You need to secure your website with ssl https NOW, here’s why
In the past, it was ok to have http only as long as you didn’t have any online transactions or user information being transferred to your website.
We have always known that we needed to secure our websites with SSL certificates and use https protocol instead of just http, but we had no compelling reason to do so PLUS the SSL certificates were quite expensive back then!
Recently, the 2 main leading browsers Google Chrome and Microsoft Edge, started to push aggressive user warnings related to security, so when your website visitor lands on your http page they will get a browser notification telling them “this website is not secure!” In some cases I have also seen alerts from my anti-virus too, it would totally block access to the “insecure website” or page and ask me to manually override by clicking “yes I am aware of the risk” to proceed to the “unsafe site”! Something I believe many users and visitors will be scared to do!
All those nags will definitely shake the user’s trust in your website, and you don’t want that! Do you?
The good news is that installing and configuring an SSL certificate to work with WordPress is not a difficult thing to do, and the certificates are much cheaper now than before, you can buy them from your hosting provider or from NameCheap Update: (Nov.2018) most good hosting companies now provide a free (shared) SSL with your hosting plan or a discounted one that is customizable (not shared) that is specific for e-commerce.
NOW it is the best time to secure your website with ssl!