Today’s post is more of a run of thought processes rather than a guide or tutorial. For many individuals and teams that work within the web development and digital marketing circles it would have been hard to avoid the news that in the latter part of 2017.
A Google Chrome browser update was planning to display a non-secure warning message on webpages capturing data on a non-secure HTTPS page. Data such as signing up to mailing lists, newsletter signups & logins were flagged as offenders. The Chrome update on the surface make perfect sense; to protect the visitors from unscrupulous cross-site attacks and I would agree. No arguments from me there! I’d also like to point out the possibility of a detrimental impact on organic search visibility and search rankings caused by switching to sitewide https on an established site. In no perticular order of standing, below are are handful of my thought processes leading into this article:
HTTPS as a ranking signal
As you may already know, a few years back, Google started to reward sites switching to sitewide HTTPS with a slight ranking signal boost.
Noteworthly SEMRush article on HTTPS signal boost: >https://www.semrush.com/blog/https-just-a-google-ranking-signal/
Exactly how much of a ranking signal boost has ‘from what I know’ never been disclosed in detail. If I was to give it a ballpark figure I would guestimate around ~1-2% overall ranking signal? It may be slightly lower or higher, however I would guess it’s around that percentage figure.
301 redirect link equity loss???
Inbound links to a site are ‘in my opinion’ the single biggest ranking signal. I would again guestimate somewhere around the region of 45%-50% overall ranking signal. It could be even higher than that, many times I have seen pages ranking for terms they shouldn’t be ranking for, when you drill down to the technical, content and equity aspects its usually links that achieved the end result.
Anyhow, to implement HTTPS on an established page that’s already indexed in Google organic search it’s very probable a 301 redirect will be involved. For clarity it would involve redirecting/switching an existing HTTP page over to the HTTPS protocol via a 301 redirect.
Experienced SEO’s and digital marketers know that 301 redirects pass link equity and authority from the source URL over to the target URL. Now here’s another grey area, we know that 301 redirects pass link equity right? Do we know exactly how much link equity is passed? Not really! It is however widely accepted that 301 redirection passes around 85%-90% link equity to the target URL.
>Cyrus Shepard over at Moz suggests around 15% link equity is lost by a 301 redirect. His posts on redirects is certainly worth a read, here’s the link: >https://moz.com/blog/301-redirection-rules-for-seo.
More recently Google engineers Gary Illyes and John Mueller have openly said 301 redirects no longer lose any Pagerank (link equity). It would be down to relevancy, and the quality signals of target URL if ‘any’ link equity is passed along results in a boost in visibility. John Mueller has publically mentioned that no link equity should be lost by redirecting a like-for-like HTTP page to HTTPS page. Personally, my instincts and experience tells me there’s still a slight loss in link equity, despite what the Google engineers say.
Now that we’ve established that Google engineers have confirmed no link equity should be lost, I suppose it’s time we drill down in to the technical aspects.
Website speed; back in the day having HTTPS enabled slowed down a website. It took time and server resources for a webpage to enable the HTTPS/TLS connection, nothing significant but enough for developers to only enable HTTPS on login-walled pages such as customer account logins and checkout areas. Technology has moved fast, internet speeds and server resources are now 10x faster and cheaper. Enabling sitewide HTTPS in this day and age should not slow page loads, if it does the server/CDN requires further optimisation. Further reading: https://www.keycdn.com/blog/https-performance-overhead/
SSL Certificate Quality; there’s numerous types of SSL Certs to choose from such as Extended Validation (EV) that turn the browser address bar green, and there’s free SSL Certs from providers such as Let’s Encrypt. I strongly suspect that within the Google algorithm, hidden away from view is a signal that analyses SSL Certificate quality and strength. With no evidence to back this up I will move on, but it’s certainly worth considering and something I plan to investigate and write about in the near future.
Existing Redirects; websites that been around for a while are likely to have gone through architecture iterations and platform changes. So it’s very probable there’s dozens, hundreds if not thousands of existing redirects in-place. Over time it’s probable that numerous redirects are in place for the same destinations.
Example: html to asp and then on to SEF URLs. Adding another 3xx redirect into the mix could cause equity dilution. Redirect chains can and do cause link equity dilution, in my opinion generally after the 3rd hop. I would certainly recommend conducting a full legacy redirection audit prior to switching to sitewide HTTP. For the interest of this article, let’s assume it’s a single hop to HTTPS.
Here’s another major impacting factor to consider, other websites switching to sitewide HTTPS. The warnings from Google Chrome (and very soon Opera, Safari, Edge, Internet Explorer and Firefox) that website visitors would be met with non-secure page warnings probably scared the living shit out of thousands of development and marketing teams. So it’s likely the websites your teams provide digital marketing support for, have or plan to switch over to site HTTPS. The technical considerations alone such as; page speeds, redirect chains can create an almighty Google dance. What I’m trying to point out is that not all migrations to sitewide HTTPS will be technically the same.
I’m nearing the end of this post now, but hopefully you can get an idea of the thought processes I have taken into consideration. Don’t let above frighten you, it should arm you with more information and the confidence to switch over to sitewide HTTPS. If your website has suffered drops in organic visibility or rankings which you suspect has been caused with switching over to HTTPS then some of the above thought processes may help you diagnose the issues.
I’m available for hire to provide advice and technical support for websites looking to switch over to HTTPS, If you have already took the plunge and loss organic visibility I can help diagnose the reasons why. I have successfully helped to migrate a number of established eCommerce sites over to sitewide HTTPS.