SSL & SEO: What You Need to Know

Matt Crowley - September 17, 2014

There has been a lot of talk lately about Google’s decision to make site security a ranking factor for Search Engine Optimization (SEO). But whether or not you switch from an unsecure site (HTTP) to a secure site (HTTPS) currently has very little to do with SEO. There are bigger questions to consider, including the size of your website, what your website is used for and what kind of resources you have to implement and manage a secure site.

Let’s look at some basics:

What Does Site Security Have to Do with SEO?

By making site security (that is, whether or not your domain is secured with an SSL certificate) a ranking factor, Google has signaled that it will take site security into consideration when determining which pages to rank. But it’s important to note here that site security is one of many ranking factors that Google looks at when determining which pages to rank.

If, for example, you and a competitor are neck-and-neck in terms of optimization, Google may look at your HTTPS domain and choose to rank it higher than your competitor’s HTTP domain. But, if your competitor takes pains to improve site speed (another ranking factor), any rankings you may have “won” over your competitor by switching to HTTP may be lost.

This is another way of saying: don’t panic. SSL is one of many ranking factors Google is now using. It is not going to get you from Page 5 of the Search Engine Results Pages (SERPs) to Page 1.

It’s important to remember that SEO does not live in a bubble. You should not invest in site security just to gain rankings. There are many other important considerations and implications that go way beyond SEO.

Are Other Search Engines Using SSL as a Factor?

As of now, Google is the only search engine using site security as a ranking factor, but this could change. Often, when Google makes a change, Bing follows.

What Are the Benefits of Going Secure?

Aside from the (potentially nominal) SEO benefit, there is also the benefit of users gaining perceived value by seeing HTTPS as opposed to HTTP in your URL. This is why pages on banking websites are secure, even when the pages do not pass user information.

Who Should Invest in Site Security?

The trend toward site security isn’t going away. Large to medium websites, particularly ecommerce, health or financial websites, can benefit by going entirely secure – even if the only current benefit is user perception.

What Are the Issues to Consider when Switching from HTTP to HTTPS?

There are a number of important factors to consider when it comes to switching to a secure site. These include:

1. Cost – Moving from HTTP to HTTPS requires the use of an SSL certificate for your domain. If you have additional domains or sub-domains, you may need special or multiple certificates. These certificates must also be renewed before their expiration date.
2. Certificate requirements – There are two important requirements to consider here – the type of SSL certificate your hosting set-up requires (dedicated or shared) and the type of SSL certificate your PCI vendor requires (if you are using one). It’s important to gather this information before investing in an SSL certificate. At the end of the day, you should purchase the SSL certificate that fits both your host’s and your PCI vendor’s requirements.
3. Resources – Making the switch from HTTP to HTTPS requires a significant time commitment on behalf of your development team, who will have to put all of the building blocks in place to make the change possible, and then perform testing to make sure everything was implemented properly. Your SEO team should also be consulted to make sure all of your pages are redirected properly.
4. Additional SEO factors – Whenever you make a change to your website, there are SEO factors to consider, such as page load time and whether or not redirects were implemented properly. A knowledgeable SEO expert should be consulted to ensure that all of the necessary changes are put in place correctly.

What’s the Bottom Line?

At the end of the day, we would never suggest making a change this dramatic simply because it’s a ranking factor. Securing your entire site requires a huge investment and an understanding of all of the elements that must come into play in order to switch from HTTP to HTTPS successfully.

Long term, having a secure site will likely be beneficial – for both rankings and for user perception – but this is not an emergency. It’s much more important to make the change to SSL when you have the time and resources in place to carry it out.