The Caliber Blog

July 28, 2016

Moving to HTTPS for SEO: Good, Bad or Absolutely Useless?





The Short Answer

If you’re planning on switching to HTTPS purely for SEO reasons then no, do not make the switch. We have not observed any specific performance data which shows a correlation between higher rankings & implementation of SSL across our portfolio of clients.
If a client wanted to unilaterally move their website to SSL as part of an internal security upgrade or for other reasons, then we could recommend best practices to ensure SEO visibility is defended and the switch is executed optimally. However, we couldn’t say that doing so will benefit their SEO performance or rankings, as internally we have seen no evidence of it.
However, this is SEO, and things are done on a case by case basis. There are other benefits to setting up HTTPS which should be considered. If you want to discuss this further for your own particular website, then give us a call.

The Long Answer

Answers by Martin Reed, Senior SEO Strategist.

Why is HTTPS important? When should you use it? What is the SEO value of it? Should you make the change or not?

This topic has been covered many times and unsurprisingly everybody has a different opinion. You will find that most blog posts that cover switching to HTTPS aren’t too interested in going in depth, they just want to cover it because everyone’s talking about it. They’ll often say you should go ahead and make the switch because Google says you should.
As an SEO focused agency, Caliber’s position is that you probably shouldn’t – and my personal position is somewhere in the middle. There are other benefits to doing it and if you want to get some of this value then you should probably think about switching, or at least positioning yourself so that you can make that switchover somewhere down the track.

For a really large website is it going to take a lot of work to make the switch?

It can, potentially, yes. It’s not as simple as flipping a switch and everything’s going to work. There’s a long process involved in making sure it’s going to be fully compliant. From an infrastructure point of view, you need to ensure that your servers are going to be able to handle it.
Essentially what HTTPS does is it encrypts all the communications between your browser and the web server. The difference between using this encryption and not using it is that there are additional steps in the process in communicating between your browser and the web server.
These additional steps in the handshake between browsers and the servers add to the amount of time it takes for the data to start being sent and received. So you need to ensure that your servers are capable from a capacity point of view to handle these additional steps.

Is this because site speed is a more important ranking factor than HTTPS?

Site speed is definitely a more important ranking factor than HTTPS at the moment. From a strictly SEO point of view there is minimal benefit in using HTTPS, today at least, and there is much more benefit in having a faster website. This is also true from a user experience point of view, and a conversion point of view. So, strictly looking at SEO, there’s not a lot of added benefit in using HTTPS.
However, it’s not quite as clear cut as that. In the past it was difficult to run HTTPS efficiently, because of the overheads involved and the additional steps involved in the decryption of the data. You needed more time for the data to be transferred, therefore you needed more processing power on the server to handle the same number of requests.
But today, in 2016, we’re at a point where with the right server set up you shouldn’t be negatively impacted by having these added steps. Any performance hit should be negligible because we’re at a stage where we can process it much faster.
A lot of work has been done around improving how HTTPS works at a server level (there are modules available etc.). There are different benefits available in using the technology that should improve overall performance.

How can HTTPS improve the performance of your website? What are the major benefits of HTTPS set up?

So, one of the major benefits in using HTTPS is the ability to use HTTP/2. HTTP/2 allows you to open a single connection between your browser and the server, to transfer all of the files that you need in order to load a page.
Historically, every single file that you needed to load to your page – and by file I’m talking about the actual HTML page, all of the images, the JavaScript, the CSS, the stylesheet, any video files, any media – each one of those files needed to have an individual connection to the server to download it. You’re downloading them one at a time, which means that from a server point of view, it needs to handle many more connections because each file is coming one by one.
It’s hard to say what an average website would have, but it’s common for a website to load nearly 100 different resources per page. I’ve seen some that use a lot more, and some that use a lot less – but if we use 100 as an example that’s 100 different connections that need to be made for a site to load.
With HTTP/2, what you’re able to do is open up a single connection. In that single connection you do the initial handshake, you receive the initial page and then you tell it OK, I need all of these different files and then one by one they get delivered over the same connection. This means you eliminate the need for the extra overheads with individual connections.
If there is a latency issue – a long way to go between yourself and the server – a server in Australia for example, the data needs to transmit half way around the world. This means a few hundred milliseconds of delay added just in transit. If you’re eliminating that transit delay per resource that you’re downloading, then it’s going to speed up the process as well.
HTTP/2 is designed for how we use the internet in 2016. We have a faster internet connection; we’re downloading media rich pages. This allows us to streamline the whole process of downloading all of the required assets for a page.

Surely any big company with a big website will want this new capability that HTTP2 allows? How easy is it to make the switchover for a big website?

There have been a couple of articles posted saying they’ve made the change and it hasn’t quite worked out. So you have to take this into account.
For a smaller website it’s far simpler to make the switchover than it is for a bigger website. For a smaller site you’re going to have fewer pages – it’s just going to be a more straightforward type of website. Whatever size your website is, there are a few key things to consider when you’re doing a migration to HTTPS:
1. You have to make sure you do a 301 redirect from the HTTP version to the HTTPS version.


2. You need to ensure that any canonical tags point to the HTTPS version.


3. Internal links should also all point to the HTTPS. Even though they’re all going to redirect over, you want to eliminate that need for the redirect. When Google is crawling and indexing a website, it doesn’t handle redirects all that well, particularly if there’s a redirect chain where you go through more than one step at a time before you reach the final destination.


4. You want to ensure that all images, JavaScript, all resources on the page are being loaded through HTTPS as well.


5. It is key to set up Google search console for the new HTTPS version of your site, because Google splits the data and they won’t treat it the same as the non-HTTPS version, so before you start you want to make sure you set it up so that you can see the data as it starts populating.


6. Say you’ve hardcoded e.g., you will need to go back through and update the site to point to the HTTPS version, or use what’s called a protocol agnostic version. This is where you leave out the HTTP: and you just do a // followed by the domain, so it retains the same protocol – so HTTP will stay HTTP and HTTPS will link to HTTPS.


7. One more thing on making sure that all of the assets load from HTTPS. Remember that if you’re loading JavaScript from, for example, an HTTP source, modern browsers are going to consider that as insecure content and more often than not will block it from loading. This means that if you have, say, a booking form or some type of functionality that requires the HTTP JavaScript, it’s not actually going to load it because it’s being loaded from an insecure source, which means you could potentially break your website.
There are a whole other raft of best practices to follow. As a general rule you need to ensure that all references on the website, on sitemaps, all point to HTTPS. It’s important to remember that it’s a case by case thing –there is no blanket rule that you should or you shouldn’t do it. This could change in the future of course. If you’re wanting some of the other benefits I have mentioned, then you should consider doing it – HTTP/2 performance being the main benefit.

Are there any other benefits to HTTPS implementation?

Another benefit to consider is the potential improvement of your analytics data. This is due to increased visibility on referrals from HTTPS sites which would previously have been stripped of referrer data and attributed as direct within your analytics platform. In short when a visitor arrives at your HTTP site having clicked on a link from an HTTPS enabled site the referrer data is stripped and the session recorded as ‘direct’ traffic.

However, when a visitor arrives via a link from an HTTPS site to another HTTPS site the referrer data is passed. Likewise, a visit from a non HTTPS site to an HTTPS will also still pass the referrer data. So, the long and short of it is you are going to have increased visibility on your referral sources after making the switch to HTTPS as you will be receiving referral data from both secure and non-secure sites.

Image by Karen Roe used under CC License.


More Strategy, Tactics and Caliber Stuff

Leave a Reply

six + 6 =