Google wants all site to be HTTPS.
This actually dates back to 2014, when Google announced that they use SSL as a ranking signal.
And as of July 2018, major browsers will begin marking all content not served over https:// as insecure.
The time to adopt HTTPS is yesterday, but if you haven't done so, today works just as well.
HTTPS has long been a "ranking factor", but is now at a critical point. Nearly all best food blogs in the top search results are SSL-enabled, which puts anyone not using SSL at a disadvantage. If you don't have SSL enabled on your blog (and forced URL rewriting from http:// to https://) then now is the time to do it.
Not confident in doing it yourself? Sign up for our Food Blogger Hosting package (includes a new theme!) and we'll manage the transfer process for free.
Cost vs. Reward
It used to be that SSL certificates were difficult to install, and cost a lot of money. Thanks to services like Let's Encrypt, all web hosts should be able to offer you a free SSL certificate and install it for you, making the process not only simple, but free.
There is no cost to enabling SSL [1].
The other ages-old argument was that using SSL slowed down your website, but has been debunked years ago. Using HTTPS has no noticeable impact on page loading speed.
The reward? Better search engine rankings, and better privacy for your visitors.
Visitor Privacy
Did you know that when you submit information over non-HTTPS, it can be seen by anyone in between your computer and the website you're browsing? This is a problem not only because of potentially malicious people eavesdropping on your website habits, but also (and particularly) ISPs that are trying to move into the online advertising game but harnessing as much information about you as possible.
This isn't just for privacy-sensitive websites - all food blogs should switch over for privacy reasons as well. Doing a search on an HTTP-only food blog for "cake recipe for pre diabetics" allows your ISP and ad companies to see that you searched using the term "pre diabetic"; which can then be used to target you with ads, or simply sold for profit (eg. to insurers). The same search on an HTTPS-enabled blog hides this information from prying eyes.
Don't think it's happening already? See this article from arstechnica about ISPs being allowed to sell your browsing history.
What's the worst that could happen?
This data could hypothetically be sold to a health insurance company, who can use it to exclude you from health insurance claims down the road on the grounds of it being a pre-existing condition.
What if that search wasn't even for you, but instead for your diabetic aunt who is visiting this weekend? The ISPs, ad companies, and anyone who buys your data has no way of knowing that.
Do your visitors (and yourself) a favor: enable SSL today.
[1] There may be some old hosts that still try to upsell SSL, but any modern and competitive host like our own Food Blogger Hosting or Studiopress Sites should offer this free.
