HTTPS is Not Optional
HTTPS is the secure variant of the HTTP protocol. It creates secure connections by providing authentication and encryption between a browser and website. HTTPS protects the security and data integrity for both your website and your visitors' personal information.
Sites not running under HTTPS are penalized with poor SEO results in Google and alarming user experiences for visitors. Google Chrome will soon show a “Not secure” warning for all non-HTTPS websites. Firefox already displays a grey lock icon with a red strike-through in the address bar for non-HTTPS sites. The web has standardized on HTTPS, it is no longer an option.
Pantheon is the only hosting platform to include fully managed and free HTTPS certificates for all hosting plans. We obtain, deploy, and manage high grade TLS 1.2 encryption certificates for all of your sites.
Goodbye SSL Certificate Lifecycle Management
“Cert management” was not a part of your job description for a reason—it’s tedious, time consuming, and not a good use of development hours. Through our partnership with Let's Encrypt and the magic of our Global CDN configuration, Pantheon can now completely automate and manage the certificate hosting and renewal process..
Most hosting providers require you to terminate HTTPS in their datacenter, and some “free HTTPS” CDNs will only encrypt the front half of your traffic. With Pantheon, HTTPS is terminated on our edge layer so encryption of sensitive information happens as quickly and close to your sites’ visitors as humanly possible. We guarantee end-to-end HTTPS integrity, from the Global CDN edge to the PHP container on our platform—there are no air gaps.