This summer, Google will start penalising all websites without an SSL security certificate in the following ways:
- These websites will lose their rankings in Google’s search results – undermining any SEO efforts
- Google Chrome will display a warning to website visitors that the site they’re on isn’t secure.
Google rarely makes changes of this scale, and this update will undoubtedly have a big impact on user behaviour and on the SEO rankings of websites who do not upgrade their security before the deadline. Remember, Google has around 85% of the UK market!
Google has confirmed a date of “early July 2018” as when they’ll start punishing unsecure websites in this way. So, what can you do to ensure you don’t suffer the consequences of not having a secure website? Make your site secure of course! If SEO or PPC forms a chunk of your marketing strategy, or if you have an ecommerce site, then it’s important to act now.
Jargon Buster – What Is HTTPS?
While HTTP stands for Hypertext Transfer Protocol, HTTPS stands for Hypertext Transfer Protocol Secure. This simple ‘S’ provides your users with additional protection. These factors include;
- Encryption – this gives the user privacy through encrypting any data that is collected on your site, ensuring information won’t be stolen.
- Authentication – this will help prevent attacks and ensure that someone is using the correct website that they intended to use.
- Data Integrity – this will help prevent your data and your user’s data from being modified or corrupted during a transfer.
So why should you migrate to HTTPS? Well, aside from the reasons above, having a HTTPS website will add another layer of privacy and security that users want and need these days and that is integral to your business. Google is also prioritising HTTPS sites in search engine results also, something else to keep in mind if you’re looking to boost those rankings.
To enable HTTPS, you’ll need an SSL Certificate. SSL stands for “Secure Socket Layer”, which is used to encrypt data between the web browser and the server and provides an extra layer of protection between your customers and your website.
Migrating Your Website To HTTPS – Where To Start?
Use A Test Server To Begin
Using a test server is possibly the best way to actually plan out your move as it’ll let you test everything without breaking anything on the live site in real time. It is another layer to add before you get going but it’s worth it just to plan and test everything first.
Perform A Full Website Crawl Your Current Site and Make A List
This will show you the current state of your website and visualise the structure.
Make A List Of Potential Hazards
Consider that everything could go wrong and make a list of all the things that could possibly break on your site when performing the migration. For example, pay particular attention to payment gateways, downloads, external scripts etc.
Get Your Security Certificate
To enable HTTPS, you’ll need to get and configure the required SSL certificates on your server. Do your research on a trusted provider and choose the right level of security. Google recommends that you choose one with a 2048-bit key.
Perform The Necessary Updates
You’ll want to make sure you update the following to ensure everything runs smoothly. If you’re lucky, your CMS system will system will take care of some of these but it’s best to run your own quality checks and updates just for peace of mind.
- References In Templates
- Canonical Tags
- Hreflang Tags
Recrawl And Perform A Manual Spot Check Of The HTTPS Site
This will be a check to make sure nothing has broken along the way or to check for any missing links.
Update ALL Redirects, New And Old
This includes redirect chains. Ensure that your implement permanent 301 redirects on a page by page basis. Every HTTP page should be redirected to the HTTPS version. A reason that most people see their rankings fall when migrating to a HTTPS is that they’re not thorough enough with their redirects and redirect chains. Crawl your old URLs for any broken links, redirects or redirect chains.
Update Sitemaps And Robots.txt File
The sitemaps will need to be updated to ensure it’s using the HTTPS versions of the URLs and the robots.txt follows to include your new sitemaps.
Add The HTTPS Version Of Your Site To Search Console
Set up the HTTPS site as a new property in your Webmaster Tools account and submit the new sitemaps accordingly. Once this has been set up, follow it closely to see if it flags up any issues such as sitemaps errors, crawl errors and security issues.
Update Everything Else With The New HTTPS URLs
You’ll want to be thorough with this and find all your external links back to your site to ensure they are pointing to the correct HTTPS version of the site. This will include;
- Google Analytics
- PPC Campaigns
- Email Marketing Campaigns
- Keyword Tracking Tools (e.g. Moz)
- Heatmaps Tracking Tools (e.g. HotJar)
Trust us, you want to be super in-depth with testing and checking and rechecking to ensure the migration has run smoothly.
The After Effects
Be prepared… you may still suffer a short term drop in rankings as Google to catches up to all of your changes. Don’t panic, this can take up to a few weeks to totally balance out. If you’re still seeing ranking and indexing drops after a few weeks go back and through the above steps to ensure they were completed properly.
It’s clear that you need to be making the switch sooner rather than later. If you feel you need further help or assistance in rolling the process out, then please do get in touch with us. Similarly, do let us know how your own website migration experience was! What challenges did you face?