If you’ve been delaying the switch from HTTP to HTTPS, it’s time to get on the ball complete your HTTPS migration. Google is making SSL compliance mandatory – not just for search engine optimization, but also to maintain your site’s credibility among Google Chrome users.
Google Sets July 2018 HTTPS Migration Deadline for All Websites
Encrypted transmissions have long been used by businesses that transfer sensitive financial and health information. Now, HTTPS compliance will become a major part of both SEO and user experience. Google will start flagging non-HTTPS sites as security risks in release 68 of its flagship Web browser Chrome, anticipated to be ready for the public in July.
Web users will still have the option of interacting with non-HTTPS websites as normal: They won’t receive a “dangerous or deceptive site” warning, for example. However, sites not using SSL will be penalized with a “Not Secure” label prominently displayed by the user’s URL bar.
On top of that, sites that lag behind in security compliance might suffer in search rankings.
Security is Already an SEO Ranking Factor – Now, It’s Bigger Than Ever
Google announced SSL as a ranking signal back in 2014.
At that time, relatively few webmasters knew how to setup SSL. Some sites explored the use of fancy DNS tricks and redirect chains (using 301 redirects) to maintain the appearance of tight security for key content and subdomains.
However, most webmasters had no plans to get on board with SSL.
In the years since, major security vulnerabilities – such as Heartbleed, which directly affected SSL implementation – have put security front and center as a business concern. Search engines are getting wise to how security affects user perception and others may follow Google’s lead.
As a result, SSL has seen tremendous growth: Currently, experts estimate that about half the Web uses encryption. Anyone who has checked their Google Search Console and done a little reading between the lines can tell that the benefits are already being felt.
SSL provides all the following advantages to SEO-savvy brands:
Valuable Referrer Data
Traffic moving from HTTPS to non-SSL connections loses all its referral data, presenting as “direct” traffic in Web analytics suites. With SSL implementation, secure referral data is preserved, helping clarify traffic attribution and focus on the best traffic sources for your site.
Direct Ranking Influence
SEO aficionados have estimated that Google’s search results algorithm considers something in the neighborhood of 200 distinct ranking signals. SSL probably has only a mild influence for now, but its absence could start to translate into noticeable penalties after July.
The average Web user is becoming more alert to security. Even if they don’t understand all the details, many people look for the handy “lock” icon. Since Chrome – the #1 browser, with 44.5% market share – will be making it more obvious, SSL will give users greater confidence in a site.
The HTTPS Migration Checklist SEO Experts Need to Have
Implementing SSL can be a complex process with a number of QA steps. Even though a new generation of SSL certificate vendors is emerging to put encryption within reach of smaller Web brands, it’s still essential to follow HTTP migration steps carefully.
A simple oversight could completely negate your efforts to use SSL.
Here’s a brief HTTPS migration checklist SEO leaders can use to outline the key steps:
- Configure and test your security certificate.
- Register both the HTTP and HTTPS versions of your domain in Google Search Console.
- Ensure your rank tracking software is updated to monitor changes to HTTPS domains.
- Identify the top pages and queries that attract traffic to your current HTTP website.
- Crawl the HTTP site to identify and resolve broken links and other structural issues.
- Change, update, and test links, ensuring all resources point to new HTTPS URLs.
- Update the canonical tags to ensure absolute URLs all utilize HTTPS consistently.
- Ensure current rewrites and redirects influencing URLs are implemented in HTTPS.
- Write and test 301 redirect rules to serve all existing HTTP domain content in HTTPS.
- Generate an XML sitemap with HTTPS URLs to upload to Google Search Console.
- Develop a new robots.txt to be deployed on the HTTPS domain when it is launched.
- Prepare necessary adjustments to all advertisements, email, and affiliate campaigns.
- If you’ve used Google Disavow Tool, prepare to resubmit updated URLs if needed.
- Adjust Search Console geo-targeting to use new URLs if you’re migrating a gTLD.
- If you manage URL parameters through Google Search Console, update them now.
- If using a content delivery network, verify your vendor can serve your HTTPS site.
- Verify the functionality of served ads code, third-party extensions, and social plugins.
- Update your Web analytics configuration to capture data from the HTTPS website.
Need to find out more? Contact our team with your questions or comments!