You may have heard about Google’s latest announcement (Aug 6th, 2014). Here’s an excerpt from it:
…we’re starting to use HTTPS as a ranking signal. For now it’s only a very lightweight signal — affecting fewer than 1% of global queries, and carrying less weight than other signals such as high-quality content — while we give webmasters time to switch to HTTPS. — Google Webmaster Central
If you want to read the official announcement, you’ll find the complete version here.
So what are HTTPS and SSL certificates and how do you go about adding HTTPS encryption to your site? Keep reading and you’ll find out.
HTTPS and SSL Certificates
When browsing the Internet, you’ll find ‘secured sites’ with a URL that starts with https:// or ‘unsecured sites’ with a web address that starts with http://.
The only difference is the “s” at the end, but it’s an important character.
When browsing an https:// site you’ll also see a “padlock” icon, and its location will vary depending on your browser, but most browsers will display it somewhere near the address bar.
What did these webmasters do to get their website address to start with ‘https’?
They purchased an SSL certificate or Secure Sockets Layer certificate. This certificate is a digital security file that encrypts data sent from a browser to a server, so hackers can’t access this information. Obviously, this is extremely important when dealing with credit card information, passwords and other sensitive data. Large online stores like Amazon definitely encrypt your personal information.
But what about Mom and Pop’s small e-commerce websites?
In the past, many webmasters would ‘bypass’ the SSL requirement by implementing a third-party solution that would still process payment information in a secure fashion, but it would be done elsewhere. This does NOT mean your information wasn’t secure. Far from it. It means that if you purchased a service from site X, you weren’t ‘purchasing’ it at site X, you were sent to PayPal first. This is where your personal information was collected. PayPal’s SSL certificate protected your personal information from hackers.
Many people rely on PayPal’s expertise to keep your credit information safe, which in my humble opinion, is a great idea. Let the experts be experts in what they do best.
So do YOU need an SSL certificate?
If you have an e-commerce website, you’ll want to process your transactions via an SSL certificate (on your own site or on a third-party payment gateway solution) but with Google’s latest announcement about how SSL certificates will affect search engine rankings, it may be a worthwhile investment. SSL certificates range in price and they also come in various ‘authentication levels’. Keep in mind that you’ll have to renew it each year. If you have an e-commerce that relies on free traffic from Google, even if you don’t process payments on your own site, it may be worth investing in an annual SSL certificate to maintain your source of free traffic.
What about those who don’t have an e-commerce site?
It seems that hackers will hack whatever is placed in their path, including simple email addresses and passwords. Considering that many folks use the same password for multiple websites, hackers may use your seemingly innocent data to do significant damage elsewhere…
So if you collect any kind of data from your visitors, it’s probably best to purchase an SSL certificate. (And it certainly won’t hurt your rankings at Google!)
But what if you don’t collect any type of personal information, should you worry about this? I won’t get into the important marketing topic that involves ‘starting to build your email list now!‘ but nobody knows for sure.
Who wants to be on Google’s bad side when it comes to free traffic?
I’m still thinking about this latest Google announcement, and I’ll be running a test experiment to find out if it’s worthwhile. I’ve got a few personal sites. I’ll install an SSL on one of them and see if I notice any difference in traffic once it’s implemented.
Where to Get an SSL Certificate?
If you want to purchase an SSL certificate, there are many options. I recommend GoDaddy’s SSL certificate, which I’ve used in the past to secure client’s websites.
Ready to get started with your newly purchased SSL certificate? Make sure to read this important article posted by Google to help you out: How to move a site with URL changes.