Table of Contents: http or https | Why You Should Care About https for SEO
- Consider Upgrading Your Security Using https
- How Do You Recognize a Secure Website?
- http or https – What’s the Difference?
- How Can You Make Your Website More Secure?
- How Could Converting from http to https affect your website’s SERP Standing?
- Is https the Future Standard of the Internet?
Does your website’s address start with http or https? You may not realize the impact this might have on your website’s rankings on the search engines.
Let’s say you have a great looking website with relevant content, catchy headlines, and a good balance of up-to-date information combined with the right number of key words to keep the search engines happy.
Don’t get too comfortable.
Perhaps you’ve also stayed informed on SEO trends, and you’re keeping your site “fast and fresh”.
You’re still forgetting something. What?
What more should you be doing to keep up with Google’s constantly evolving algorithm? Here’s the deal:
Consider Upgrading Your Security Using https
With hacking and security leaks in both government and military web communications making spicy news headlines, there is a lot more concern among Internet users regarding security.
More security protects users’ confidential information, whether it be credit card details, bank data or simply personal browsing history.
It should come as no surprise to anybody that Google has also professed a growing preference for secure websites, and they’ve added encryption, certification, and authenticity to their over 200 Ranking Signals.
Therefore, it absolutely makes good sense to evaluate your website’s security and find out how you can offer first-time visitors, potential clients, and your existing customers a safer experience.
How Do You Recognize a Secure Website? Look for http or https
Every website URL or webpage address represents an access point on the worldwide web (WWW). This address consists of two parts:
- The protocol used to transmit data between communicating parties (the client and the server), and
- The actual name of the website: example http://www.website name.com.
The protocol developed to transmit data – and currently still the most commonly used on the WWW – is designated in the address as http, which stands for HyperText Transfer Protocol.
Technically, it is an information exchange procedure standard.
Think of the protocol as the “rules and regulations” or the “translator” that makes the exchange of data between client and server possible.
http is part of a larger family of protocols created to support the entire Internet called TCP/IP. As a subset, http’s responsibility is the World Wide Web (WWW). When you type a search without the http the browser will assume http as it must have a protocol.
When you see a URL or webpage using the protocol https (note the “s” for security) rather than http it means that information and data exchanged between user and server will have a higher level of security because there is a protocol encrypting the data plus a protocol preventing corruption or modification during transmission of data.
https is sometimes referred to as “http over SSL” because https works in conjunction with the protocol SSL (Secure Sockets Layer) to transport data securely. https also works with the protocol TSL (Transport Layer Security) to prevent corruption of the data during transport.
If you want to get even more technical, check out what Google is telling webmasters in their Best Practices regarding the three levels of protection offered by enabling https.
All you really need to understand as a website owner is that an https secure site will provide a safer user experience and lead to a higher ranking of your website, … but, ONLY if the switch is made after taking into careful consideration the specific nature of each page of your website.
http or https – What’s the Difference?
http is referred to as a “stateless” protocol, as is IP (Internet Protocol) – the foundation for the Internet. This means that the connection between the browser and the server is lost once the transaction ends. Each request is an independent transaction that is unrelated to any previous request. You can think of this communication flow as DIRECT.
http also sends the data across the web in plain text without encrypting it so it is much easier for someone to find, hack or corrupt while being transmitted.
Don’t panic, though; there’s nothing negative about a stateless protocol. However, if your website requires the storage and transmission of personal or confidential information it does not have the level of protection to safeguard this data that a secure protocol – https – provides.
Simply stated, https is a secure version of http. It’s an http channel that encrypts all the information being exchanged, effectively making the transfer of confidential information secure from eavesdropping. You can think of this communication flow as INDIRECT as the data will be encrypted for transmission and then unencrypted upon arrival.
https doesn’t just protect the data transmitted, it also ensures that the user is in fact connected to a legitimate site and not to an imposter one. This is important because hackers and scammers use the tactic of setting up a fake version of a normally trusted website to lure in unsuspecting users.
Browsers (Internet Explorer, Firefox, Opera, Chrome, Safari, et al) can determine the level of security of a website URL or website page address. As a service to their clients, they are increasingly letting users know what is the security status of every URL or webpage being searched. Each browser uses its own icons or identity buttons, using colors, Xs, and padlock icons in front of the address in the search window. By recognizing the colors, Xs, and padlock icons you can determine how secure a website is before entering or using it.
If your website was created using the http protocol, and you have security concerns, you should seriously consider converting it to https.
Even if you don’t regularly send and receive confidential or sensitive information on your website, you would be wise to convert to https sooner rather than later to enhance the reputation and integrity of your website and not risk getting a red X padlock on your URL at some near future date.
How Can You Make Your Website More Secure?
Well, by simply changing the protocol. That is, however, easier said than done. Unless you have a strong IP background this is a task better left to an SEO expert who can evaluate every page of your website and convert http to https without harming other ranking factors.
