Google is cracking down on unsecure websites, promising that a secure web is here to stay. Starting in July of 2018, Google Chrome began alerting users when a website does not have a secure connection — more specifically an HTTPS encryption through a SSL certificate (don’t worry, we will explain this soon).
For reference, Google Chrome is the most widely used browser according to StatCounter in June of 2018, accounting for 58.94% of market share across all browsers. The next closest browser was Safari at a whopping 13.74%, and that’s the default browser on the most popular smartphone brand in the world (hint: it rhymes with "Snapple").
You may ask, is this a big deal? Short answer — yes. Long answer — Google has identified two key reasons why having a secure website will be critical moving forward:
- Google will give your website a stamp of approval when it comes to trusting websites online.
- Your search rankings could suffer if you choose to ignore this warning.
What the heck is an SSL certificate?
An SSL or Secure Sockets Layer is a digital authentication for your website that has the ability to encrypt sensitive information that is sent to your server. Essentially, this certificate is a way to keep your visitors’ data private and secure when they are on your website.
When successfully purchased and installed on your server, your transfer protocol (the set of rules for transferring files online) will change from HTTP to HTTPs. This change is what Google is now looking for and what they will be alerting their users to when browsing the web.
Note to Reader: In order to tell if your website is secure, open it up in Chrome and look a the far left side of your domain name. It will either have a green lock icon with the word secure or it will have a small “i” and the phrase “not secure” before your domain name. The image below shows both examples.
In the past, SSL certificates were most commonly used for websites where users would store personal information like in a login portal or enter credit card information for ecommerce transactions. Google has made it clear that security is a priority, and sites across the web have to follow suit.
How is this affecting my organic search rankings?
While Google may never reveal what goes into their mythic search algorithm, there are specific characteristics and tactics that marketers have identified that can help improve search rankings. So, how does the SSL certificate update affect organic search rankings?
- SSL Certificates are a Google Ranking Signal
Website security is not a new priority for Google. Back in 2014, they announced that having HTTPS in front of your domain will be a ranking signal in organic search. While they recognize that this is a less important signal than high-quality content or website engagement, it will still factor into search ranking.
- Security Improves Website Engagement
Google has made it clear that website performance is another important ranking signal. Having a secure website will improve domain trust, which in turn can increase on-page engagements and even conversions. And on the other hand, an unsecure site could lead to less conversions. According to a GlobalSign study, up to 84% of users would abandon a purchase on an unsecure connection.
Here's what you can do.
Even though Google does not sell these certificates themselves, there are plenty of viable options for obtaining one. Generally, the first place you should look is with your current domain hosting company. They can cost anywhere from $50–$70 annually, but many hosting companies have free SSL certificates based on the type of monthly hosting plan for your website.
Once you have purchased an SSL certificate and you have a secure, HTTPS version of your website, be sure to “force HTTPS”, so users visiting your site will always load the pages over HTTPs, and update both Google Analytics and Webmaster Tools. In Google Analytics, be sure to change your domain in the property / view settings in the Admin Tab to HTTPS — this ensures you’re receiving the correct traffic to your newly secured website.
In Webmaster Tools, be sure to verify all four variants of your website (HTTP and HTTPS versions, along with www and non-www), to cover all your bases moving forward. Learn more about verifying your website from Google. Those domain variants include the following:
- https://yourdomain. com
- https://www.yourdomain. com
- http://yourdomain. com
- http://www.yourdomain. com
Google has drawn a line in the sand, and it’s our job to stay in step with them as we work together to build a safer online experience for all of our customers and visitors. Ultimately they want to provide searchers the safest possible experience, and a secure website is an essential first step.
Is it time to talk about your website security? We're happy to help. Contact us today.