Google updates its Chrome browser to show a glaring “NOT SECURE” notice on every non-https webpage a user visits. Suddenly conversion rates drop, and business owners are left wondering why their products aren’t selling.
Sounds terrifying, but it will soon become a reality.
Google has confirmed that in July of this year they will be releasing Chrome Update 68. Websites all over the internet will be making a push to migrate from HTTP to HTTPS, and those that don’t will feel their pocketbooks cringe when conversion rate drops.
E-commerce sites aren’t the only sites affected, however. When users see the “Not-Secure” label, they become more prone to pogo-stick away from a website, and as a result, your rankings drop… significantly.
Don’t freak out yet though. This article will be your guide on moving from HTTP to https from start to finish.
What is the Difference Between HTTP and HTTPS?
Think of HTTP and HTTPS as the way the internet transfers data between a website and visitors. HTTP stands for “HyperText Transfer Protocol.” The only difference between HTTP and HTTPS in their acronym is the “S” stands for secure.
To explain things a little easier, both transfer data but HTTPS does so in a secure fashion.
What Makes HTTPS More Secure Than HTTP?
So all you have to do is add an “S” to the end, and everything is okay, right? Wrong. To achieve HTTPS, a website needs an SSL Certificate.
An SSL (Secure Socket Layer) establishes an encrypted link between a website and its visitors to ensure any data transmitted remains safe and untampered with.
Choosing to Ignore HTTPS Migration?
Many website owners around the globe choose to ignore migrating to HTTPS. Whether it’s out of fear of the unknown, lack of resources or misconceptions about HTTPS in general, ignoring an HTTPS migration will only end badly.
Here’s a quick look on what to expect when continuing with HTTPS:
Conversion Rate Drops
In Google’s announcement of the upcoming Chrome update, they included a screenshot including a very obvious *NOT SECURE* marking in the URL bar.
This Not-Secure message can be seen currently across the web, but only when information is inserted into a form. By including this feature as a permanent item, it means more people have the chance to notice it, and more people have the opportunity to leave a website because of it.
The push for HTTPS migration is a force to be reckoned with but for a little insight here is Google’s end goal for warning visitors
No HTTPS Migration, Lower Google Rankings
Since Google seems to be the driving force behind “the secure web,” it only makes sense that Google shows favor to websites using HTTPS. Google's advocacy for security can be seen clearly in the search results when submitting any search query.
“If HTTPS websites don't crowd the results, an HTTPS migration would result in a significant advantage.”
By choosing to remain as HTTP, a site misses out on a simple ranking boost and will lose traffic to its more secure competitors. Don’t let competitors get the edge so quickly.
HTTP Sites Are Vulnerable
None of the information served through HTTP is encrypted which creates an issue… vulnerability.
Without the encryption and security, hackers can access the data between transmission and manipulate transmissions to visitors. After gaining access to the information, hackers can add unwanted adds to a website, steal user information or even change the webpage entirely.
What are the Benefits of Migrating to HTTPS?
After taking a look at all the dangers of staying on HTTP, it’s clear that moving to HTTPS is a no-brainer. But what are the benefits of moving from HTTP to https other than preventing the downsides of HTTP?
HTTP Sites Are Vulnerable
HTTPS, when implemented correctly, results in a secure website. Yes, I know it may seem a little repetitive but trust me… HTTPS is a big deal.
By maintaining a secure website, you can put your worries aside and quit worrying about potential data breaches or “Man in the Middle” Attacks. Not only will a secure site put your mind at ease, but also your visitors.
With this newfound visitor trust, you may also see an increase in website interactions.
Moving from HTTP to HTTPS Improves Rankings
It’s no secret that Google gives a ranking boost to https websites. They have even reinforced that it is a factor in their algorithm.
They play it off as a small factor. But here is the kicker, it’s about to become a HUGE ranking factor.
Every good SEO knows that after the implementation of Google Rankbrain user interactions have become one of the most significant ranking factors. Keeping user interactions in mind, a website that shows “SECURE (with a lock)” is sure to outperform any site that shows “NOT SECURE.”
By migrating to HTTPS and making sure everything is secure, users will help show Google that your site deserves a boost… and Google will listen.
HTTPS Increases Site Speed
Many people worry about moving from HTTP to HTTPS because they heard somewhere through the grapevines that site speed takes a hit in the process.
The rumor of site speed reduction couldn’t be further from the truth.
Don’t believe HTTPS can outperform HTTP? Here’s some proof on how HTTPS can be faster than HTTP.
Increase in Conversion After Switching to HTTPS
No website thrives when a visitor starts asking themselves, “Is my information compromised.” And no one should have to worry about that on the internet.
With HTTPS and an SSL in place, users feel safer and are less prone to question handing over their card information to make a purchase or an email for use remarketing.