Enabling https involves obtaining certification, and a qualified webmaster or SEO expert can determine what type of certificate best serves your website’s needs.
There are several factors to consider when converting http to https and for optimizing your website once it is converted; some straightforward and some requiring technical advice and assistance:
- Loading times: To maintain maximum loading speed, you may want to secure only the pages that transmit sensitive data and leave Introduction, About Us or Contact pages as http.
- txt.file: Be sure to let Google bots know which pages should be crawled and indexed.
- Files: Keep image and content files within https protocols to avoid popups and spam.
- Certification: Obtain a certificate from a reputable SSL certificate provider and keep it updated.
- http versions: Make sure that the pages not converted to https, usually those full of content that is NOT sensitive, are properly set to http and are still being linked through guest postings and other optimization techniques.
How Much Could Converting from http to https Affect Your Website’s SERP Standing?
Google let it be known some time ago that converting to https could result in a minor ranking boost. While quality content will always carry more weight in ranking, security is fast becoming a significant ranking factor. And, while Google is not currently penalizing websites that are not https, they are firmly committed to global Internet security so the trend is towards favoring secure sites over non-secure sites.
For example, Google’s Chrome browser will eventually display a red X on a padlock in the address bar for all pages without correct HTTP setup, which means in a search your website could appear corrupted or suspicious even it isn’t.
Chrome shows an icon of a white page when a website is not secured with https, a green locked padlock when it is, and a red X on a padlock when there’s something wrong with the https page being accessed.
Other browsers, such as Mozilla’s Firefox, quickly followed Google’s lead.
|Firefox (Mozilla) Identity Buttons
Green Padlock: This is a legitimate website, not a fake, it’s using a secure protocol, and the transmission is encrypted to protect confidential or sensitive information.
Green Padlock with Grey Warning: This is a secure website; however, Firefox has blocked some insecure content so it may not display correctly.
Grey Padlock with Yellow Warning: The connection between Firefox and the website is only partially encrypted so don’t send confidential or sensitive information to this site.
Grey with Red Strikethrough: The connection between Firefox and this website is only partially encrypted and is not protected against eavesdropping. Don’t send confidential or sensitive information.
These displays won’t affect your SERP (search engine results pages), but are in effect another form of ranking that will scare away visitors regardless of whether your website handles confidential information or not.
In September 2016, Brian Dean, SEO expert and founder of Backlinko, published research after analyzing one million search results and stated,” HTTPS had a reasonably strong correlation with first page Google rankings. This wasn’t surprising as Google has confirmed HTTPS as a ranking signal.” (source])
If you are about to set up a new website, there appears to be a consensus of opinion among webmasters and SEO experts that it should be an https secure website from the start.
Converting your existing website from http to https now and getting ahead of the trend can only benefit your website’s visibility and reputation.
As you can probably see by now, there is no downside, with a recommendation that the switch be made by an IT professional, preferably an SEO specialist, so that all your ranking factors are safeguarded when the technical changes are made.
Is https the Future Standard of the Internet?
Switching to https is a serious undertaking, and for a very large website or one handling large amounts of sensitive or confidential information, could be costly. There is every indication, however, that the move to a worldwide secure Internet is inevitable and in the not-too-distant future https enabled websites will be the norm or even mandatory.
Encrypt All the Things, an initiative of Access, an international human rights organization dedicated to “defending and extending the digital rights of users at risk around the world”, promotes universal Internet encryption and encourages large organizations to support the move.
|Google has made it increasingly clear where they stand: “… that the web of the future should all be encrypted, and all sites should be served over https”. (source)|
As the owner of a personal website or a commercial website, your immediate concern is to be visible in the rankings and easily accessible, and then to provide a satisfying experience for everyone entering your website so that your conversion rate (browser converted to customer) remains high.
Currently, providing a secure website experience is fast becoming also a desired … or even a demanded … attribute of a successful website.
In February 2016, Christoph Engelhardt, of LinksSpy, published their analysis of the https settings of 10,000 domains and how it affected their SEO. He found that over 90% of the top websites had sub-optimal https implementation, and 60% of the websites they tested had no https at all. Only 1 in 10 had what his group considered flawless https. He concluded that, “HTTPS correlates with higher search rankings – but even the big websites don’t get it right.” (source)
These figures have no doubt significantly improved in the year since then, and the top browsers are in fact evaluating websites and rating them very publicly, as evidenced by what we see in every Internet search we make.
If you haven’t noticed those color codes, padlocks and Xs yet, it’s time you did. It’s time you evaluated your website’s security and recognized this as a golden opportunity to get ahead of your competitors’ websites as they may not yet be aware of this important trend.
Converting your website from http to https is also the perfect opportunity to review and improve your SEO and SEM (search engine optimization) and improve your website’s SERP (search engine results pages).