HTTPS and SEO: How Website Security Impacts Your Rankings

Wondering how HTTPS and SEO are connected?

HTTPS is a ranking factor the absence of which can harm your SEO.

In this article, you’ll learn how HTTPS and SEO are related and how you can update your site from HTTP to HTTPS.

What is HTTP?

HTTP (Hypertext Transfer Protocol) is a technology process that enables web browsing. It provides a standardized way for devices, web browsers, and websites to communicate.

HTTP vs HTTPS

HTTPS is the modern, secure version of HTTP. In fact, the “S” in HTTPS stands for “Secure.”

This improvement on HTTP enables browsing to be private and safe from hacking.

You’ve probably already seen HTTPS in action. When you visit sites that use it, you’ll see a lock icon displayed in the browser’s address bar.

Thanks to HTTPs, people can log into websites and shop online without their data being intercepted or altered.

Internet browsers, web servers, and websites all play a role in HTTPS.

HTTPS and SEO

Interestingly, there are several ways that HTTPS (or lack of it) can impact SEO. Here are the key SEO benefits.

HTTPS as a Ranking Factor

In 2014, Google’s algorithms began using HTTPS as a minor ranking signal.

That’s not surprising since secure sites provide a better experience and Google’s success is tied to satisfying searchers.

Sites that switched from HTTP to HTTPS often enjoyed a small ranking boost.

Fast-forward to today and HTTPS is still a ranking factor, but hasn’t been given additional weight since 2014. Along with a handful of user experience (UX) signals, HTTPS is part of Google’s Page Experience metrics.

Like page speed, HTTPS may impact ranking but quality of content is more important.

Avoid “Not Secure” Messages

In 2018 Google’s Chrome browser began flagging HTTP sites as “not secure.” Other browsers followed suit, developing their own visual warnings.

These prominent warnings, in red, are enough to scare anyone away from a website.

It’s easy to see how a warning like this can crater your traffic, sales, and search engine rankings.

Improve Speed

Sites using HTTPS enjoy faster loading times, too. This is because HTTPS runs its security checks much faster than HTTP does.

You can get an idea of the speed difference by using this test website and clicking HTTP or HTTPS at upper right.

Keep in mind that page speed can impact your ranking and every second counts. And your site speed impacts conversions.

According to Google/Soasta research, for every 1-second delay in loading, conversions can decrease by as much as 20%.

Expanded Performance

HTTPS websites also get access to technologies that can boost conversions and sales.

These technologies include:

• Credit card autofill
• The HTML 5 geolocation API
• Push notifications

Trust: Generating Click-throughs and Purchases

Website security is critical for making sales. Buyers are understandably picky about online transactions. And no e-commerce site wants a hacker accessing their customers’ credit card numbers.

Realize too, that most searchers expect all sites they access to be secure, including forums, membership or subscriber sites, and blogs.

Using HTTPS costs nothing and it’s well worth the security it provides and the trust it fosters.

Switching to HTTPS

Is your site still using HTTP? If so, you may be wondering how to switch to HTTPS.

You’ll need to get an SSL certificate. The good news is: you can get one for free, and it’s never been easier to do.

Role of SSL Certificates

When a searcher clicks on a secure website, HTTPS authenticates that site, ensuring that the connection is safe.

This authentication process involves a trusted 3rd party that creates and signs digital certificates.

These 3rd parties, like Let’s Encrypt, are called global Certificate Authorities. They exist to help people get and manage SSL certificates, which are used by web servers and websites to enable these secure connections.

Do note: SSL (Secure Socket Layer) certificates are also called TLS (Transport Layer Security) certificates. TLS is simply an updated version of SSL, but the term SSL certificate is still commonly used.

How to Get an SSL Certificate

Getting an SSL certificate used to be a headache. Dozens of types were advertised, and it was hard to figure out what kind you needed.

Plus, installing it required a webmaster’s help.

That’s all changed with the non-profit foundation Let’s Encrypt. This organization, backed by industry leaders like Google and Cisco, provides free SSL certificates.

These are typically obtained from your web hosting provider. Often the host will handle this process automatically. At the most, you may need to click a button or two.

Regardless, it’s an easy process, and it varies slightly from host to host.

• For security reasons, every 90 days Let’s Encrypt automatically issues a new certificate for your site.
• You can opt to renew your certificate every 60 days if you prefer.

Hosting Providers

WordPress hosts that offer Let’s Encrypt certificates include SiteGround and WP Engine.

Drupal hosts include Acquia.

If you’re using a static site generator, like Gatsby or Hugo, consider using Netlify.

How to Redirect Your Site from HTTP to HTTPS

Once you have your SSL certificate, you’ll want to redirect your old HTTP URL to the new HTTPS URL.

http://example.com → https://example.com

This way Google and other search engines will crawl the new site and stop displaying the old HTTP pages in search results.

WordPress site owners can use the All in One SEO (AIOSEO) plugin to perform this redirect. It’s easy.

All in One SEO (AIOSEO) is an established plugin with over 3 million users and thousands of 5-star ratings on WordPress.

Download the All in One SEO (AIOSEO) WordPress Plugin

First, download and install All in One SEO (AIOSEO).

Then, in your WordPress admin bar, mouse over the AIOSEO icon and choose Redirects from the drop-down menu.

In the new window that’s opened you’ll see several tabbed options.

Click the Full Site Redirect tab.

Scroll down to Canonical Settings and click the toggle button on.

That will open a new window with a few options.

At the top, you’ll see your old http address displayed and the https one you’ll be redirecting to.

Now, click the toggle button next to Force a redirect from HTTP to HTTPS

Optional: Below that you’ll see a drop-down menu that gives you an option to add or remove www to/from your domain.

Scroll down to click the Save button at lower right and you’re done.

Note: Some web hosts automatically redirect HTTP to HTTPS. But many do not. Check with your host to find out whether you’ll need to execute the redirect yourself.

Bonus Tips on HTTPS and SEO

• If you’ve just moved to HTTPS, be sure to update Google Search Console and Google Analytics so the correct URL is tracked.
• Fun fact: You can visit any HTTPS-enabled website to view its SSL certificate information. In the browser’s address bar, click on the lock icon. Then click on “Connection is secure” and choose “Certificate is valid.” A pop-up window, called the Certificate viewer, will appear.

Q&A on HTTPS and SEO

What’s Next?

We hope this post helped you learn how HTTPS encryption can improve your search engine optimization and support conversions.

You can also check out our article on how to boost your SEO without expert help and our complete blog SEO checklist.

If you found this article helpful, then please subscribe to our YouTube Channel. You’ll find many more helpful tutorials there. You can also follow us on Twitter, LinkedIn, or Facebook to stay in the loop.

Disclosure: Our content is reader-supported. This means if you click on some of our links, then we may earn a commission. We only recommend products that we believe will add value to our readers.