An in-depth analysis of the HTTPS settings of about 10,000 domains has revealed the following statistics:
- Only one out of every ten websites seems to have a HTTPS setup that is correct
- 60% of websites across the world do not have any HTTPS
- At least one in every four domains is missing out on a canonical HTTPS version
- 25% of the domains are making use of the 302 (temporary) redirects in place of the 301 (permanent) redirects
Now, let us go on to find out why HTTPS matters:
One good answer for this question is because Google says so. Among 200 odd factors, HTTPS is one of the ranking signals that Google considers while ranking websites. However, this is not the only ranking signal. In case your website is aligned with all the other ranking signals, HTTPS can probably take you one notch higher. Nevertheless, the trick lies in getting it right, which even the big websites sometimes fail to do. If you do not have the right HTTPS setup, very soon Google’s Chrome browser may display a lock with a red X in the address bar whenever a user visits your webpage. Very soon the other browsers will follow this policy.
The main reason most website owners choose not to setup HTTPS is the cost. This requires a lot of encrypting which might cost you in terms of costs, additional hardware, SSL certificates, engineering hours, CPU cycles and bandwidth. Yet, if you need the benefits that HTTPS can bring to you, you will have to bear these costs.
Benefits of HTTPS over HTTP:
In case you have not yet decided to switch over from HTTP to HTTPS the following benefits that HTTPS has over HTTP can help you make up your mind:
- Better protection and Website Security: HTTPS makes use of SSL or Secure Sockets Layer that protects your website from hackers. Once they see HTTPS, your users will be assured that their personal data is secure on your website. Especially if yours is an ecommerce website, this can help in increasing your online sales in a remarkable way.
- Secure DNS Infrastructure: The DNS Infrastructure offered by a HTTPS website is a much more secure when compared to that of HTTP. There is more encryption in HTTPS which offers confidentiality, identity and integrity. Without your knowledge nobody will be able to alter the information that exists on your website.
- Top security for browsers: When compared to HTTP, HTTPS offers better security to browsers. The logins and passwords they use will have a better chance on not being hacked by anyone. The data that they enter will be secure and no one will be able to monitor or track down their searches.
It was just a few years before that Facebook had a HTTP login page. This enabled many hackers from the Middle East steal the logins and passwords of many users by injecting a JavaScript. Once Facebook implemented HTTPS, it became much more secure and thus a whole lot more popular. One thing that can be surely said is that Facebook will never ever move back to HTTP again.
So, what do you have to keep in mind in order to get the HTTPS settings right?
- Only use one URL-serving the content: There should be only one canonical version of your web content. This will help your users get redirected to the correct website. For instance, the user may typehttps://www.reddit.com, http://www.reddit.com, http://reddit.com and be directed to the same website https://www.reddit.com.
- Always make use of permanent redirects: The use of temporary redirects is not advisable, although many of the websites stick to this practice. Using permanent redirects will help you pass along the link juice in a reliable manner. This will help in maximizing your SEO.
- Make sure all the redirects display the right content: Too many redirects would mean slow loading speed of your website which might increase your bounce rates. Using redirect loops is not good for your website. While reducing the prospects of conversions, this will also affect your SEO negatively.
A few years ago, getting an SSL certificate was a very costly affair. Not so today. It just takes a few dollars to get that SSL certificate and make your website secure using HTTPS. No more excuses. Make the change to HTTPS. Google is already pushing websites to adopt HTTPS and it will keep providing more and more incentives in future. Now, it all depends on how fast you adopt to HTTPS.
