Securing Websites with HTTPS & Google SEO

News » Industry News » Securing Websites with HTTPS & Google SEO

In the simplest terms, HTTP Secure (HTTPS) is a way to prevent “eavesdropping” of the activity between your computer and a website or a remote service.  The Chrome web browser marks websites without HTTPS as insecure effective July, 2018.

It is one of the most common approaches to ensuring that the credit card that you type, the social security information that you enter, or any other form of private data that you input into a website page can’t be read by someone “listening on the wire.” Traffic sent over HTTPS can be anything from pure app data to web pages and emails.

SSL Certificates – Trust & Expirations
Without getting into too many technical details, SSL certificates are issued by authorities or authorized organizations that are “trusted” to issue them (a certificate authority or a CA). Instances abound where that trust has been compromised and either via browser or revocation, certificates issued by authorities have been deemed insecure which can enable man-in-the-middle attacks. SSL certificates have expiration dates (typically up to two years from issuance) and in fact if not renewed, can cause connection problems with websites, email, and other services. All major modern browsers support HTTPS and display trust or invalid certificate warnings when trying to access traffic over HTTPS when an invalid or expired certificate is present. Expired or revoked certificates should not be taken lightly be webmasters and hosting companies alike!

Browser Support
You should be used to seeing a discrete lock in or near the address bar of browser, regardless of the device that you’re using to access the Internet. According to Google, in 2018 over 80% of the top 100 websites on the Internet serve traffic over HTTPS.  There are very few outlier cases today where HTTPS would be detrimental addition to a website. Historical concerns about HTTPS as it relates to both browser and server performance have largely shown that today these often negligible impacts are outweighed by the benefits of HTTPS.

HTTPS and Google Search Engine Ranking
This is why most of you are here! As the big elephant in the room, what Google says, goes. In August of 2014 Google launched an “HTTPS everywhere” initiative and followed that up by noting that HTTPS was being used as a ranking signal. While “a very lightweight” signal in Google’s very own words, even for the sake of squeezing out just a bit more Google juice in search results, that’s just another reason to adopt HTTPS across the Internet. In 2018 Google announced that an update to its marketing-leading browser, Chrome would start to mark sites not secured by HTTPS as insecure. Their Google Webmaster Central Blog post even goes on to allude to giving HTTPS even more importance so that as many websites as possible are “encouraged” to stop using plain HTTP.

Website Owners – What This Means!
Visitors look for it; search engines prefer it. That should tell you enough!  In conjunction with best practices today, our St. Louis web design team implements HTTPS on all new websites development and eventually we’ll strongly recommend each legacy website customer to make the switch. There are certainly quite a number of behind-the-scenes points to address but we take care of those for you:

  • Issuing the SSL (including domain aliases and www as well as non-www versions of your domain)
  • Keeping it renewed
  • Properly updating your database, including serialized values, and website paths to reflect the HTTPS URL of your website
  • Updating your Google Webmaster Tools and Google Analytics URLs to use the HTTPS protocol
  • Checking to ensure that bots can index HTTPS on y our website
  • Removing support for depreciated SSL and TLS versions

Regardless of how it comes across, Google has a point. Securing the web can reduce the chance that your data is intercepted en route.

Ready to get it done?  Ask us how we can do this for you!

IQComputing on