HTTPS adoption among the world’s top half million sites doubled this year, achieving in one year what hadn’t been managed in 20 years’ since HTTPS’ introduction, writes Guy Podjarny over at SYNK.
Adoption among the top half million sites went from 5.5% in August last year to 12.4% by the end of July, according to data from HTTP Archive. If BuiltWith, who provided the statistics, can be believed, adoption among the world’s top one million sites was even more impressive: a year ago only 2.9% of sites were HTTPS by default now it’s 9.6%. That’s 3X growth.
The question is what’s driving this dramatic growth in adoption. For Guy, the answer is: because it’s cheaper, easier and more important than ever before to use HTTPS.
It used to be that you had to buy your SSL certificates and pay extra costs for hosting and for a CDN to deliver the certificate. But now certificates can be had for free at places like Let’s Encrypt, hosting companies don’t demand an extra fee for HTTPS and many of the major platforms like WordPress and Heroku offer it as standard.
Let’s Encrypt also allows auto generation of certificates and developers can use tools like Chrome Security Panel to ensure that certificates are configured correctly, meaning setting up HTTPS is no longer the preserve of a few.
But perhaps the most important reason for the dramatic increase in adoption is that companies are now much more motivated to get HTTPS. Companies are more concerned about the bottom line than security but now security is key to getting certain features. Features like geolocation and HTTP2 only work if you have HTTPS set up. What’s more, Google now ranks HTTPS sites higher, giving managers an extra incentive to get it sorted.
Lastly, Guy thinks the network effect explains a lot of the movement in the last year. Companies are seeing their partners and competitors moving over and are simply following the fashion.