So you want your website to be found in search. You’ve heard all the buzz around SEO and HTTPS. And now you’re wondering, “how do I make my website HTTPS?” – keep reading.
Let’s start by with the basics and get into the HTTPS migration checklist.
What is HTTPS?
Hypertext Transfer Protocol, or HTTP, is that string of letters at the beginning of a web address in your search bar. But more than that, HTTP is the application protocol that exists as the foundation for the World Wide Web.
HTTPS is the secure protocol channel for communication on the World Wide Web. It’s more than just S at the end of HTTP. A site with HTTPS provides security for users to give you information such as credit card numbers or personal information. HTTPS keeps data safe from point to point between a site and its users.
A site using HTTPS will feature a green lock icon in the browser; if you see a lock icon with a red X over it or a warning sign, it means that there are elements on that site that are not secure.
Why is HTTPS important?
Internet users expect a secure environment when they visit a website. Seeing HTTPS in the browser bar helps with visual confirmation of that expectation. And it’s important to Google, too. Google’s algorithm is composed of hundreds of signals, one of which is HTTPS. When Google first added HTTPS to its list of signals, it was of minor importance. But as security concerns have continued to grow, HTTPS has increased in importance for SEO. Now, nearly one-third of results returned on page one are HTTPS sites. Yes, according to Google, HTTPS is a pretty big deal.
On the security side, HTTPS verifies that your website is on the server it’s supposed to be connecting to. HTTPS tells your user that they have accessed a secure site, which is particularly valuable in certain industries. It also protects your login page for WordPress, though if you’re still sending your username and password in plain text, you’re asking for trouble. (You should be using a strong password, too, which we talk about here. If your password is weak, it’s easy to hack.)
Do I need HTTPS for my website?
In a word – yes. You want to provide your visitors with a site they can trust, particularly if you’ll be receiving personal data from them. And if you want to improve your site rank on Google, HTTPS is a strong signal that you take security seriously. And I think HTTPS will grow in value as a ranking signal as security becomes increasingly important to the online community.
When should I make my website HTTPS?
If you’re ready to get serious about your website and its power as a marketing tool, moving to HTTPS is a good start. It signals to your visitors (and to Google) that your site is secure. In fact, the rate of HTTPS adoption doubled in 2016, which reinforces just how important it has become.
Some good opportunities to move your website to HTTPS include:
- Launching a new website
- Redesigning an existing site
- Adding a content section (such as a blog or FAQs)
What’s the risk of migrating?
Moving to HTTPS is not as simple as flipping a switch, so you have to carefully weigh the amount of time, effort, and expense involved. Moving to HTTPS is a process and it will take all three of these things to do it properly. If you are concerned that moving to HTTPS will noticeably slow your website down, you are using the wrong web host provider. Good web hosts provide you with excellent performance in terms of uptime and site speed.
How do I make my website HTTPS?
Once you’ve made the move, there is more to do with regard to SEO before you can consider the HTTPS migration complete. To make this process easier, we’ve developed an HTTPS Migration Checklist to cover the basics:
HTTPS Migration Checklist
- Get and install your SSL certificate. This will likely require an IP address change, so make sure you update your DNS.
- Rewrite / Update internal links. If your site is on a CMS like WordPress, this is a relatively simple SQL script to update the URLs in the database. If you need help with this, contact me.
- Verify both HTTP and HTTPS websites in Google Search Console. Do this for Bing Webmaster Tools too! Set your preferred domain to the HTTPS version.
- Use 301 redirects to point all HTTP URLs to the new HTTPS URL structure. A few lines and a regular expression in your .htaccess file and this is ready to fly. This should be a 301 redirect to signify that this content has moved permanently. Do not use a 302 or 305 redirect in this scenario. Preserve your link equity for SEO.
- Update your analytics tracking code and property settings in Google Analytics.
- Make sure your XML sitemaps get updated with HTTPS links and resubmit those to Google and Bing. Also, update your robots.txt file with the HTTPS sitemap path. Here’s an example snippet for your robots.txt file:
- If you are using canonical tags, make sure they are pointing to the HTTPS version of your URLs.
- Monitor your site for 404 Errors (Page Not Found) after you make the switch, to quickly catch any straggling URLs that might have been outside of view.
- Update external URLs to point to your HTTPS site (i.e. Facebook Page, Google My Business, social profiles, etc.)
- Test your SSL with the free SSL Server Test. Here’s an example result from our website:
Need help moving your website to HTTPS?
Moving to HTTPS will help to improve your performance in search engines, and that’s a big win for your biggest marketing asset. But making the move can be more than you bargained for, which is where Lieberman Technologies can help. We have the tools and expertise to help your site become a more secure version of itself. Our secure hosting package includes an IP address, SSL, and SSL maintenance – all the elements to move your site to HTTPS – for one monthly fee. We can also help make your move to HTTPS relatively painless. Contact me to get help with your HTTPS migration.