HTTPS: Why Security is an Important Part of Your Site's SEO Strategy
Let's start with the basics. What the heck is HTTPS / SSL and how does it all work?
Below is a short video that we put together that should help explain it in plain English (along with pictures...the pictures help).
Okay, now that we are all on the same page, let's look at why HTTPS is important to you.
Google recently announced that it will be prioritizing encrypted websites in search results. Until recently, Google indexed HTTP and HTTPS pages as if they were two separate sites -- that's why you'd often find home pages featuring HTTP protocol, and the S only added when the user was prompted to sign in or add personal (re: credit card) information. To maximize SEO juice, some companies that used HTTPS then performed an additional step of forcing a redirect to HTTP.
To consider HTTPS ranking as just an SEO strategy is to miss a much larger benefit of adopting HTTPS protocol for your entire website. While Google acknowledges that the HTTPS protocol won't carry the same weight as keyword rich, content specific efforts, the decision does come with a more powerful side effect. The update is intended to encourage more widespread adoption of secure encryption to protect viewer information across more sites, even on open, non-login pages. The ultimate end result is a safer web experience that also happens to elevate the profile of participating websites in user search queries. And those larger companies will no longer have to maintain duplicate content on HTTP and HTTPS pages.
HTTPS ranking is valuable for small businesses, especially when used in conjunction with other SEO efforts like responsive design and keyword targets. As major data breaches fill the headlines, consumers must feel confident about browsing your site, submitting forms or sharing their personal and/or credit card information. HTTPS for your entire site is a strategic first step.
Secure encryption does require a bit of additional initial administration and maintenance throughout the lifespan of your domain. Your site administrator, should buy and activate the SSL Certificate that confirms your domain's secure encryption by linking it to your organization. The SSL Certificate must then be renewed annually. Keeping your SSL certificate up to date is important for ensuring a seamless browsing experience for visitors. A visitor to a website with an expired SSL Certificate will be presented with an alert pop-up.
While browsing on a secure HTTPS site can provide confidence to site visitors that they are on a safe and reputable site, an alert pop-up can have the exact opposite effect by causing confusion or even concern that 'something's wrong' which may result in a visitor abandoning their session. And that is pretty much the worst possible scenario -- your site lands a visitor thanks to great content, strict organic SEO best practices, and standard compliant code; then your eager visitor gets scared away by an intimidating browser warning before even getting to page one.
That's like having your an advertising campaign for a new premier product bring someone all the way onto your showroom floor only to have Frankenstein come out and try to close the deal. Can you hear your customer's wheels screeching in the parking lot? Not quite the welcoming experience any business is looking for.
And it's not just small companies that overlook SSL Certificate renewals -- we came across this alert while logging into Hotmail while researching this post!
Is this making you feel warm, fuzzy and safe?
So, let's summarize:
HTTPS = good. Smart for overall web security and now good for your SEO rank.
Ignoring your SSL Certificate expiration = danger, danger, danger. Don't let a simple oversight be the dealbreaker that sends your visitors packing after they've made it all the way to your front door.