SSL to rank better in 2017

Google has been actively endorsing SSL certification since 2014. In their official webmasters blog titled, “HTTPS as a ranking signal”, which was published in August 2014, they had recommended HTTPS encryption for all. The blog also states that, “Security is a top priority for Google. We invest a lot in making sure that our services use industry-leading security, like strong HTTPS encryption by default…”, adding further that, “For these reasons, over the past few months we’ve been running tests taking into account whether sites use secure, encrypted connections as a signal in our search ranking algorithms…” This made it clear that websites with SSL certificate will have an advantage for SEO ranking. In 2015, Google’s Gary Illes made a statement that “HTTPS May Break Ties Between Two Equal Search Results” This pushed a lot of digital marketers towards SSL products and towards switching form HTTP toHTTPS. 

Again in 2016, Google announced that “Beginning in January 2017 (Chrome 56), we’ll mark HTTP pages that collect passwords or credit cards as non-secure, as part of a long-term plan to mark all HTTP sites as non-secure”. This essentially means if your website is not SSL certified, Chrome users will get a notification that they are on a “non-secure” website – this can negatively impact your business and customer perception. According to Google, “A substantial portion of web traffic has transitioned to HTTPS so far, and HTTPS usage is consistently increasing. We recently hit a milestone with more than half of Chrome desktop page loads now served over HTTPS. In addition, since the time we released our HTTPS report in February, 12 more of the top 100 websites have changed their serving default from HTTP to HTTPS.” This can be validated by looking at of 2017, a growing number of websites are SSL validated and are winning their customers’ trust. Many examples of websites that moved have noticed that their keyword ranking and their overall page visibility has increased significantly. It is thus evident that 2017 will be the year of HTTPS and SSL certifications. SSL certifications have managed to change the internet forever.

Google terming a website “not secure” does not necessary mean the site is blocked but it will certainly put a question mark in the users mind if they should be viewing this site or should they exchange any information either with the site or through the site. Chances are the user may plainly prefer to avoid using these sites. This makes it imperative for organizations or websites to have the SSL certification to conduct business and maintain consumer trust.

Popular open-source Content Managements Systems (CMS) like WordPress also wants websites to move towards SSL. In their blog dated December 2016, they have clearly stated that, “First, early in 2017, we will only promote hosting partners that provide a SSL certificate by default in their accounts. Later we will begin to assess which features, such as API authentication, would benefit the most from SSL and make them only enabled when SSL is there”. Other popular CMS may also follow suit making it absolutely necessary for website to get SSL validation.

Many theories also suggest that not all users pay attention to the lock on their chrome bar and proceed browsing the website that has been flagged unsafe by Chrome. Moreover, it is just chrome that is tagging an HTTP site as unsafe other browsers do not have any such restrictions. Chances are that in the near future they will follow suit and may even block websites. Sooner or later websites will have to migrate to a HTTPS website or get the SSL certification. 

Switching from HTTP to HTTPS

In today’s connected world consumers are overwhelmingly looking for security. They very well know and understand that a breach with one device can infect other connected devices. This also makes them conscious of accessing only those links that ensure cyber-security. Organizations too are rapidly embracing cyber-security to ensure their business data, consumer data and a consumer’s faith in their organization are protected from cybercrimes. For organizations it is not just a matter of business continuity but a matter of survival. 

 

To ensure data protection and to restore faith in consumers’ mind, a growing number of organizations are getting Secure Sockets Layer (SSL) to their domains. Though symbolic of moving from HTTP (or Hyper Text Transfer Protocol) to HTTPS (or HTTP Secure), SSL is a standard security technology that enables organizations to establish an encrypted link between a web server and a client. This makes it impossible for attackers to intercept the data flow (between a web server and a client) and use the information. SSL is an absolute necessity for e-commerce or for organizations that collect sensitive data. 

There are numerous benefits of switching to HTTPS. Web-search giant, Google has been explicitly endorsing the move as they believe HTTPS protects the domain from “eavesdroppers” thus protecting information about the user’s browsing activities. Google in its HTTPS website migration guide has clearly stated that data sent using HTTPS is secured via Transport Layer Security protocol (TLS), thus the data cannot be altered or rerouted without being detected. Google’s open endorsement to HTTPS website also shows their preference and is evident in their listing of search results – HTTPS sites are ranked higher than others. Switching to HTTPS may thus give you a small boost in ranking today and possibly a larger boost in the future. 

Switching from HTTP to HTTP is easy and cost effective considering the business benefits it gives. To have a HTTPS domain you have to first get an SSL certification either from your hosting company or from a third party website. But before you go buy, you have to decide on what exactly you would want to be SSL validated – Domain validation (this covers encryption only), Organizational validation (a bit costlier than domain validation but includes Authentication in its coverage), and finally Extended Validation (it ensures best security and is a must for Banks and eCommerce businesses). 

In most cases the SSL certification vendor also helps portals to install validations; it best to enquire this before buying from the vendor. Once this is over, you need to create a link map of your sites and redirections. This can be a time consuming step and depends on the complexity of your website. Ensure to update your internal links too. The images, stylesheets and scripts also need to be updated with the HTTPS tag just to ensure that all files used on your site have the https link. 

A freshly created HTTPS link may not show Google traffic, this is because Google still only recognizes the HTTP site. To overcome this, you need to re-add the new website to Google Webmaster Tool and submit the new site map as well in the listings. A quick test should throw bugs that can be fixed to ensure traffic.

Switching from HTTP to HTTPS can be a daunting task for new companies; however, the merits are limitless. It is best to get an expert on board to help you with the transition. This will allow you to focus on your core activities while getting an SSL certified domain in the market that is trustworthy in your consumers’ mind.