Back in mid September 2016 via their security blog Google announced that they were going to start moving towards a more secure web. They laid out plans for the Google Chrome browser (which is the most popular browser in the UK) to start displaying warning messages for any pages which aren’t secured by an SSL certificate.
Phased In
These “non secure pages” weren’t flagged in the past however as of January 2017 messages started to appear on pages which collect passwords or credit card data which weren’t using an SSL. Google stated that their long term plan was to show these warning messages across the entire website, on any page which was “non-secure”.
From October 2017 this has now been implemented, any website which doesn’t implement an SSL certificate will now display an error message.
If you are unsure whether or not a site is secure, there is an icon at the top next to the web address itself (a circle with an exclamation mark in it), by clicking this icon Chrome will display a message similar to this:
“Your connection to this site is not secure. You should not enter any sensitive information on this site (for example, passwords or credit cards), because it could be stolen by attackers. Learn more”
How does an SSL help with SEO?
As with most things in SEO there is no solid confirmation from Google that having an SSL will help your site rank better. However, way back in 2014 they did announce that having a site on HTTPS was indeed a ranking signal that they use within their algorithms when determining where a page should rank for a given search query.
In 2015 Google also stated that in the event of two pages competing for ranking positions which are equal in every way other than one being http and the other https, the page with https will out rank the http page.
There are various prominent SEO’s talking about this too, check out Neil Patel’s blog and the article by Barry Schwartz on Search Engine Land from way back in 2014.
Backlinko ran a study into how an SSL can affect Google rankings and found that:
“HTTP had a reasonably strong correlation with first page Google rankings”
Read the full article here.
Finally, Gary Illyes from Google has a funny message for us SEO’s.
If you’re an SEO and you’re recommending against going HTTPS, you’re wrong and you should feel bad.
— Gary “鯨理” Illyes (@methode) August 18, 2015
Avoid the “not secure” message
Simply put, the best option to avoid the messaging is to implement an SSL… They are fairly easy although the technical description on how to do it from Google may be a little daunting for the uninitiated however I found that most of the SSL providers will have a support database to help you.
The company I use for SSL’s is Namecheap, they are the cheapest I’ve found and supply Comodo certificates. They also have a great resource to help you install them.
The 2 main barriers people face when considering switching to SSL are:
- Time – how long it can take to implement, not just installing the SSL but also working through your site making sure you aren’t serving any insecure items, a common problem with WordPress and how it attaches images and other media items.
- Rankings – A lot of clients I talk to about making the switch are worried that their rankings may drop once as Google physically replaced the http for https urls in the index. This isn’t usually the case, and URLs will tend to switch over fairly quickly.
Summary
Thank you for reading my blog post about SSL certificates and SEO, they are becoming more and more important for websites and are fairly easy to implement. There are some technical processes to go through so help from a web developer may be required.
