Google’s next update about HTTPS is right around the corner. We take a look at it in detail and examine the changes that will come with it.
What exactly is HTTPS?
The HTTPS system (short for HyperText Transfer Protocol Secure) is used to transfer data on the internet, by using an encrypted system based on SSL/TSL. In other words, it uses encrypted protocols that ensure secure communications on the internet. The HTTPS protocol allows the delivery of data through a secure connection, granted by the SSL system. This way, personal information is protected and hidden away from other users on the internet.
This system warrants that all the communications made on the web are encrypted, so that if someone is able to enter that connection from a determined browser or website, they won’t be able to decode any of the user’s data.
HTTPS and SEO: Google’s first warning back in 2004
In 2014, Google announced that HTTPS encrypted system would be a new factor to include in our search engine optimization efforts. Besides their bragging about the fact that both Gmail and Drive already had this security protocol, Google decided that HTTPS would be positively recognized by their algorithms.
At first, security wasn’t considered as important as providing the web with great quality content, but it sure was a first warning for webmasters to start being aware and migrating their sites to Transport Layer Security (TLS). In fact, in Google’s blog about security and protection in the internet, a series of basic tips and best practices were provided, so people could start transitioning to HTTPS. Here we have selected some of the most important tips:
• Choose the type of certificate: single or multi domain.
• Use certificates with 2048-bit key length.
• Disallow robots.txt to avoid blocking the tracking of the HTTPS site.
• Use relative URLs for content on the same domain.
• Allow indexation of all the pages without using the meta tag “noindex”.
To demonstrate the importance of the HTTPS protocol on internet security, Google itself started using it in its own browser: Google Chrome. Three symbols were included in the address bar, depending on the degree of security of the website:
The impact of HTTPS on your website’s SEO
Google’s first warning was taken by the SEO community as evidence that future websites would have to adapt to security protocols. Although at first it wasn’t taken as a factor for a good positioning, transition to HTTPS was considered a to-do task in websites that didn’t have it yet.
Numbers provided by Google suggested that it wasn’t such a crucial factor for SEO (only around 0.5% of the total algorithm). Nevertheless, security has become more and more important over the years – not only concerning delicate information, such as bank data, but also any kind of private communication provided by the user.
At present, more than 50% of the results positioned in Google’s first page do have an HTTPS protocol. Besides, users appreciate that a website has a digital SSL certificate. It’s more than just a matter of prestige or protection against phishing – it’s already considered a must have for any site that aims to be shown in Google’s SERPs.
July 2018, deadline for all the websites without HTTPS in Chrome
From 2018 on, Google decided to go one step further in its own crusade for private data on the internet, and Chrome was the main battle field. It’s noticeable that websites with HTTPS have a privileged positioning in Google’s SERPs, but security is also present in Google’s browser.
It’s been a while since Google Chrome has included a warning sing in the address bar when visiting a site with a SSLE certificate. Right now, Chrome marks websites with HTTPS with green color, the message “Secure”, and a locker.
From July 2018, with Google’s next update (version 68), Chrome will start marking sites as “Not secure” in the address bar in case the website doesn’t have a HTTPS protocol:
Will this update have a negative impact on your SEO efforts? Not necessarily. But this change could affect the user’s behavior when browsing the internet. Besides the risk of increasing bound rates, the average time of a session could decrease if the site doesn’t have a security protocol.
The SEO impact of migrating to HTTPS
The decision of migrating a website to an HTTPs protocol could be considered as a simple technical process, but there are some aspects that should be arranged by a professional. If an HTTPS migration is not executed correctly, we risk developing errors that could lead to serious SEO penalties, and therefore losing several rankings in the SERPs.
Some of the actions to be done when migrating to HTTPS:
• Updating the sitemap and registering the new domain on Search Console.
• Adapting all the rel canonical tags.
• Ensure that every URL is responding with code 200 (correct and positive response), as opposed to codes 403 or 404.
• Analise and check every URL to ensure that there isn’t any duplicate content between pages with HTTP with encrypted HTTPS system
According to Google’s statements, migrations to HTTPS protocols will imply a better positioning in their search engine. But on the other hand, if the migration is not done correctly, it may lead to a lower ranking, for instance if there is duplicate content or if there are errors with the internal linking.
Therefore, a successful migration to HTTPS will mark the difference between a negative or a positive impact on your site’s SEO.
