What you need to know about SSL, site security, and SEO

From enhanced security to a boost in search rankings, installing an SSL certificate certainly has its benefits and it's considered one of the most important SEO basics, but I wouldn't say that it's a no-brainer just yet.

While we are already seeing the internet move to a more secure landscape, the number of HTTPS websites rising, and HubSpot has introduced a free standard SSL certificate with every site on their website platform, there are still very few websites using it compared to those that aren't. 

Moz published an article about the SEO effects of installing an SSL certificate which included this screenshot from BuiltWith that showed the current trend of HTTPS websites. 

In September of 2014, 4.2% of the top 10,000 websites and only 1.9% of the top 1 million websites used HTTPS by default.

Fast forward a year later to September of 2015 and you can see that those numbers have increased to 6% of the top 10,000 websites and 2.8% of the top 1 million websites.

That's not a shocking change, but it should be significant enough to catch your attention.

The SEO Implications of SSL

Last year Google announced some new changes in their algorithm and one of those changes that stood out was the addition of HTTPS as a ranking factor.

For those of you not familiar with it, HTTPS is an acronym for "hypertext transfer protocol secure" -- in other words, a secure version of HTTP.

Whenever you see a website's URL that starts with HTTPS, it means the website is secured by an SSL encryption and that it's a safe to transfer sensitive information (such as your credit card number, bank information, etc.) on the website. 

SSL is an acronym for "secure sockets layer," the security technology that encrypts the link between servers and browsers.

By installing an SSL certificate on your website, you show visitors that your website is verified and that data sent across the site uses a secure connection that prevents hackers from intercepting it.

Note: This is why you should never enter your credit card information on a website that doesn't have HTTPS.

Up until this point, there has never been a need for websites that don't exchange sensitive information (such as blogs and business websites where there is no transaction on the website) to install an SSL certificate.

Typically, you would only see this with online stores, banks, and other websites where sensitive data is transferred, but now that Google has officially listed SSL as a ranking factor, more webmasters are interested in securing their websites.

Before you decide if this is the right move for you, let's take a look at the realistic SEO implications as well as the overall advantages and disadvantages.

The Advantages of Installing an SSL Certificate

1. HTTPS Boosts Search Rankings 

Installing an SSL certificate does provide a boost in search rankings. Granted, there are over 200 ranking factors in Google's algorithms, but with the rise in eCommerce and the integration of many secure sites with social media, email, etc. we expect this to change in the near future. 

2. Improved Referrer Data

Whenever traffic from a HTTPS site is directed or referred to a HTTP website, the referral data is lost and the traffic is classified as "direct traffic." This problem, however, is eliminated when your website is HTTPS. Having this issue resolved, helps give marketers a better grasp on the state of their referral traffic as well as their analytics overall. 

3. Enhanced Security

SSL stops man-in-the-middle attacks, encrypts all communication on your website, verifies the server it's supposed to be talking to, and it makes your website more trustworthy to its visitors in general.

For both B2C and B2B organizations, offering this kind of enhanced security, helps give your target audience peace of mind and build trust. It helps makes them feel more comfortable making purchases and also sharing their contact information with you.  

The Disadvantages of Installing an SSL Certificate

1. HTTPS Slows Your Site

Since HTTPS requires extra communication between your website and the server, it can actually slow your website down a bit.

This is only going to be a noticeable issue for websites that are already slower to begin with, but considering that site speed is a ranking factor as well, it is something to take into consideration. 

2. Integration Issues

Not everything is compatible with HTTPS websites, in fact, Google's Change of Address Tool doesn't support HTTPS migration yet.

3. Cost

In most cases you are looking at spending $100 to $200 to get an SSL certificate installed, but you will find one available for $9 per year from Namecheap. If you want your web host to install the certificate for you, they may charge you around $100, but as I mentioned earlier, HubSpot does this for free with websites hosted on their website platform.  There is also one known way to do it for free, but this can be a tremendous hassle. 

So, is it worth it?

If you're just managing a small blog and looking for a way to get more organic traffic, the monetary investment in SSL may not be worth it at this time. 

However, if you are in eCommerce, are a major blog, or you regularly require the collection of contact information, I'd say it's worth the consideration. You'll notice that a lot of business encrypt a specifc page, such as the checkout page, but I think you might as well encrypt site-wide if you're going to do it at all. The boost in rankings is a bonus, but the added security is great for instilling trust in your website visitors.

What You Need To Do

The process will depend on the type of certificate you buy and how your website is hosted, but installing an SSL certificate isn't a one-click task.

First you need to select an SSL certificate. GeoTrust,  Globalsign, DigiCert, and Namecheap, are all reputable companies with strong customer support to guide you through the process.

As far as the actual process goes, you will want to follow the specific instructions for the certificate you buy. Click the links below to get an idea of what you're in for:

• DigiCert SSL certificate installation and tutorials
• Namecheap SSL certificate installation instructions

When you' see the green padlock by your URL in your web browser, you'll know everything was correctly. If you don't see the green padlock or it has an error, you should checkout this resource.

Why No Padlock? Just paste your URL into the box on that page and it will generate a free report that shows you the exact errors that need to be fixed.

Tips to Prevent Issues When Switching to HTTPS

As essential as it is, there are a few things that can wrong when installing an SSL certificate. Here is a checklist to ensure they don't happen:

• Make sure that all elements of your website use HTTPS (including images, widgets, and your CDN)
• Use 301 redirects to point every HTTP URL to HTTPS
• Make sure all of your canonical tags point to the HTTPS version of your URL
• Register the HTTPS version of your URL in both Google and Bing Webmaster Tools
• Use the Fetch and Render function in Webmaster Tools to make sure Google can crawl and render your site properly
• Update your sitemaps to reflect the new HTTPS URLs
• Update your robots.txt file

Google also has a great article explaining best practices for HTTPS and common pitfalls that occur when installing an SSL certificate.

Want to learn more about SEO and improving your search ranks?

Click the button below to get your free company of our guide, "How Do I Rank Higher in Search Engines."