Definition
HTTP stands for “Hyper Text Transfer Protocol”, the primary technology protocol on the Web that allows linking and browsing. This is the technology used to communicate between web servers and web users.
HTTPS is “Hyper Text Transfer Protocol” with Secure Sockets Layer (SSL), another protocol primarily developed with secure, safe Internet transactions in mind. The acronym SSL stands for Secure Sockets Layer. SSL is a secure encryption Web protocol used to make data safe when transmitted over the Internet. SSL is necessary on any site where there is confidential information being collected or downloaded from the user such as eCommerce, banking, recruiting or any website with sensitive data. Users will know if there at a secure site as the ‘https’ in the URL, but also a lock symbol on their browser address bar. The number of secure websites now exceed the unsecured ones, with 42 million HTTPS to 16.5 million HTTP (see current stats).
Differences
Why do some choose HTTPS over HTTP? There are several reasons and several pros and cons of each.
HTTP focuses on how information is presented to the user but doesn’t get involved on how that data gets from Point A to Point B. HTTP is faster because there is less data to send because it doesn’t attempt to remember anything about the previous Web session or anything about the user or sender. This is great because there is less data to send, and that means speed. Another reason some choose HTTP over HTTP is cost, in application hours, SSL certificates (roughly $70 per year with Godaddy) or additional hardware.
HTTPS uses the Secure Sockets Layer (SSL), and is secure because it uses SSL to move data. SSL takes the data, going or coming, and encrypts it with mathematical algorithms. HTTPS differentiates one sender and receiver from another. This increases the trust and credibility of the website not just to the user but to the search engines. An SSL certificate “makes the issuer a trusted third party. When your browser sees the secure Web site, it uses the information in the certificate to verify that the site is what it claims to be.” (BizTech)
Ranking
In 2014, Google announced that HTTPS serves as a lightweight search signal in an attempt to raise awareness of online security issues and encourage more webmasters to get SSL certificates for their websites.
“Today we’d like to announce that we’re adjusting our indexing system to look for more HTTPS pages. Specifically, we’ll start crawling HTTPS equivalents of HTTP pages, even when the former are not linked to from any page.”
Granted, its not going to send your website speeding to the top or even first page if you’re not focusing on the other 200 other factors that Google uses to rank your site. But it could help improve your overall SEO strategy.
Security
Another benefit is that you’d be providing an additional layer of security to your users, as recent legislation passed will reinforce the value of this security to your users.
“Congressional Republicans wanted to kill landmark privacy regulations that would soon ban Internet providers, such as Comcast and AT&T, from storing and selling customers’ browsing histories without their express consent.” It passed on March 23, 2017 without much fanfare. (Washington Post).
Why is it more secure? HTTPS solves that problem by encrypting the communication end-to-end so that only your computer, smartphone or tablet and their server can see what data gets transmitted. Additionally, HTTPS provides a mechanism to guarantee authenticity so you can verify that you are connected to the right server as long as the green lock icon displays in your address bar.
Searchability
Your ranking higher page ranking, as Google announced in 2014, that it would give a slight boost to the sites that were secured.
“We’ve seen positive results, so we’re starting to use HTTPS as a ranking signal. For now it’s only a very lightweight signal — affecting fewer than 1% of global queries, and carrying less weight than other signals such as high-quality content — while we give webmasters time to switch to HTTPS. But over time, we may decide to strengthen it, because we’d like to encourage all website owners to switch from HTTP to HTTPS to keep everyone safe on the web.” – Google, 2014
Don’t think your website will now float to the top magically because as they said it’s a ‘lightweight signal’ in their ranking system. In fact, you may even see a slight drop in ranking as your domain name will have to change from http://mysite.com to https://mysite.com, so it’s important to tranfer it correctly. Yet having a secure website is only one of the over 200 factors that Google uses to ‘score’ or rank your site as a trustworthy, credible source of information. These 200 factors can be broken down into three main categories, (1) Age, (2) Authority, (3) Content, hence an HTTPS site will help build your authority with Google.
How to Transfer Over
It’s not that hard to transfer it over, but I would suggest you call a website developer, online IT technician or even your hosting support team to help with the process.
- Get a security certificate and install on the server. Certificates usually run between $70 and $120 per year depending on your hosting company.
- Update references in content. You can use a search-and-replace plugin on your database to help with this process. Don’t forget to update the references (url) in scripts, images, links and so on are either using HTTPS or relative paths.
- Update backlinks or external references to your website. Go through your social media, directory listing and any other references to your website to make sure they’re updated as well.
- Update your sitemap.xml and robots.txt files. Again just making sure all references are correct.
- Force HTTPS with redirects. Set up a redirect from HTTP to your new HTTP status with permanent redirects (301 — or less supported 308) instead of temporary redirects (302 or 307).
- Submit the change to Google, Yahoo, or other search engines. Notifying search engines on your update can hasten the update on your search results, but it will happen regardless as they crawl your website usually within two to six weeks.
Call a professional web designer, web developer or webserver administrator if you need help with the transfer, as it can be a bit frustrating as link errors, broken links, failed redirects and redirect chains are almost always issues. But any temporary frustrations will be worth it with the confidence, authority and improved page ranking you will see.
Legislation regarding Internet Privacy:
