It has been nearly two months since Google announced that they will now use HTTPS as a ranking signal. The news came as a big surprise for SEO analysts, because it rarely happens that Google states a new ranking factor in quite clear and plain terms.
As the announcement has been made and the necessity of a good webpage ranking cannot be denied, it becomes vital for us to review all of the factorsthat are interconnected with the transition that websites will face when they modify their URLs from http to https. One of these factors is SSL or the security certificate issued to HTTPS connections; and is discussed below in detail.
What Is SSL?
If a site’s URL begins with HTTP, it means that the page is in standard security mode and all of the data entered by the website users, in any form on the website (for e.g.; within a registration form), will be transferred online via an unprotected connection. The drawback of an unsecured connection is that hackers can gain easy access to your personal data during its transfer.
On the other hand, when using an HTTPS protocol; all data, including the code of the page, will be transmitted in a two-way mode that secures your data. This occurs because of using SSL – Secure Sockets Layer, which provides extra data security. However, it is important to understand that by using SSL, you do not encrypt the website itself, but rather, you encrypt the connection.
How Can You Choose The Right SSL?
Every website obtains a security certificate when it enables HTTPS. This certificate is issued by a certificate authority (CA) and here is what you should keep in mind when you decide to choose your site certificate:
Decide the kind of certificate you need, as you can choose from six different types that are available.
Types of Security Certificates
The different types of security certificates that you can avail for your website are as follows:
1) Shared Certificates are those where you must use the server name in the URL instead of your own domain name. The benefit of this certificate is that it is provided free of cost via most shared and reseller web hosting plans. This allows you to enjoy the encryption that SSL provides, without purchasing your own SSL Certificate. On the other hand, this type of certificate is not fit for e-commerce sites, as your customers will expect your domain to have its own private SSL certificate.
2) Domain Validated Certificates are appropriate for sites, which deal with large amounts of money or confidential information; the disclosure of which could result in material costs for both, the site owner as well as the user.
3) Company Validated Certificates are similar to Domain Validated Certificates. However, this type of certificate also requires additional documentation to certify your company’s identity.
4) Extended Validation Certificates (EV SSL) include benefits both, from the Domain Validated Certificate and the Company Validated Certificate. This means that the website users can rely on your company’s identity as well as, on the secure connection. The distinguishing feature of EV SSL is the green HTTPS address bar.5) Wildcard SSL Certificates are used to originate a secure connection with many dynamic sub-domains. However, the sub-domains must have the same second-level domain name.6) Multi-Domain Certificates can secure multiple domains at the same time. The second-level domains can also be different from the main domain name.Changing the protocol from HTTP to HTTPS is a task for the programmer, but here, we are interested in a completely different side of this transition; namely, how it will affect the site’s position or rank in the search results. For now, Google has only mentioned it as a slight signal to improving your page ranking. Therefore, before making any drastic changes, you should carefully consider the necessity of such a transition.
HTTPS Performance Checklist
If you make an informed decision and switch the site version to HTTPS, here are some of the issues that you may need to consider:
1) Have you used the right URL (HTTP version) in Rel=canonical tags?
2) Haveyoublockedpages fromindexing in the robots.txt?
3) Has HTTPS increasedtheloading timeofthe site?
Thus, to avoid facing these problems, we have used our own expertise, as well as information from Matt Cutts in his Google Webmaster Central Blog; to identify key verification points, which can ensure that using HTTPS does not have a negative influence on your site’s position. These verification points will help you in answering the questions that were asked above and are mentioned in the checklist below:
- 301 Redirect. Use 301 redirects only. You must redirect all URL HTTP to HTTPS.
- Site map.Update your site map and add it to the website with the help of the tools developed for Google Webmasters. However, you should not delete the older version of the site map for at least, the next 30 days; as it is necessary to give time to the search engines to index 301 redirects.
- Tag rel = canonical. Ensure that all of your canonicals are pointing at the HTTPS version of the URL.
- Robots.txt. Update the file robots.txt. Do not block the HTTPS version in the robots.txt, as it will help you to avoid crawling issues.
- Site performance. Every element of your site should be addressed using HTTPS; including CSS, JS, images, videos, etc.
- Use a relative URL. A relative URL does not contain any protocol information. Thus, relative URLs are shorter, and therefore, more convenient to use.
- HSTS. Check whether you are using HSTS. This mechanism increases the security of the connection and the speed of the loading pages. It also allows you to avoid inaccurate redirects.
- Internal linking. You must change your website links so that they point to the HTTPS version of the URL.
- Tools for analysis.Make sure that the Google Webmaster tools are set up for the HTTPS version, and check that you are using the latest version of the tracking code in Google Analytics.
If you decide to follow through with the transition from HTTP to HTTPS, you should measure your efforts against your benefits before moving forward. Additionally, you should also consider that the increase in ranking positions might be relatively small as compare to the changes that will be made.
Remember that it is more important to get the basics right, rather than focusing on minor details; because in order to implement SSL from a ranking factor perspective, you will have to spend plenty of resources, and give a lot of your time to plan and implement the change. Consider that you could put this time to better use, implementing widely known methods for optimizing your website instead. However, if you still decide to change your site version to a more secure one; estimate the costs beforehand and plan your resources accordingly.
Finally, even though for now, Google has reported that the HTTPS transition has an impact of less than 1% on global queries, all website owners should understand and be motivated to switch from HTTP to HTTPS. This change will make our website users more confident as we will be able to provide them a safer Internet browsing experience. Thus, it is strongly recommended that a website owner, you pay high attention to Google’s big announcement and take the steps recommended to implement it on your site.