fits-all marketing approach. We believe in our clients. And our clients believe in us because we are invested in success.

,

HTTPS What Does it Mean

You’ve probably seen it only a million times browsing the web: HTTP and HTTPS.

But do you know what it means?

HTTP stands for HyperText Transport Protocol

For the layman, HTTP is a language for information to be passed back and forth between web servers and clients.

When you visit a website, and look at the address in the web browser and it starts with http:// this means that the website is communicating with your browser using an ‘insecure’ language.

As result, it is possible for someone to “eavesdrop” on your computer’s conversation with that website. So, if you fill out a form on the website, someone might see the information you send to that site. Hence why you never want to send sensitive information, like credit cards and passwords, on a HTTP website.

HTTPS is the “Secure” version of HTTP

On the flip side, when a web address begins with https://, or is displayed in green with a padlock symbol, you are on a secure connection. Sensitive information that is sent over HTTPS is encrypted. This means that your computer is talking to the website in a code that no one can eavesdrop on.

Originally, HTTPS was intended for e-commerce websites. But now, HTTPS is becoming the standard for web communications because of its advantages over standard HTTP.

Advantages of HTTPS

Trust

HTTPS notifies users that all data provided from the website they are visiting is trustworthy and has not been altered. Users are starting to get messages from browsers when they visit a web page that is Not-Secure. Sites with HTTPS display a “Secure” message, helping build trust.

Confidentiality

HTTPS confirms that all the activity complete on the website will be encrypted with HTTPS. This also means that the website and activity cannot be visible to someone who is trying to sniff through network traffic.

Protection

HTTPS protects sensitive information. Website users want to be confident that their sensitive information such as credit card or personal information stay secure and do not fall into wrong hands.

Search

Security is a top priority for Google. They invest a lot in making sure that their services use industry-leading security, like strong HTTPS encryption by default. Now, more than ever, they are putting emphasis on HTTPS in the search ranking algorithms.

Convert HTTP to HTTPS

Converting your website from HTTP to HTTPS doesn’t need to be a hassle.

GOGET SECURE by Orpical Group provides professional web security specialists to assist in the HTTP conversion process. This allows business owners to obtain the proper SSL Certificate for their website, and ensure that installation and conversion to HTTPS is done properly and thoroughly.

GOGET SECURE is the only specialized, branded SSL installation service in the world. We have a unique process and proprietary information that enables us to streamline conversions. We do not provide a “quick and dirty” solution. We manually modify your server’s configuration and update old files and URLs.

Make the Switch to HTTPS

Contact us for a free quote to convert your website from HTTP to HTTPS.

About Orpical Group

Orpical Group is a full-service online marketing agency and business consulting firm. With locations in New Jersey and Philadelphia, we specialize in logo design, branding, web design and development, search engine optimization (SEO), and pay per click management.

Since 2012, we have helped our clients realize and sustain high levels of individual and organizational performance. We don’t believe in a one-size-fits-all marketing approach. We believe in our clients. And our clients believe in us because we are invested in success.

,

Why is My Website Not Secure?

“How dare you say my website is not secure Google — you don’t even know me!”

With nearly 60% of the browser market share, Chrome is no longer the new kid on the block, it’s popping off!

And whether we like it or not, Google seems to know what’s best for us and the web as a whole.

That’s why they have made it a priority this year to mark non-secure pages containing password and credit card input fields as Not Secure in the URL bar.

Eventually, Chrome will show a Not Secure warning for all pages served over HTTP, regardless of whether or not the page contains sensitive input fields.

So how can you fix this problem on your website now? After all, you have customers to serve and cannot run the risk of scaring them away.

Ultimately, the reason why your website is showing as Not Secure will depend. But there are a couple questions and handy resources that you can take advantage of to get to the root of the problem.

Do you have an SSL Certificate Installed?

SSL, short for Secure Sockets Layer, is a standard security protocol for establishing encrypted links between a web server and a browser in an online communication. The usage of SSL technology ensures that all data transmitted between the web server and browser remains encrypted.

An SSL certificate is used to enable a secure connection to protect your website, and your customers that use your website, even if it doesn’t handle sensitive information like credit cards. It helps provide the privacy, critical security and data integrity for both your websites and your users’ personal information.

Today, many web hosting providers provide SSL Certificates. The costs are either separate or built into pricing. On average, standard SSL certificates, start at around $50-70 annually for a single domain. These costs can vary depending on the type of certificate you need.

