Those of you still using HTTP sites are in for a big change occurring on June 30 of this year. If you’ve ever used Chrome as your main browser, they’re going to enact changes to block all HTTP sites in favor of sites using HTTPS.
While this might sound shocking that a major browser will leave HTTP sites out in the cold, it’s for everyone’s own security.
Take a look at some facts about this update, and what the implications are. You’ll see why it’s beneficial for you to switch to HTTPS for the security of your own site and online customers.
Chrome’s Death Knell for HTTP Sites
With Chrome 68 coming out on the first of July this summer, many analysts think it’ll become the final nail in the coffin for those still using the HTTP website designation.
Much of it has to do with the increasing problem of security breaches occurring daily through websites and browsers. Many people are becoming exasperated at the thought their personal data could be compromised from sites dealing in e-commerce.
Since HTTP sites are going to become labeled “Not Secure” on Chrome, you can see what kind of impact this is going to make on new visitors.
As Chrome says themselves, 81 of the top 100 sites on the web use HTTPS by default. This should give you full confidence in being able to transition over to HTTPS. Even so, you do have numerous steps you’re going to need to take.
What Are the Implications if You Don’t Switch?
The chances are good you’d end up at the bottom of all search engine rankings if you don’t switch after this summer. Don’t think Chrome doesn’t matter, because it’s still one of the leading browsers in the world.
Firefox started the entire chain of events leading up to Chrome. Any HTTP site you run across on their updated browser will give you an immediate message it isn’t secure enough to use.
Falling to the bottom of search engine rankings can obviously become devastating, and it explains why a lot of businesses have already made the switch. Yet, the transition from HTTP to HTTPS can sometimes cause a temporary drop in rankings.
Another risk is making mistakes during the transition, causing further ranking issues, or technical problems lasting for months.
So what steps should you take to make switching to HTTPS easier? Let’s look at some actions you can take now to make the evolution occur a little smoother.
Obtaining Your SSL Certificate
You can start by getting your security certificate to ensure your site becomes designated as secure. It’s usually recommended you acquire one with a 2048-bit key, a standard since 2013.
The hosting company you go through is the best place to get your SSL certificate. They’ll typically help install it for you to save you the time and trouble. However, it’s still possible to get one from any certificate authority.
Server-Side 301 Redirects
By taking care of all your redirects from HTTP to HTTPS, you’re ensuring anyone won’t accidentally land on an HTTP page. What’s most important with your redirects is to not have two existing versions. Otherwise, search engine crawlbots are going to become confused and lead to duplicated content issues.
In the world of Google, this could prove disastrous and affect your SERPs.
Keep in mind you’ll also have to redirect all internal links on your site. Other resources like images, downloads, or scripts all need redirects as well. The point is to get rid of unnecessary redirect chains. Some of these might become unnecessary, and eliminating as many as you can helps eliminate any chance of slow load times.
Preventing Indexing Issues
Since your rankings all depend on how Google crawlbots scan your site, you’ll want to revise your robots.txt. You’ll also want to avoid using the “noindex” tag. The latter could end up affecting ranking results without a full check.
To make this more thorough so you still rank high, you might want to use an audit tool to check everything over. In some cases, this might mean having a professional do this for you so you’re sure you caught everything.
Considering Google penalizes on just the smallest thing, you need to look over every detail. One thing many overlook is misleading tags. Whether using canonical, alternate, or hreflang tags on your site, be sure to reset them to HTTPS.
Fixing Unencrypted Resources on Your Site
Another issue might occur where you end dealing with mixed content. This is when you have other unencrypted resources (like images) on your site using HTTP. Even if the site is still loading in HTTPS, these other HTTP resources could still create security vulnerabilities.
Browsers put up warnings that a site has insecure parts to it, and that can obviously still hurt you.
Switching all of these resources to an absolute HTTPS URL is going to take some work, though it’s worth it in the end. A professional web designer well-versed in HTTPS issue can help you change images, videos, web fonts, or internal JS and CSS files.
You may have to retest everything to make sure you caught everything and you’ve properly done the HTTPS transition. Plan for some patience as you keep testing and continually tweak things.
Create a vulnerabilities checklist and go over each thing to make sure you found the things listed above. A lot more may need fixing than what’s mentioned here.
In addition to the above, take time out to conduct an SSL server test. One through Qualys is free. It only takes a few minutes for the scan to complete and give you a grade.
If you find any issues through this test, get in touch with your host to resolve these problems as quickly as possible.
Moving Your HTTPS to Your Google Search Console
Last, you need to let Google know you’ve switched to HTTPS. Create a new sitemap and submit it to Google to make the transition faster.
Switching to HTTPS doesn’t necessarily mean you’ll experience a rankings boost. The key is to avoid dropping in rank and maintaining where you placed without traffic dips.
Visit us at Ndevr to use our web development expertise so we can help you transition to HTTPS without drama.