•  

Northwoods Blog

Securing Your Site with HTTPS: What You Need to Know

October 24, 2017

Securing Your Site With HTTPS

 

We all take security very seriously in our lives. We lock our doors. We buy alarm systems. We park under street lamps when we can.

We should secure our websites, too. Users who come to your website should feel they are visiting a secure space. Beyond that, Google considers website security in its ranking algorithm. So put moving to HTTPS at the top of your priority list.

 

What exactly is HTTPS?

HTTPS (Hypertext Transfer Protocol Secure) makes your website more secure for users. It ensures that no one else can see the data and information passing between your site and your users’ browsers and guards against a wide range of other threats. This is especially important for sites with sensitive information, such credit card numbers and account passwords.

 

How does HTTPS affect the way my website is displayed?

Browsers have recently raised the visibility of websites’ security status. Have you noticed that secure lock icon? It indicates HTTPS.

 

 

 

Beginning in October 2017, Chrome will kick it up a notch. “Not Secure” warnings will appear on the website URL when you enter data in http sites.

 

 

 

Users will quickly become wary of providing any contact information on websites labeled “not secure.” If you want to build trust with users and make them feel safe at your website, add HTTPS as a first step.

 

How does HTTPS affect my search rankings?

Security has become a top priority to Google. In 2014, Google first announced HTTPS as a ranking factor, but very few companies went to HTTPS at that time.

Google has continued to emphasize its importance. Google has admitted that, all other ranking factors being equal, HTTPS would tie in the search engine results rankings.

That being said, a 2015 MOZ analysis of 17,600 keyword search results from Google found just a slight positive correlation between HTTPS URLs and rankings. Read the full study.

 

How do I get started?

Switch carefully to HTTPS. Different content management systems require different ways to implement HTTPS, but all implementations take four basic steps:

  1. Acquire and install a certificate. For many sites, Let’s Encrypt can provide free certificates and automate much of the setup and maintenance for you. If you’re looking for other inexpensive options, check out Namecheap; ssls.com can help you comparison shop. Don’t let the large number of certs out there overwhelm you. If you have a single domain on your site, the simple, low-cost certs will usually work just fine.
  2. Set up domain-wide 301 redirects from the HTTP to the HTTPS version of your website. Missing this important step often causes sites to fall in search engine rank.
  3. Update references to page assets from HTTP to HTTPS. Links out to other sites (using an “a” tag) don’t need to change, but you must update images, videos, scripts, CSS, etc., that are embedded on your site (“img” tags, “script” tags, etc.). These review items include:
    1. Internal links between pages
    2. Custom scripts (e.g., javascript)
    3. Third party hosted scripts (e.g., YouTube imbedded videos)

This small list is not exhaustive. This type of content can appear in many places on your site. Scan your website for non-secure content with the Missing Padlock ssl checker, or you can learn more by reading our post about finding and fixing mixed-content issues.

  1. Update your robots.txt, Google Search Console and Google Analytics.
    1. If you have any references or blocking guidelines in your robots.txt file, you need to update them to their HTTPS versions.
    2. In Google Search Console, you need to create a new profile for your HTTPS version, submit your new sitemap and fetch the HTTPS version of your site. Learn more about Google Search Console.

As part of our commitment to security, Northwoods is providing certificates at no cost to all Titan CMS customers who use our shared hosting environment. Titan CMS will also automatically handle redirects for you. Learn more about switching to HTTPS on your Titan CMS website.

 

Conclusion

The time for ignoring HTTPS has passed. Show your users that their information is safe and secure with your company. Switch to HTTPS on your website and establish trust from the user’s first interaction with your company.

Amanda Koehler

Senior Digital Marketing Strategist

Amanda Koehler oversees the SEO and PPC department within the Digital Marketing Services team at Northwoods.  She focuses on developing SEO strategy for customers like Vollrath, Heartland Advisors, CelticMKE, and many others. Amanda helps clients meet their digital marketing goals through her research and analytics experience.

Connect with Amanda on Twitter
Connect with Amanda on LinkedIn

Read Amanda Koehler's Blogs

Chris Wilson

Senior Software Architect

Chris Wilson is a senior software architect and developer. He’s particularly interested in helping clients gain efficiency and improve security through cloud-based solutions. His client portfolio ranges from startups like Wallit.io to major enterprises like ManpowerGroup to non-profits and public agencies like Milwaukee Public Schools.

Connect with Chris on LinkedIn

Read Chris Wilson's Blogs

Ready to Learn More?

Contact us with any questions, comments, or suggestions.

Northwoods Web Solutions

1572 E Capitol Drive

Milwaukee WI 53211

414-914-9100

847-752-1095 (Chicago)

Microsoft Partner SIlver
© 2017 Northwoods - all rights reserved.
top