On August, 17th 2017 webmasters and website owners around the world received an email from Google Search Console explaining that a “NOT SECURE” message will appear in Chrome v.62 when viewing pages that contain a form on websites that do not use HTTPS. This is a strategic move from Google in order to make a safer web.
What is HTTPS?
HTTPS, or “secure HTTP”, was developed to allow authorization and secured transactions. Exchanging confidential information needs to be secured in order to prevent unauthorized access, and https makes this happen. In many ways, https is identical to HTTP because it follows the same basic protocols. However, https offers an extra layer of security because it uses SSL to move data.
Does the NOT SECURE Alert Hurt My Organic Rankings?
With the new Chrome update releasing next month, many users who see this message may leave your site because they feel that it is not safe. This could hurt your traffic, indirectly hurting your search engine organic rankings as well as your bottom line.
Recently it was proven that Google is now using HTTPS as a ranking signal. It is pretty clear from data analysis that HTTPS sites have a ranking advantage over HTTP-URLs so this switch will now benefit all companies, confidential information or not. Additionally, Google does claim that websites which use HTTPS will have a small ranking benefit because of these security aspects.
According to Search Engine Land, Google said that based on their initial tests the HTTPS signal showed “positive results” in terms of relevancy and ranking in Google’s search results. That same article predicted that this may change eventually, and Google may decide to strengthen the signal or give more ranking benefit to HTTPS sites because they want to keep online users secure.
How do I Make My Site Secure with HTTPS?
The process to integrate HTTPS to your website:
- Update site content to request https resources
- Update internal links
- Make sure canonicals are HTTPS
- Update Advertising URLs
- Change all Ad calls to HTTPS
- Update any internal tools, such as Optimizely or CrazyEgg, to work with HTTPS
- Update legacy redirects to eliminate chained redirects
- Update OpenGraph, Schema, Semantic markup etc. to point to HTTPS
- Update social sharing buttons to preserve share counts
- If CDN is used, verify that they will be able to properly serve the https domain version of the site and handle the SSL
- Update Robots.txt, XML Sitemaps, Search Console and Analytics
- Redirect HTTP to HTTPS (Remove existing redirect from HTTPS to HTTP)
- Make sure all www and non www are redirected correctly
- Upload new robots.txt, sitemap, and disavow to new Google Search Console
- Copy any existing disavow file and upload it to the new HTTPS property in Search Console
- an your site for non-secure content
As you can see the process for switching a site to HTTPS is very technical, time-consuming, and if not executed perfectly, can hurt your existing search engine rankings. If you are interested in Search Engine Optimization / SEO consulting or migrating your website to HTTPS please give us a call at 401-828-6611 or visit our site https://www.braveriver.com/contact-us/
My Website is HTTPS but it still says Not Secure!
Here is a great website to see why your secured HTTPS website may not be so secure: https://www.whynopadlock.com/