For most of the year, the web has been buzzing about Google shifting to label sites that don’t use HTTPS as “not secure”. The problem is you can’t simply ask Chrome to disable the not secure warning for your website. The Chrome Not Secure warning will stay till you take action.
What Is HTTPS, Anyway?
HTTPS stands for Hyper Text Transfer Protocol Secure, it’s a variation of the popular HTTP used to transfer web pages across the internet. The difference is that HTTPS adds a layer of security by encrypting the data.
Why Should You Care About HTTPS?
Google has come out and said that sites that are secure will receive a nice little ranking boost!
Google cares deeply about security. They invest a lot in making sure their services, such as Gmail, Drive, and Search use industry leading security. In addition to their own products, they are working hard at helping the internet become a safer and more secure place. They have created resources that help webmasters fix and prevent certain security breaches on their sites, and now by announcing this ranking boost they hope everyone will move their sites over to HTTPS.
Since Chrome Version 62, users will see a Chrome NOT SECURE HTTPS warning when they enter text in a form on an HTTP page, and for all HTTP pages in Incognito mode.
If your website has ANY text input forms, such as site search boxes, newsletter subscriptions, login information or credit cards, then you NEED to secure your site.
But advantages aren’t strictly related to security.
Other benefits of HTTPS include:
- Preferred treatment in search engine rankings
- Increased conversion rates
- Potential for faster load times
- Increased viewer trust
However, in October, switching to HTTPS won’t simply be about benefits…
It will be about keeping up with your competition and avoiding a decline in rankings as others make the shift to HTTPS as well.
HTTPS and SEO Google
Does HTTPS improve SEO?
TopRank Blog sums up the situation well, saying,
“If your content is just as good as a competitor’s, but they have HTTPS and you don’t, they’re likely to rank higher on the results page. … If you’re trying to create SEO-optimized content that gets viewed and gets results, not having HTTPS on your site can hamstring your efforts from the start.”
How HTTPS Works
HTTPS uses a secret key to scramble the data going in and out of your website.
Without a key, figuring out what the data actually contains is next to impossible.
This means your visitors can send credit card numbers, addresses, and other sensitive information without worry.
The whole process is seamless for visitors and requires a one-time setup for site owners.
Site owners will need an SSL certificate to verify their identity.
These certificates are obtained from hosting providers or groups known as certificate authorities.
Some hosting providers offer free options while others charge.
Once the certificate is set up, using “HTTPS://” instead of “HTTP://” on any URLs leading to your site will check the certificate and enable encryption.
Visitors will then see a green padlock in their address bar to show the connection is secure.
In the early days of HTTPS, setting this up was complicated…
But today, you can often find a service to complete the changes or use a one-click installer to get up and running (and avoid Google’s red flags) in a matter of hours or days.
Still Not Sure If You Need HTTPS?
Already by the end of 2016, Mozilla showed that more than 50% of pages loaded in their browser used HTTPS.
If your site isn’t using HTTPS, it’s no longer a matter of not adopting a new feature early–you’re part of the minority of sites not using it.
It’s no longer a fancy feature for the tech-savvy, it’s the cornerstone of a professional web presence.
Consider how often you send bank account information, sensitive messages, images of your family or belongings and other personal information across the internet.
How often do you check your Facebook account, Twitter feed or email?
If the sites you’re using aren’t encrypted, each of these moments is an opportunity for people to steal your information as it travels to its destination.
As data breaches and malware continue to make headlines around the world, the public is becoming more security-conscious and aware of what they’re transmitting online.
This impacts who they do business with online as well.
Consider this data from SSL.com:
“… implementing SSL and displaying a secured seal on your site can boost conversion rates by up to 87%. More than 60% of respondents in a 2011 Actual Insights study said they abandoned a cart over lack of security.”
Depending on your hosting provider, you might also see faster load times with HTTPS.
According to Kissmetrics:
- A 1-second delay in page response can result in a 7% reduction in conversions.
- 47% of consumers expect a web page to load in 2 seconds or less.
- 40% of people abandon a website that takes more than 3 seconds to load.
And as competition continues to increase online, even a small advantage can make a big difference.
Better still, benefits don’t end at your site, Google has made it clear that they prefer HTTPS. They’ve even confirmed it’s part of their considerations when determining search engine rankings.
Before you make the decision to move your site over to HTTPS, consider the following:
Secure sites cost money,
- They have to be managed and kept up to date,
- Almost 100% of searches performed will bring up a non HTTPS site, but in those exceptional cases when two search results otherwise equal with respect to quality and content, the HTTPS site might see a slightly higher ranking than the non-HTTPS site.
Google has said that for now, it’s only a light ranking signal that affects fewer than 1% of global queries and it’s far less of a ranking signal in comparison to good quality unique content. Google wants to give webmasters time to switch over their sites, and over time they may decide to strengthen the signal.
If you have content on your site that people will access behind a login, or forms where people will be submitting sensitive material, well then it’s a no-brainer, you should have a secure site and now it may help boost your rankings.
If you have a small website and you are already having a hard time updating on a regular basis, getting your site secured isn’t really going to help much. Focus on other more highly weighted ranking signals like quality content, citations and optimized meta data before you run out and get a secure site.
Some tips to consider if you do make the switch
- Ensure you don’t block your HTTPS site from search engine crawlers in your Robots.txt file,
- Decide which type of security certificate is right for you: single, multi-domain, or wildcard,
- Use 2048-bit key certificates,
- Follow Google’s guidelines on how to move your site’s address.
HTTPS and SSL as a Core Part of the Future Web
As more devices connect to the Internet and more people turn to the Internet to make buying decisions, find products and services and interact with the world, security will continue to grow in importance.
This means site owners will need to remain ahead of the latest tools and techniques in securing their sites as well.
Although switching to HTTPS doesn’t take much time for the average website–and it’s easier than it once was–it’s still a technical process.
Business owners would be wise to contact their site developers or agency partners now and get ahead of the Google Chrome update.
Not only will they avoid the Chrome HTTPS Not Secure tag completely, but they can be at the front of the rush of HTTPS updates sure to hit as more sites realize how the update impacts their rankings, traffic, and sales.
P.S. Let’s play a little game (which might also help us rank better 😜). Try to say this 5x as fast as you can: “HTTP HTTPS SEO HTTP HTTPS Google SEO HTTPS Google HTTPS SEO HTTP SEO HTTP vs HTTPS”
We’re not sure if this will actually improve our ranking, but it’s worth a try!