HTTP vs. HTTPS: It’s Time to Go Secure
Back in late 2014, Google officially announced that HTTPS would now be considered a ranking signal by their search algorithm. Since then, the internet as a whole has slowly and reluctantly begun transitioning away from the standard HTTP and onto the more secure application layer protocol.
If you haven’t started this transition yourself, it’s time to stop dragging your feet.
HTTP is No Longer Considered Neutral
Google announced on its security blog that Chrome will no longer mark HTTP sites with a neutral icon. HTTP sites will soon be flagged with the following “Not Secure” marker:
In fact, we already see this in Chrome on WordPress websites.
The last thing you want your website visitors to see is a big red warning stating that their presence on your website isn’t secure. This would cause them to lose trust in you and your business.
More important than losing your trust factor is the fact that your users really are more secure on an HTTPS connection.
Why is HTTPS More Secure than HTTP?
HTTP is insecure because it does not encrypt the transfer of data. If your site is HTTP, someone can intercept a user’s data and change it before it reaches them. A hacker could use this to fool a web browser and capture the user’s information.
HTTPS is essentially the exact same thing as HTTP, except that if works in conjunction with SSL or the newer TLS to transport data safely from the user’s web browser to the server. This is what Google really cares about.
Speaking in more technical terms, data over HTTPS is secured through Transport Layer Security Protocol (TLS). This provides three different layers of protection:
- Encryption. The data that being exchanged is kept secure.
- Data Integrity. Data can’t be modified or corrupted during the transfer without detection.
- Authentication. Your users are guaranteed to communicate with the intended website.
SEO Benefits of Going HTTPS
The SEO benefits of going HTTPS are almost as good as the added security:
- Increased Rankings. When it first happened in 2014 and 2015, the general consensus was that only one percent of all search queries globally were affected by the ranking signal. However, Google is increasing their devotion toward encrypting everything on the web, and this ranking signal will only increase over time.
- Referrer Data. Data passed over HTTPS is secured and retained from one referrer to another, whereas HTTP doesn’t remember any data. This data is reported in Google Analytics and allows you to track and better understand referrer and direct traffic.
- User Confidence. Visitors feel more confident in your website, which means they may be more likely to click, stay, and come back. If they see a red signal in their browser because your site isn’t secure, they may bounce or even never come back. Increased bounce rates back to SERPs can hurt your SEO.
The Costs of Going Secure
Depending on your hosting provider, obtaining an SSL certificate can be inexpensive or even free. The certificate itself used to cost quite a bit of money relative to the cost of hosting, but there are many organizations out there now dedicated to making the transition free for all websites. Due to this movement, many major providers and platforms (like WHM) can now generate basic certificates for free.
The biggest cost associated with going HTTPS is the labor involved with making sure that the certificate is implemented correctly. Your SEO team will need to ensure that all elements on the page are pointing to or redirecting properly to HTTPS. After the entire website is converted, you will need to convert your Google Analytics tracking and Search Console to HTTPS as well.
There has never been a better time to make the change from HTTP to HTTPS. Certificates are free, IT professionals understand how to transition your site better now than ever, SEO signals for HTTPS are strengthening, and users are demanding more security.
If you have any questions about making the change to HTTPS, don’t hesitate to contact us. We’re here to help!