From enhanced security to a boost in search rankings, installing an SSL certificate certainly has its benefits, but I wouldn't say that it's a no-brainer just yet.
While we are already seeing the internet move to a more secure landscape, the number of HTTPS websites rising, and HubSpot has introduced a free standard SSL certificate with every site on their website platform, there are still very few websites using it compared to those that aren't.
Last year, Moz published an article about the SEO effects of installing an SSL certificate which included this screenshot from BuiltWith that showed the current trend of HTTPS websites.
In September of 2014, 4.2% of the top 10,000 websites and only 1.9% of the top 1 million websites used HTTPS by default.
Fast forward a year later to September of 2015 and you can see that those numbers have increased to 6% of the top 10,000 websites and 2.8% of the top 1 million websites.
That's not a shocking change, but it should be significant enough to catch your attention.
For those of you not familiar with it, HTTPS is an acronym for "hypertext transfer protocol secure" -- in other words, a secure version of HTTP.
Whenever you see a website's URL that starts with HTTPS, it means the website is secured by an SSL encryption and that it's a safe to transfer sensitive information (such as your credit card number, bank information, etc.) on the website.
SSL is an acronym for "secure sockets layer," the security technology that encrypts the link between servers and browsers.
By installing an SSL certificate on your website, you show visitors that your website is verified and that data sent across the site uses a secure connection that prevents hackers from intercepting it.
Note: This is why you should never enter your credit card information on a website that doesn't have HTTPS.
Up until this point, there has never been a need for websites that don't exchange sensitive information (such as blogs and business websites where there is no transaction on the website) to install an SSL certificate.
Typically, you would only see this with online stores, banks, and other websites where sensitive data is transferred, but now that Google has officially listed SSL as a ranking factor, more webmasters are interested in securing their websites.
Before you decide if this is the right move for you, let's take a look at the realistic SEO implications as well as the overall advantages and disadvantages.
The Advantages of Installing an SSL Certificate
1. HTTPS Boosts Search Rankings
Installing an SSL certificate does provide a boost in search rankings. Granted, there are over 200 ranking factors in Google's algorithms, but with the rise in eCommerce and the integration of many secure sites with social media, email, etc. we expect this to change in the near future.
Whenever traffic from a HTTPS site is directed or referred to a HTTP website, the referral data is lost and the traffic is classified as "direct traffic." This problem, however, is eliminated when your website is HTTPS. Having this issue resolved, helps give marketers a better grasp on the state of their referral traffic as well as their analytics overall.
3. Enhanced Security
SSL stops man-in-the-middle attacks, encrypts all communication on your website, verifies the server it's supposed to be talking to, and it makes your website more trustworthy to its visitors in general.
For both B2C and B2B organizations, offering this kind of enhanced security, helps give your target audience peace of mind and build trust. It helps makes them feel more comfortable making purchases and also sharing their contact information with you.
The Disadvantages of Installing an SSL Certificate
1. HTTPS Slows Your Site
Since HTTPS requires extra communication between your website and the server, it can actually slow your website down a bit.
This is only going to be a noticeable issue for websites that are already slower to begin with, but considering that site speed is a ranking factor as well, it is something to take into consideration.
In most cases you are looking at spending $100 to $200 to get an SSL certificate installed, but you will find one available for $9 per year from Namecheap. If you want your web host to install the certificate for you, they may charge you around $100, but as I mentioned earlier, HubSpot does this for free with websites hosted on their website platform. There is also one known way to do it for free, but this can be a tremendous hassle.
So, is it worth it?
If you're just managing a small blog and looking for a way to get more organic traffic, the monetary investment in SSL may not be worth it at this time.
However, if you are in eCommerce, are a major blog, or you regularly require the collection of contact information, I'd say it's worth the consideration. You'll notice that a lot of business encrypt a specifc page, such as the checkout page, but I think you might as well encrypt site-wide if you're going to do it at all. The boost in rankings is a bonus, but the added security is great for instilling trust in your website visitors.
What You Need To Do
The process will depend on the type of certificate you buy and how your website is hosted, but installing an SSL certificate isn't a one-click task.
First you need to select an SSL certificate. GeoTrust, Globalsign, DigiCert, and Namecheap, are all reputable companies with strong customer support to guide you through the process.
As far as the actual process goes, you will want to follow the specific instructions for the certificate you buy. Click the links below to get an idea of what you're in for: