There’s been a lot of chat in the past few years about SSL (Secure Sockets Layers) certificates, HTTPS and what they mean. We won’t dive into the technical details during this blog, because all you really need to know is that simple a ‘s; at the end of http simply means that any data and information you enter on a website is secure and safely shared using SSL technology.
Security on the web is a major consideration for users when their credit card or personal information is involved. HTTPS has been the next logical step in securing the web for a while, but now the penalties for not being on HTTPS are becoming much clearer.
With studies suggesting that 85% of people will not continue browsing if a site is not secure, if your site with payment transactions or personal information, you could be missing out on revenue if you don’t sort your HTTPS migration.
Why should I move my site to HTTPS?
Regardless of whether your site is on WordPress, Magento or Shopify, security is a fundamental concern for any web user, particularly when it comes to putting your personal information or credit card details into a website. As we’ve mentioned, trust signals on a site can make or break a user’s confidence. By moving to HTTPS, you not only give your site the opportunity to rank better organically, you instil more trust in your users to interact and convert on your site.
Chrome users will make up a large majority of your site’s users, based on the 60% market share the browser currently holds. By not implementing HTTPS, you run the risk of alienating a large majority of users and affecting your bottom line.
HTTPS & Chrome: Stats and Facts
- Chrome holds 60% of the browser market (source)
- 70% of current Chrome traffic is now protected. Are you part of the remaining 30%? (source)
- 81 of the top 100 sites are now HTTPS by default, which is proof this is becoming the ‘new default’ (source)
From July 2018, Google Chrome will begin to show non-HTTPS warnings much more prominently, whether your website deals with sensitive data or not. This warning will be shown in the URL bar, as the example screenshot below shows:
What will happen if I delay the move or can’t do it now?
Migration may seem like a daunting process, but the potential losses from users not trusting your site (particularly when these new warnings come into place), will be far more detrimental to you.
Which site would you trust?
- User Confidence and Security: Security is a major consideration for users, particularly those who purchase online. Prominent warnings telling a user the website they are visiting is not secure due to a lack of HTTPS will affect user engagement and conversion levels, even if other security measures are in place.
- HTTPs is a growing ranking factor: Google confirmed that HTTPS is a “lightweight ranking signal”. However, with security a major online concern, they have also indicated that they may strengthen it as a signal in future to encourage safety on the web. Not making this change may be holding your site back.
However, just because it’s important and deadlines are looming, by no means should this process be rushed. Any kind of migration needs a well thought out and carefully crafted plan to make sure performance stays stable.
I’m ready, let’s do an HTTPS migration
Although not an exhaustive list, here are some of the areas you need to pay attention to when undertaking an HTTPS migration:
- Use a staging site or test environment: Make sure you thoroughly test and plan out changes on a test server rather than your live environment. Doing the migration via a test server can highlight issues before launch.
- Install your security certificate: An SSL certificate is what provides you with HTTPS status. Make sure you install the certificate on your server ready for launch.
- Crawl your site: Check the site for broken pages. Use Screaming Frog to look for references to HTTP that are still accessible. Using the Screaming Frog Extractor Tool can also help you find links still pointing to http:// within content.
- Update all references: Any link or path that still references http:// should be updated. This may include:
- Navigation URLs
- Links in content
- Canonical tags
- HREFLANG tags
- Clean up historic redirects: Prior to launch, make sure you refresh and update historic redirects. Make sure any redirect paths now reference HTTPs. This is also a good time to remove old redirects and make sure redirects do not exceed more than one jump.
- Update all sitemaps: Sitemaps help Google understand the importance of pages and the structure of your site. Make sure any sitemaps are updated to reference HTTPS URLs.
- Update any other marketing activity: Make sure your AdWords activity/email links etc point to HTTPS.
- Setup HTTPS accounts: Make sure you setup and verify your HTTPS Search Console property and update any analytics references to ensure tracking is moved over correctly.
- Launch: Once you’ve done all the major checks, you’re ready to launch the migration on your live site. Make sure you re-crawl the site post-launch to identify any potential problems and closely monitor for any fluctuations or problems.
Although the task may seem intimidating, now is the time to make the switch before ‘not secure’ warnings start to harm your bottom line.
Is your site still on HTTP? Does it seem daunting to make the move?
Are you worried about the impact of moving to HTTPs?
Get in touch with Return’s Organic Performance team today. We’re experts in site migration and can help make the transition seamless.