In August 2014, Google confirmed that switching your site over to HTTPS will give you a subtle ranking boost – this makes perfect sense considering Google wants to ensure the best (and safest) possible experience for users.

We could just end this section here, because if Google says to do something (and confirms it helps increase your search presence), you should probably do it, right?

But let’s take a closer look at what HTTPS is, why Google prefers HTTPS, what SEO benefits does HTTPS present and importantly, how can you go about making the switch to HTTPS.

It’s also worth highlighting that there are some potential risks which come with shifting over to HTTPS too.

But let’s start with the basics.

What is HTTPS?

HTTP stands for Hypertext Transfer Protocol, a method for transferring and receiving information across the Internet.

HTTPS is the same, but the “S” stands for secure. In other words, everything is the same, except HTTPS offers an additional layer of security as it uses SSL to transfer the information.

SSL (or Secure Sockets Layer), is the key element in all of this. It’s what Google really cares about because this is how the information being sent and received is kept secure.

Why Google Prefers HTTPS

With the guaranteed security that HTTPS provides, it comes as no surprise that Google prefers HTTPS over HTTP, but what exactly does this entail for you and your website?

Essentially, when your browser sees a secure site, it uses the information from your SSL certificate to verify the site’s identity. This way, users can be confident that the website that they are viewing (and potentially even purchasing from), is safe.

What makes HTTPS Google’s preference is the fact that it uses this extra layer of security. It’s called the Transport Layer Security (TLS) Protocol which provides the following layers of protection:

Encryption: this is the process of converting the information or data that is being transmitted into a code, to prevent any unauthorised access.
Data Integrity: this prevents your data from being modified or corrupted during transmission without being detected.
Authentication: this ensures that users are transferring information to the right website.

We want to stress that this SEO increase is “very lightweight”, so don’t expect to see your rankings shoot up after switching to HTTPS!

That being said, let’s look at how HTTPS can help improve your SEO.

SEO Benefits of HTTPS

1. Increased Google Rankings – we’ll get this one out of the way as it’s pretty obvious and we’ve already mentioned this several times now. Shifting to HTTPS = a (subtle) increase in rankings.

2. Improved Security – this is another obvious reason why HTTPS is great for SEO, the improved security ensures all communication is encrypted, information cannot be corrupted by third parties etc.

3. Increased Conversions – an extension of point number two, if users feel safe on your website, they’re more likely to enter their sensitive information that is required to make a purchase or sign up to a newsletter.

Potential Risks of HTTPS

Below we’ve highlighted a few points to take a note of during and after the transition from HTTP to HTTPS.

1. Redirects – When shifting over to HTTPS, you need to make sure that all variants of your website redirect to the correct HTTPS version using a 301 redirect. This is something that we have already highlighted here.

2. Internal Linking – As with redirects, you may also need to go through the internal links on your website and ensure that they are pointing to the correct HTTPS version, this is especially important if your internal links are absolute.

3. Sitemaps – Ensure that you create a new (or update your existing sitemap) so that only the HTTPS pages are listed. Failing to do so will mean that Google may not crawl these versions of the web page.

4. Index Management – After you’ve made the switch, ensure that no HTTP pages are still indexed by Google. These will cause unnecessary duplication and waste your crawl budget too. A quick way to check this is to use the following site search: “site:yourdomain.com inurl:http://”. This is what you should see:

5. Don’t Let Your Certificate Expire – It’s all well and good that you’ve made your shift, but remember to renew your SSL certificate before it expires. Otherwise, when Google sends visitors to your site in the search results, they’ll get the following big full screen warning. Not the best look.

How to Switch From HTTP to HTTPS

It’s pretty clear that HTTPS is the way to go (despite the risks involved – which as you can see are pretty simple to solve), so let’s take a look at some of Google’s guidelines on switching over to HTTPS.

Here are some basic tips from Google:

Decide the kind of certificate you need: single (only covers one domain), multi-domain (covers multiple domains) , or wildcard certificate (covers one domain, and it’s sub-domains).
Use 2048-bit key certificates.
Use relative URLs for resources that reside on the same secure domain.
Use protocol relative URLs for all other domains.
Check out our Site move article for more guidelines on how to change your website’s address.
Don’t block your HTTPS site from crawling using robots.txt.
Allow indexing of your pages by search engines where possible. Avoid the noindex robots meta tag.

There are lots of great guides on how to buy/upload an SSL licence and switch to HTTPS, so we won’t add to the noise.

This is a great article from Smashing Magazine which details the entire process, but here’s a quick breakdown:

1. Provide your CSR (Certificate Signing Request) on your webserver.

2. Select the server software that was used to generate the CSR.

3. Select your preferred hash algorithm.

4. Select the period that you want your certificate to stay valid for.

Once you’ve made the switch, just remember to look out for the issues that we highlighted in the potential risks section.