For over a year now, Google has been prioritising HTTPS websites in its organic search results. If there are two pages with duplicate content, Google designates the HTTPS page as the original and penalises the other.
From January, the emphasis on secure connections will also be reflected in Google’s most widely used browser, Chrome.
The new browser (Chrome 56) will mark unsecured websites that send data via forms (primarily passwords and payment card details) directly in the address bar as ‘Not secure’. In future, however, Google is considering a more prominent red warning, which could well scare off many less tech-savvy users.
The change will affect e-shops and websites where you can shop online or log in to a customer profile the most. Open-source content management systems – such as WordPress – could also face issues. This is because WordPress sites often have an admin login page. Due to such a minor detail, sites would unnecessarily receive negative points from Google.
What is HTTPS?
HTTPS is a protocol through which a user connects to a server to view any website securely.
Only websites that have an SSL (Secure Sockets Layer) certificate can use this protocol. This certificate is issued by several global authorities based on uniform security criteria. Put simply, to obtain an SSL certificate, you must only send encrypted data between the server and the user.
With an encrypted connection using HTTPS, it is impossible for anyone to intercept the connection between the user and the server and alter the information before it reaches your computer. Without this encryption, it is much easier for hackers to steal login details, card details and the like.
There are different levels of security for different website requirements. Nevertheless, every website that transmits user data should have at least some form of certification.
How do you obtain an SSL certificate?
Certificates are issued by certification authorities – such as Thawte, Symantec, GeoTrust, or RapidSSL.
Your developer will then ‘deploy’ the certificate to the website, and the site will start operating on the HTTPS protocol. Certificates are issued for a specific period and need to be renewed regularly.
A faster and more secure website
For clients who use our hosting and have an SSL certificate, we can set up the more advanced HTTP/2 protocol. This protocol can speed up website loading by up to 30%. As a result, even graphically demanding pages load almost instantly for users. Why is this important? Internet users are not willing to wait. Slow loading times are also penalised by Google in its search algorithm.
The HTTP/2 protocol itself does not encrypt data; it is the SSL certificate that secures the connection. In other words, HTTP/2 cannot be deployed without a certificate. You therefore gain all the security benefits, plus speed. Both will also have a positive impact on your SEO results, at least when searching on Google.