With the recent news that Google will be sending out warning emails to those with forms on their HTTP sites, it seems that Google is very, very serious when it comes to securing your site for the safety of its users. If you have an HTTP site with forms, login fields etc, then Google and Chrome will flag them as ‘Not Secure’ – not great for a myriad of reasons. So, what can you do to ensure you don’t get hit with the ‘Not Secure’ message? Make your site secure of course! It’s honestly easier than it sounds… just follow our handy, stress-free guide! So first up…
While HTTP stands for Hypertext Transfer Protocol, HTTPS stands for Hypertext Transfer Protocol Secure. This simple ‘S’ provides your users with additional protection. These factors include;
So why should you migrate to HTTPS? Well, aside from the reasons above, having a HTTPS website will add another layer of privacy and security that users want and need these days and that is integral to your business. Google is also prioritising HTTPS sites in search engine results also, something else to keep in mind if you’re looking to boost those rankings.
Using a test server is possibly the best way to actually plan out your move as it’ll let you test everything without breaking anything on the live site in real time. It is another layer to add before you get going but it’s worth it just to plan and test everything first.
This will show you the current state of your website and visualise the structure.
Consider that everything could go wrong and make a list of all the things that could possibly break on your site when performing the migration. For example, pay particular attention to payment gateways, downloads, external scripts etc.
To enable HTTPS, you’ll need to get and configure the required SSL certificates on your server. Do your research on a trusted provider and choose the right level of security. Google recommends that you choose one with a 2048-bit key.
You’ll want to make sure you update the following to ensure everything runs smoothly. If you’re lucky, your CMS system will system will take care of some of these but it’s best to run your own quality checks and updates just for peace of mind.
This will be a check to make sure nothing has broken along the way or to check for any missing links.
This includes redirect chains. Ensure that your implement permanent 301 redirects on a page by page basis. Every HTTP page should be redirected to the HTTPS version. A reason that most people see their rankings fall when migrating to a HTTPS is that they’re not thorough enough with their redirects and redirect chains. Crawl your old URLs for any broken links, redirects or redirect chains.
The sitemaps will need to be updated to ensure it’s using the HTTPS versions of the URLs and the robots.txt follows to include your new sitemaps.
Set up the HTTPS site as a new property in your Webmaster Tools account and submit the new sitemaps accordingly. Once this has been set up, follow it closely to see if it flags up any issues such as sitemaps errors, crawl errors and security issues.
You’ll want to be thorough with this and find all your external links back to your site to ensure they are pointing to the correct HTTPS version of the site. This will include;
Trust us, you want to be super in-depth with testing and checking and rechecking to ensure the migration has run smoothly.
Be prepared… you may still suffer a short term drop in rankings as Google to catches up to all of your changes. Don’t panic, this can take up to a few weeks to totally balance out. If you’re still seeing ranking and indexing drops after a few weeks go back and through the above steps to ensure they were completed properly.
It’s clear that you need to be making the switch sooner rather than later. If you feel you need further help or assistance in rolling the process out, then please do get in touch with us. Similarly, do let us know how your own website migration experience was! What challenges did you face?
We’ll help you determine the most effective digital marketing plan for your business.