Psychology is weird, but something that seems so little can make a big difference.
Consumer trust is everything on the web.
Making the Switch from HTTP to HTTPS (The Right Way)
Telling you that HTTPS Migration is easy would be wrong. There are many crucial steps in the process to ensure correct execution, but the payoff is worth it. Trust me.
Choosing the Right SSL Certificate
Being that the SSL is the source of encryption, it becomes the building block used as the foundation for HTTPS setup. Selecting the right SSL is vital. After all, choosing a deprecated SSL would leave things right where they were at the beginning.
When choosing an SSL for your websites HTTPS Migration, you have two options:
- Buy an SSL
- Get a Free SSL
As long as the SSL Certificate is not outdated or deprecated, the site will remain secure. A free SSL certificate can handle this task efficiently, but there are some benefits of paid SSL certificates that not many people know.
The main reasons why someone may choose a paid SSL over free SSL during their switch from HTTP to HTTPS is for the ability to have the company name in the URL bar or insurance covering data breaches caused by SSL failure.
Finally Changing from HTTP to HTTPS
The reason why so many people tend to fear the switch from HTTP to HTTPS is usually due to the worry of missing a step and seeing traffic drop as a result. Here are all the steps you should make sure to handle when migrating your website.
- Update Internal Links throughout the site Update References to Scripts, Images, and all resources to https
- Update Canonical Tags
- Hreflang tags
- Plugins/Modules/Add-ons Update to ensure nothing breaks
- Update any necessary CMS Specific Settings
- External Scripts need to support HTTPS
- Update Old Redirects
- Crawl the Site
- Update Sitemaps
- Update Robots.txt
- Enable HSTS
- Enable OCSP
- Update all Search Engine Webmaster Tools
- Update Social Accounts
- Monitor Analytics Closely
Common Problems Following HTTPS Migrations
The steps required to migrate a website to HTTPS successfully can be somewhat overwhelming. With stakes being high, it is crucial to approach the migration with a clear head and not to miss any of the prior steps to ensure your traffic follows with after the efforts. Here are some common problems that may follow suit upon improper HTTPS implementation.
Duplicate content can destroy a websites SEO. When Google sees two exact copies of a webpage, it needs clarification. Without any information provided on which one is preferred they sometimes decide not to show either.
Since Google treats HTTP and HTTPS as different URLs, it is critical to verify that your redirects are in place so that the HTTPS variant is what gets shown in Google.
Implementing Changes on the Live Site
HTTPS Migration takes a great deal of work and takes time to complete. If you decide to make the switch to HTTPS on your live site, you are a courageous person and tend to live on the dangerous side. There are better ways to approach migrations.
It’s best to migrate a website on a testing server to help ensure that no steps go missed in the process. Testing servers also make it easier to double check each action to make sure nothing has been lost before deployment, keeping your website healthy and traffic in check.
Don't Block Bots from crawling HTTPS
What many website owners don’t consider is that they may have prevented bots from crawling their HTTPS URLs when they were still on HTTP. That’s fine before the switch but DO NOT forget to fix that during the switch.
Check the robots.txt file and ensure that search bots like Googlebot are allowed to crawl your newly established web pages.
Crawl budget is something you want to keep your eyes out for when it comes to a website’s technical SEO. To make sure that website architecture is up to par avoid redirect chains when switching to HTTPS.
What does that mean?
It means if you had a page redirecting to an HTTP page before the switch you want to fix it to redirect to the HTTPS version now. Since the HTTP pages will be redirected to the HTTPS (if you implemented correctly), users will end up on the right page, but you could be wasting crawl budget and link juice.
For example, say you had “Page A” redirecting to “Page B” before the migration and now “Page B” is redirecting to its “Page C” variant. You’ll want to go back and fix “Page A” to redirect directly to “Page C.”
Loading HTTP Resources
In the HTTPS migration checklist, it’s important to load all resources, internal and external, like HTTPS. Any HTTP information transferring in or out of a website can be a security issue and can prompt the Google Chrome Update’s “Not Secure” message.
HTTPS Migration is Becoming Time Sensitive
With a deadline of July 2018 approaches, making the switch to HTTPS isn’t a race, it’s a sprint. The sooner you get started, the less likely for overlap into July after the update has hit, and the more significant chance to maintain complete customer trust.
It’s critical that none of the steps on the checklist slip through the cracks if maintaining traffic is vital for the website being migrated.
For those who are worried about proper or timely implementation, we offer SEO services and can handle your HTTPS migration ensuring a smooth and beneficial transition into the secure web world.
After all is said and done, and the migration completed, enjoy the increase in traffic and customer trust. Migration is hard work, and you’ve earned it.