Blog

How SSL Affects SEO

How SSL Affects SEO

  • Post author:

A common question I often see bouncing around is whether or not a good/valid SSL certificate is beneficial to a website’s overarching SEO strategy.

It’s a good question and deserves a proper answer, which is what I’m aiming to provide in this article. But first of all and just to make things clear I’m going to rattle through a few pre-cursor points…

Contents:

What is SSL?

SSL stands for Secure Socket Layer and it’s a standard security technology for establishing an encrypted link between a server and a client. Basically, it lets your web browser know that your internet connection with a website is safe.

Below is an example of our website’s domain (which has a valid SSL) in the address bar. Note the secure padlock!

When was SSL implemented?

Well, the SSL protocol was actually invented and introduced in 1994 by Netscape. However, it wasn’t used by many websites until a few years back and as of April 2018 33.2% of Alexa’s top 1,000,000 websites now use a secure connection. Although it’s likely that this number is far higher now.

Why was SSL introduced?

SSL was introduced because it became apparent that the internet was growing at a tremendous pace and there was a need for transport security in web browsers that would ensure both customers and webmasters’ personal data are protected.

Why you should use SSL on your website

There’s a few very good reasons for using SSL on your website, not just from an SEO perspective but from a security and user experience point of view as well. The main ones are:

An insecure connection deters users

No, I don’t mean a connection that feels self conscious. *babum tss*

Since 2018, web browsers have been displaying a “Not Secure” message in the address bar for any website that doesn’t utilise a HTTPS (Hyper Text Transfer Protocol Secure) connection to their server. Examples below:

A HTTP (Hyper Text Transfer Protocol) connection:

A HTTPS (Hyper Text Transfer Protocol Secure) connection:

Now, would you continue browsing through a website that’s being labelled as “Not Secure”? I definitely wouldn’t. Especially if I’m buying stuff.

It protects yourself and your customers

An SSL connection to a website ensures that any personal data yourself or your customers use on the website is 100% encrypted, which means it can’t be accessed and stolen by a 3rd party hacker. Happy days!

It is important for SEO

Wow – the big reveal already?! Yes, of course a valid SSL certificate and HTTPS URLs are incredibly important for your SEO strategy.

In a world where major corporations and innocent customers are having their personal information stolen and leaked for all to see, it’s absolutely paramount that you lock your website up tight and keep it as secure as possible to protect yourself and your customers from any attacks.

But why does this matter for SEO?

It matters because Google and other search engines’ want to make life easier for the consumer and provide the best user journey possible.

Therefore, Search Engines will read your website and rank it based on an array of factors (some of which I go in to here), one of them being whether the website is dangerous or illegitimate. A valid SSL certificate and HTTPS URLs gives Search Engines a very clear green light that your website is safe for the user and it will therefore reward you with higher rankings.

How do I check if my website has an active SSL?

It should really stand out if your website doesn’t have an SSL certificate, as I mentioned above your URL in the address bar at the top of your browser would display a “Not Secure” message and look a little something like this:

However, another way to check if your website has a valid SSL certificate is to use tools such as SSL Labs which allows you to enter your domain name for it to conduct various checks on your website domain’s SSL. If your website doesn’t have an SSL, it will definitely be flagged here.

How to implement SSL on your website

Implementing SSL on your website has never been easier – you don’t even have to pay for the certificate anymore! Below are the steps you should take to successfully implement SSL on your website.

Upload a valid SSL certificate to your server

There are various ways to acquire and upload an SSL certificate to your website’s hosting server. These days, most hosting platforms such as Plesk and cPanel already come with a free Let’s Encrypt SSL certificate that just needs activating.

However, if your hosting doesn’t include a free SSL you can just download one for free from the Let’s Encrypt website and upload directly to your hosting platform. Easy!

Redirect all URLs to their HTTPS variant

The next step would be to redirect all of your existing HTTP URLs to a HTTPS variant; this is the only way to establish a secure connection with the SSL. There’s a few ways this can be done, which I’ve listed below:

Update your .htaccess file with a redirect rule

Updating your server’s .htaccess file is the recommended route I’d take as it guarantees all HTTP URLs are automatically 301 redirected to a HTTPS variant without the need of a 3rd party tool or implementing a manual redirect list.

The steps for this are fairly simple:

  1. Locate the .htaccess file in your server – this is usually within the root folder of your control panel
  2. Copy and paste the below code in to your .htaccess file:

RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301,NE]

Enabling HTTPS redirection in your hosting platform

Some hosting platforms allow the user to enable automatic HTTP to HTTPS URL redirecting within the user interface. In which case, you should always have this enabled when a valid SSL certificate is uploaded. Below is an example from the Plesk user interface:

Installing a plugin to do it for you

Installing a plugin to handle your HTTP to HTTPS redirects is definitely a viable option, especially if you use the WordPress CMS (Content Management System) due to its wide array of options, but definitely not my favourite as I like to limit the amount of plugins being used in a CMS where possible.

However, the benefits of using a plugin is that there’s absolutely no need to touch your server or hosting platform as it’s all handled within your Content Management System.

Below are a few example of free WordPress plugins you can install to handle HTTP to HTTPS redirection site-wide:

Analyse and test!

My final step for SSL implementation is to ensure that each URL on your website has been successfully redirected from HTTP to its HTTPS variant and in the correct way. To do this, we must keep an eye out for:

  • HTTP URLs that are still providing a 200 (success) responses and loading without redirecting to its HTTPS variant. Any URLs that are will need individually investigating and rectifying, perhaps using manual redirects.
  • URLs that are redirecting to their HTTPS variant, but using a temporary redirect (302, 307 etc) as opposed to a permanent redirect (301). These will need switching to a permanent redirect to ensure search engines are recognising the correct variant of the URL.

There are various tools at your disposal to analyse your website’s URLs and check for errors, but my favourite would be Screaming Frog’s SEO Spider that allows you to crawl up to 500 website URLs for free and provides you with a bag load of useful information.

What sort of results can I expect to see?

The level of results you see after implementing SSL and HTTPS URLs will ultimately vary depending on your website and the competitiveness of the search terms you wish to rank for. Needless to say though, your on-site conversion rates and visibility in search engines will get better.

Below is a snippet from from one of our client’s case studies:

Macpactor

Macpactor’s website was in dire need of some attention when we took it on in January 2020 as it had a number of significant Technical SEO issues that needed rectifying; one of them being a lack of SSL and insecure HTTP URLs.

Within the first week we’d uploaded a valid SSL certificate and 301 redirected all URLs to their HTTPS variant and the results we saw were very promising:

The above graph plots the daily average rank for all of the keywords we track as part of Macpactor’s SEO campaign and, as you can see, there was a significant uplift from the first week onwards as Google began reindexing the secure HTTPS URL variants of each page.

Full disclosure, this was in and amongst other technical changes but SSL implementation was the most significant quick-win.

And that’s that.

Thanks a million for reading, I hope to have done a good job of answering all your questions regarding SSL and its impact on SEO. However, if you have any questions please feel free to get in touch here or if you’d like to take advantage of our free SEO audits, click here!

Cheerio.

dan

Dan is the Founder & Director of Mac & Hat. He enjoys all things SEO, writing and being fun at parties.

Leave a Reply