Want to check if an SSL Certificate is installed on your website? A quick search will show a number of different free “SSL Checkers”. A personal preference of mine is Qualys SSL Labs, which will give you a detailed report.

See the below screenshot of one of our client’s secure websites:

If you do not have a SSL Certificate installed, then you will receive the following error message:

Did you force HTTPS?

Even if you have an SSL Certificate installed, you may still receive warning messages.

This mainly happens when web users access old indexed URLs that are still using HTTP.

Forcing visitors to use SSL can be accomplished through your .htaccess file using mod_rewrite. Modifications can be made through a File Editor program and a FTP client like FileZilla, but it’s important that they are done carefully. Improper modifications to your .htaccess file can break your website causing more issues and result in potentially lost business.

Is there mixed content on your website?

If you have installed a SSL certificate and forced HTTPS through your .htaccess file, then it is likely that your website is showing mixed content.

Mixed content occurs when initial HTML is loaded over a secure HTTPS connection, but other resources (such as images, videos, stylesheets, scripts) are loaded over an insecure HTTP connection. This is called mixed content because both HTTP and HTTPS content are being loaded to display the same page, and the initial request was secure over HTTPS. Modern browsers display warnings about this type of content to indicate to the user that this page contains insecure resources.*

Working backwards through your files to scan for old HTTP links can be tedious, especially if you have a complex website. Fortunately, there are tools built within your browser and on the web that can help.

If using Chrome, go to Settings > More Tools > Developer Tools > Javascript Console. Mixed content warnings will be shown like the image below:

If the above steps seem a little overwhelming or clunky to you, a secondary option would be to check out Why No Padlock, a simple tool that will tell you about any insecure items on your SSL page.

Once you have identified where the mixed content is, you have to update HTTP to HTTPS.

Summary

The world of the web is changing. It happens fast and often without real notice. Staying on top of browser and search updates is not just a good business practice, it’s essential to staying competitive in a sensitive, digital world.

Professional SSL Certificate Installation by our team at GOGET SECURE makes moving from HTTP to HTTPS simple.

Eliminate browser warnings, improve SEO, and build credibility and trust without any downtime. An HTTP to HTTPS migration should be easy and affordable without any hiccups. Now it is. Let our team at GOGET SECURE help you make a seamless switch.


*What Is Mixed Content? | Web | Google Developers. (n.d.). Retrieved June 06, 2017, from https://developers.google.com/web/fundamentals/security/prevent-mixed-content/what-is-mixed-content

, ,

Web Design Company in New Jersey Makes SSL Certificate Installation a Priority for All Clients

Orpical Group, a web design and development company in New Jersey, announced their plans to make Secure Socket Layer – SSL Certificate Installation a priority for all clients. The announcement followed the company’s own successful switch to HTTPS, a communications protocol for secure communication over the Internet.

Google announced earlier in the year that they would begin displaying the security of connections in the address bar of Chrome Version 56. In addition, they would display this message on pages that display a password and/or a credit card field. Orpical Group cited this as the beginning of a long-term plan to mark all HTTP pages and content non-secure.

“No question about it, this is the year of HTTPS and SSL Certificates for websites,” said Stefan Schulz, Chief Operations Officer, Orpical Group. “Big time players, browsers and search engines, are adjusting their perspective and platforms to address the growing concern of authentication, data integrity, and encryption. It’s our responsibility to our clients to meet and ultimately exceed the industry standards, not just as a precautionary measure, but as a strategic implementation that can provide measurable returns.”

Schulz further scrutinized the protocol changes and it’s impact on the small business market: “Search engines and browsers are warning users of non-secure content, but the warning is subtle, so much so that many small business owners, and those providing good, valuable content, are missing the message. It’s not like Google is showing up at your door with a letter saying, ‘Hey–you need this SSL Certificate thing or you’re going to lose impressions, clicks, and potential customers.’”

In effort to make the transition from HTTP to HTTPS as simple as possible with little to no interruption to live websites, Orpical Group has developed a new service offering, GOGET SECURE, which offers fast, proper SSL Installation for small to mid-sized businesses. The Professional SSL Installers at GOGET SECURE, help businesses obtain the right certificate, install on their hosting server, update the configuration of their website, and more.

ABOUT ORPICAL GROUP

Orpical Group is a full-service marketing company. Based in New Jersey (NJ), we specialize in logo design, branding, web design and development, and internet marketing. Since 2012, we have helped our clients realize and sustain high levels of individual and organizational performance. We don’t believe in a one-size-fits-all marketing approach. We believe in our clients. And our clients believe in us because we are invested in success.