http:// and https:// differ by one letter but affect security and trust drastically.
HTTP — outdated:
- Data is transmitted in plain text — ISP, Wi-Fi hotspot, any intermediary sees passwords and chats.
- No protection from substitution — ads or viruses can be injected en route.
- Browsers (Chrome, Firefox, Safari) show a “Not secure” warning.
- Google and Yandex demote such sites.
HTTPS — modern standard:
- All data is encrypted.
- The site passes verification — domain cannot be spoofed.
- Browser shows a green padlock.
- Payments and forms work (PCI DSS requires HTTPS).
- Modern APIs (Geolocation, ServiceWorker, Push) only work over HTTPS.
What you need to switch:
- Get an SSL certificate — at us free via Let’s Encrypt on any plan.
- Enable SSL in cPanel → SSL/TLS Status → AutoSSL.
- Redirect all HTTP traffic to HTTPS (via .htaccess or CMS plugin).
Switching usually takes 10–15 minutes; SEO effect appears in 1–4 weeks.