Google might be the catalyst to consider change. They announced that they would begin using HTTPS as a ranking signal. What’s HTTPS and why does it matter?
HTTPS (Hyper Text Transfer Protocol Secure) is the secure version of the protocol over which data is sent between your browser and any website that you’re visiting online. It’s also known as HTTP over TLS (Transport Layer Security). The ‘S’ at the end of HTTPS stands for ‘Secure’. It means all communications between your browser and the website are encrypted—and therefore secure.
Why HTTPS now?
Security is a top priority for Google. And it should be for you too. Because if Google gives secure sites a slight boost for page rank, who doesn’t need that?
For now, Google attributes a very lightweight signal to websites that have enabled HTTPS. This only affects less than 1% of global queries. While this SEO enhancement is attractive, it’s important to remember that it constitutes far less weight than other SEO signals such as high-quality content. Simply implementing security enhancements like HTTPS will never replace consistent publishing and distribution of great content for improving page rank. However, Google is still encouraging website managers to switch to HTTPS to keep website visitors—and their data—safe.
How to enable SSL on your site
To secure your website with HTTPS, you have to acquire and set up an SSL certificate.
SSL stands for Secure Socket Layer. As the protocol that encrypts website data, SSL ensures your customers that the website that they’re visiting is actually is the one that they want—not an imposter pretending to be your site. Data transmitted via SSL is encrypted to ensure that it can’t be intercepted by a third party. The result is that hackers or deadbeats can’t get their hands on your digital stuff—or your customer data.
Unfortunately, the process of integrating SSL can be confusing—especially if you’re technically challenged. That’s because most web hosting services require you to purchase, configure and integrate a 3rd party SSL certificate. It’s not that expensive, but it can be time consuming and requires some nerdy, back-end hosting knowledge.
The best web hosting professional services, like WPEngine, have a 3rd party SSL configuration tools available for site managers. These easy-to-use tools make purchasing a SSL certificate from qualified resources, like RapidSSL, easy and painless. There are plenty of other SSL certificate providers including VeriSign, GeoTrust, Digicert and more.
A tier-one, professional hosting service should also provide the ability to easily upload your SSL certificate/s files, and install them into your domains. You should also be able to track the process throughout the switch from HTTP to HTTPS with an on demand view of the progress.
Security success guidelines.
To help you get started on your path to a more secure site, there are few important guidelines to follow for SSL purchase and integration including:
- Decide which type of SSL certificate you need: single, multi-domain, or wildcard certificate
- Use 2048-bit key certificates
- Use relative URLs for resources that reside on the same secure domain
- Use protocol relative URLs for all other domains
- Don’t block your HTTPS site from crawling using robots.txt
- Allow indexing of your pages by search engines where possible
- Avoid the no index robots meta tag
Where to from here?
All of this might sound a bit nerdy but guess what? If you want a secure and credible domain that fosters confidence with your visitors and customers, it’s time to seriously consider HTTPS. More importantly, you want to ensure that your website doesn’t get left behind. Or worse, get hacked with compromised data because you were negligent in deploying a proven and robust security protocol.
As we all increase our dependence on our websites—especially for Content Marketing—it’s time to give your site visitors confidence in your domain by securing the data that your customers are sharing with you.
Have you secured your site with HTTPS? How did it go?
Looking forward to hearing from you!