It's rare that Google reveals any of its actual ranking factors, so it came as a big surprise when representatives announced they would reward sites using HTTPS encryption with a boost in search results.
HTTPS isn't like other ranking factors. Implementing it requires complexity, risks, and costs. Webmasters balance this out with benefits that include increased security, better referral data, and a possible boost in rankings.
Google's push for HTTPS adoption appears to be working. A recent Moz Poll found 24% of webmasters planning to make the switch.
SEO advantages of switching to HTTPS
In addition to the security offered by HTTPS (which we'll discuss below) there are additional SEO benefits for marketers to take advantage of.
1. More referrer data
Whenever traffic passes from a secure HTTPS site to a non-secure HTTP site, the referral data gets stripped away. This traffic shows up in your analytics report as 'Direct.' This is a problem because you don't know where the traffic actually comes from.
If you use HTTP, traffic from sites like Hacker News shows up as 'direct', because Hacker News uses HTTPS.
Fortunately, there's a simple solution: when traffic passes to an HTTPS site, the secure referral information is preserved. This holds true whether the original site uses HTTP or HTTPS.
As more and more sites make the switch, this becomes increasingly important.
2. HTTPS as a rankings boost
On one hand, Google has confirmed the ranking boost of HTTPS. On the other hand, with over 200 ranking, it's likely you'll find the effect of any ranking influence to remain quiet small.
In fact, a recent study by Search Metrics showed no detectable advantage to sites using HTTPS.
Like most ranking signals, it is very hard to isolate on its own
3. Security and privacy
Many people argue that HTTPS only provides an advantage if your site uses sensitive passwords. That's not exactly true. Even regular boring content websites can benefit from HTTPS / SSL encryption.
HTTPS adds security in several ways:
- HTTPS verifies that the website is the one the server it is supposed to be talking to,
- Because HTTPS prevents tampering by 3rd parties, it stops Man-in-the-middle attacks, making your site more secure for visitors.
- HTTPS encrypts all communication, including URLs, which protects things like browsing history and credit card numbers.
My advice is this: Make the switch to HTTPS if doing so is reasonable for your business. Security and trust add to the small ranking gains, making it worth the effort if you can.
Challenges to overcome with HTTPS
1. Mistakes happen
Moving your entire site to HTTPS requires many moving parts. It's easy to overlook important details.
- Did you block important URLs in robots.txt?
- Did you point your canonical tags at the wrong (HTTP) URL?
- Is your website causing browser bars to display warnings that frighten people away from your site? (Side note: That's the very first article I wrote for SEOmoz!)
While rare, these problems do happen. Moz has spoken privately with webmasters who have seen both rankings and conversions plummet after implementing HTTPS.
In most cases it's a simple fix, but beware the risk.
2. Speed issues
Because HTTPS requires extra communication "handshakes" between servers, it has the potential to slow down your website – especially on slower sites.
Add to this the fact that speed is itself a ranking factor, especially on mobile.
The good news is, if you follow best practices your site should be more than fast enough to handle HTTPS. New HTTPS friendly technologies like SPDY offer you the opportunity to speed up your website more than ever before.
3. Costs
Many webmasters pay between $100-200 a year for SSL certificates. That's a significant amount for small websites. It's also a barrier that most spammers won't bother with.
On the other hand, it's completely possible to switch to HTTPS for free.
4. Not everything is ready for HTTPS
Sometimes, things don't play well with HTTPS. Older web applications can have trouble with HTTPS URLs. (Fortunately, Moz updated Open Site Explorer just this year.)
If you run AdSense, you may see your earnings fall significantly, as Google will restrict your ads to those that are SSL-compliant.
Even Google's own Webmaster Tools doesn't yet support HTTPS migration. The world may be moving toward 100% SSL encryption, but in the meantime be prepared for growing pains.
Growing number of sites using HTTPS
Lots and lots of sites use HTTPS today, but most restrict usage to checkout and registration pages.
Very, very few sites use HTTPS sitewide.
According to the latest statistics from BuiltWith, only 4.2% of the top 10,000 websites redirect users to SSL/HTTPS by default. While that number appears small, the percentage drops to 1.9% for the top million sites.
This number is likely to increase in the very near future as more websites pursue adoption.
SEO and HTTPS best practices
This post talks about the SEO implications of switching to HTTPS. If you are looking for a technical guide, there are several we'd recommend:
What type of SSL certificate works best?
Companies offer a myriad and confusing array of SSL certificates. The two primary ones to pay attention to are:
- Standard Validation SSL – Standard level of validation. Typically cost between $0-$100.
- Extended Validation SSL – Offers the highest level of validation and often costs between $100-500.
From a rankings point of view, it makes absolutely no difference what type of certificate you use. For now.
John Mueller of Google has stated that Google doesn't care what kind of SSL certificate your website uses, but that may change in the future.
From both a security and user experience point of view, the type of certificate you choose can have an impact. Consider how different certificates alter how your website appears in the web browser address bar.
The green bar associated with extended certificates communicates trust, while the warning symbols associated with errors can cause worry with visitors.
No comments:
Post a Comment