Over the past year, there’s been plenty of chatter in the SEO industry about securing your website with HTTPS and its impact on search. While there’s still some debate over whether it’s worth the time and effort to transition an existing site to HTTPS for the sole purpose of SEO, most would agree that it’s best practice for all new sites to consider implementing HTTPS before launch. After all, Google’s already made it very clear that HTTPS is indeed a real ranking factor.
Before we dive further into how to properly set up your HTTPS site for SEO, here’s some background to help you get started.
What is HTTPS?
HTTPS (Hyper Text Transfer Protocol Secure) is a protocol that works to ensure secure data communication across the web. In other words, HTTPS ensures that all communications and information transferring between browsers and websites are encrypted and protected from hackers or “middle men.”
Why does HTTPS matter for search?
Not only is HTTPS an official Google ranking signal, but reports have shown that about half of page 1 search results now serve HTTPS pages – a statistic that will likely continue to trend upward over the next few years. And if that’s not enough, there’s no question that HTTPS is an important user trust signal as well.
Capitalizing on the SEO benefits of HTTPS
Now that you have a better idea of what HTTPS is and why it’s important for SEO, let’s take a closer look at how to properly implement it with SEO in mind. In order to create an ideal HTTPS setup for organic search, we recommend prioritizing the following items.
Choosing an SSL certificate
First and foremost, make sure you work closely with your host provider and choose an SSL certificate that best matches the unique needs of your website. The three most popular types of SSL certificates include:
- Extended Validation (EV) – This SSL type is popular among larger websites like Twitter, Amazon, banks, ecommerce sites, etc. where protecting user data and personal information is a vital function.
- Organization Validation (OV) – Also a popular choice in the ecommerce world, the OV SSL certificate can usually be issued within 24 hours and verifies that your site is a registered government entity.
- Domain Validation (DV) – Of the three SSL types mentioned here, this one offers the lowest level of encryption and is commonly used with internal sites, testing sites and non-ecommerce sites that aren’t focused on collecting personal user information.
While these three options have their differences, all three are designed to protect and build user trust.
301 Redirect non-HTTPS pages to HTTPS counterparts
If you’re transitioning an old site over to HTTPS, then this will be one of the most important steps in the transition process. Improper redirects are often the most common and most problematic SEO issues that arise during an HTTP to HTTPS transition. Crawl, recrawl and crawl again to ensure the redirect paths of all pages and subpages are working correctly.
More importantly, redirecting non-HTTPS pages will help consolidate page authority and prevent duplicate content issues down the road.
Ensure all internal links point to HTTPS pages
Unless you’ve been linking to other pages on your site using relative URLs, chances are you’ll have to manually update internal links that are directing juice toward non-HTTPS pages. Once you address the step above, these outdated links should eventually lead to redirects, however, it’s still best practice to update any lingering links that point to non-HTTPS pages internally.
Mixed content
Ideally, all instances of insecure content (images, stylesheets, scripts, etc.) should be updated using the secure protocol. Otherwise, your site will be telling browsers that mixed content (HTTP and HTTPS content) is being displayed. This weakens the security of the entire site and warns users that the site is not fully secure.
If you’ve already switched to HTTPS and noticed that you’re missing the green SSL padlock, mixed content is probably your issue.
While switching to HTTPS isn’t going to automatically boost your pages to the top of page 1, Google’s treatment of HTTPS vs. HTTP URLs is more than a short-term algorithm test.
Focusing on the items outlined above will help lead you down the right path toward an SEO-friendly HTTPS set up, but remember, every case is different. Follow your instincts and prioritize as needed. For more information on securing your site with HTTPS, refer to Google’s provided guidelines.