Have you heard the news?
Google is now favoring HTTPS over HTTP.
In this post, I’ll be going over why that’s important for your blog and Google ranking, as well as covering how to make the switch. I’ve included some really useful links to help you on your way (whether you plan to do the change over on your own or hire a professional!), and some personal screenshots for you.
HTTP VS. HTTPS
So, what’s the difference between HTTP and HTTPS?!
HTTP = HyperText Transfer Protocol
HTTPS = HyperText Transfer Protocol Secure
To put it simply, HTTPS has an SSL (Secure Sockets Layer) certificate, whereas HTTP does not.
SSL Certificates are small data files that digitally bind a cryptographic key to an organization’s details. When installed on a web server, it activates the padlock and the https protocol and allows secure connections from a web server to a browser.
With an SSL certificate, information passed through a user’s browser and a site’s server is fully encrypted, and even if someone were to intercept the information being passed between them, they would not be able to read any of it.
This doesn’t necessarily mean that all HTTP sites are actually insecure, or even remotely a potential for risk to your readers and yourself – but Google can’t guarantee that and neither can you without a proper SSL certificate. Think of it as an airport scanner – without an SSL, your site is going to sound off the alarm with a big red triangle warning sign.
But your readers aren’t going to investigate what’s going on – they are going to click the ‘X’ on your window and not return.
Why Is Google Doing This?
Google has actually been doing this for a few years now, in attempts to prevent its users from any further cyber attacks. They started favoring HTTPS sites in 2014 in their search engine results, giving them a slight boost over their HTTP counterparts. Starting in October 2017 (that’s only a few days away, guys!) Google will start displaying a notice on HTTP sites much like this one here:
If I saw that (and I have before), I would instantly close out of the window I had open. And probably all the other windows that were opened as well. AND RESTART MY COMPUTER. JUST IN CASE. 😉
What This Means For Bloggers
Alright, so what does this mean for you as a blogger? Is it really necessary to purchase an SSL certificate?
- Your site will not be as ‘relevant’ in search engine results because it will be deemed ‘Not secure’.
- Users will not feel safe visiting or entering information (say bye-bye to new subscribers…)
- Traffic will decrease
- Bounce rate will increase
No one wants to stay on a site that isn’t secure. And they surely won’t want to input any information that might be abused or shared with a third party. While that most likely wouldn’t be the case with your blog, your readers and would-be-new-subscribers don’t know that!
So, you are going to need to take your blog to the next level….
How To Go To HTTPS
Personally, I have a self-hosted WordPress site. The company you use to host your site (where it “lives” – mine is with GoDaddy for now – yours might be with Bluehost, Wix, etc.) should have the option for you to add on an SSL certificate. With this addition, your host should be able to install the certificate for you within a matter of a few hours. This installation will also redirect your readers from your HTTP site to your new HTTPS site.
So, if you are reliant on traffic from say, Pinterest, all of your Pins containing the URL to your HTTP blog posts will now be conveniently directed straight to your new (and secure) HTTPS URL for that same blog post. Neat, right? There are some individual technicians that can do this process over the web, but I felt safer with my hosting company than someone over the internet whom I didn’t fully know and trust with my baby (blog-baby, that is).
I completed the entire process over chat (GoDaddy has really awesome customer service), which was fantastic while I had a few little ones running around during general business hours. I’m totally not joking either, their newest thing is running back and forth across the house just yelling for no reason. And then stopping to giggle. And then more yelling. It’s a happy yell, though. 🙂
The process for me took a few hours, but I noticed that even my permalink in my new draft was updated:
^See that newly added ‘s‘ to the ‘http’ portion? Everything has been done for me.
*If you do not pay for an SSL certificate with installation, you will need to pay for the SSL certificate and then manually change all of your links from HTTP to HTTPS yourself to ensure no links are broken. This will include setting up 301 redirect pages to inform Google and other search engines (or anyone that has bookmarked your page/post) that the address has changed, and they are then redirected. Here is a great resource for setting up 301 redirect pages if you’re up for the challenge! I wouldn’t recommend it for any beginner and personally left my blog to the professionals.
I applaud Google for taking Internet security seriously – especially with the role technology serves in our lives and the misuse of so many people’s personal and financial information in cyberspace. I am also grumbling a little because it is something extra that I have to pay for as a blogger! Just a little grumbling, though. With GoDaddy, I was able to select the security for my website (I chose McAfee Secure), and their badge is displayed on my site to assure my readers and viewers that this is a safe space.
See the red badge with the letter ‘M’ in the screenshot below at bottom right corner (or the bottom right corner of your screen!)
So, have you gone over to HTTPS yet? Did you hire a professional, go through your hosting, or do it yourself? Share your thoughts in the comments below!