TL;DR
- Create (for free) an SSL certificate.
One resource for that is letsencrypt.org - Install it on your website’s server: letsencrypt.org/docs/client-options/ – You just quickly choose the client that will match your server environment or do everything in your browser.
- Change all your website’s links from HTTP to HTTPS so that search engines are notified and users will get the HTTPS version.
- Go have a drink.
Why?
You should always protect all of your websites with HTTPS, even if they don’t handle sensitive communications. HTTPS helps prevent intruders from tampering with the communications between your websites and your users’ browsers. It might be a malicious attacker or legitimate (but intrusive) companies, such as ISPs or hotels that inject ads into pages. Your users will think that your site is ugly or worst because they can’t tell who is doing what to the pages.
If you care about your users, always protect them and serve them with HTTPS. It will also prevents intruders from being able to passively listen in on the communications between your website and your users. Another benefit we gain from HTTPS is the ability to work with new powerful web platform features: Continue reading
Ido Green 