For over two years now (Aug 2014), Google has been saying that they would be including the use of a HTTPS connection (a secure website connection using SSL) in its ranking factors.
As of recently, Google has started rolling out a new version of Chrome which brands your website as “secure.” As time goes on, they have committed to pushing website owners toward being secure, much like they pushed toward being mobile responsive in years past. We can only imagine this will come though the management of ranking rewards and penalties.
There’s been a new change to the way secure sites appear in Google’s Chrome browser. Up until recently, your address bar used to look like this:
Source: http://www.ghacks.net/2012/09/09/google-chrome-control-website-permissions-from-the-address-bar/
Now, when browsing on a secure site, you’ll see a padlock and the word ‘Secure’ next to the URL:
Starting on January 31, 2017 non-HTTPS sites will be marked with a big red “Not Secure” in the address bar. So while the SSL certificate itself hasn’t changed, the presence of not having one will certainly be more apparent.
Also going into effect on January 31, any page without an SSL certificate that has a credit card field will also be blatantly called out in the Chrome browser.
Source: https://blog.trustedsite.com/2017/01/24/googles-new-ssl-changes-mean-website/
And soon (no word on a firm date yet), Google will take the HTTP security indicator even further:
Source: https://security.googleblog.com/2016/09/moving-towards-more-secure-web.html
Over 50% of desktop browsing is on Chrome, so these are important changes that marketers and eCommerce businesses need to be aware of.
Why is Google Making this Change?
Google is pushing hard on HTTPS everywhere to make the internet safer. Not only is it a ranking signal, having a secure site tells visitors their connection is safe. Now that Google is making SSL certification more transparent, even visitors who weren’t concerned with site security now have the visual reminder when they’re browsing or purchasing on HTTP sites. If you don’t have a secure site, your online conversion rates could suffer.
Wait! Before You Obtain an SSL Certificate…YOU MUST READ THIS!
Many marketers who utilize an eCommerce platform think they don’t need an SSL certificate because the platform’s domain is secure. With the new changes coming to Chrome, users will still see the “Not Secure” field if you don’t have an SSL certificate on all your pages.
There are many resources out there that offer one-step methods to obtain an SSL certificate but before you make the change, there are a number of factors to consider in order to ensure it’s done right. Moving your website from HTTP to HTTPS is a lot like migrating to a new domain or URL structure. There are SEO aspects that need to be executed properly:
- Purchase the right certificate. There are different variations for single and multi-domain. Ensure the one you purchase is the most suitable for your website(s).
- Update links. This includes:
- Navigation
- Internal links
- External links
- Image URLs
- Google Analytics profile
- Ad links
- Social media posts
- Optimize server. The server .htaccess file should force https, but you’ll also need to configure the server in order to avoid increasing your page speed. This often happens when upgrading to a secure site.
- Timing. Your SEO and web development companies need to be available to update any links when you switch.
Your Rankings Could Be at Risk
While these changes to Chrome are just around the corner, migrating your site to HTTPS should not be a spontaneous effort. If you don’t factor in these considerations and make the necessary adjustments, your rank could suffer if broken links are crawled. The best way to ensure you’re installing an SSL certificate properly throughout your site and maintaining your rank is to consult with an SEO expert.
