A website’s use of the secure protocol — as evidenced by the HTTPS designation and the presence of a security certificate — is a priority for search engines. But recent changes to Google Chrome make it important for web browsers, too.
HTTPS and Browser Behavior
Google is tackling the security challenge across the web via its Chrome browser. This week, the Chrome team announced that all web pages without an HTTPS certificate will display a “Not Secure” label in Chrome 68, scheduled to be launched in July 2018. Previously, the “Not Secure” label had been reserved for pages with form fields, such as password logins, shopping cart checkouts, and site-search boxes.
Chrome 68 will display a “Not Secure” warning for all pages that have not migrated to HTTPS.
While browser behavior isn’t typically considered natural search marketing, it does impact searchers’ perception of the quality of your company.
Natural search is an excellent way to expose more people to your brand, and rekindle the interest in those who already know of it. The experience they encounter on their visit to your site will create a strong impression.
Seeing a warning in their browser that the site is not secure can signal that it is risky or low quality. It could cause the searcher to leave and choose a competitor. Moreover, an increase in quick bounces could trigger in search engines a rankings decrease, based on the presumption that searchers are not finding what they want.
Thus a change in the security labeling for a widely used browser like Chrome could impact natural search performance.
In addition to Google’s heightened Chrome warnings, Safari and Firefox, the other leading browsers, also provide security signals in their address bars.
Google has long been vocal in its push for a more secure internet.
Google’s rankings boost associated with HTTPS is based purely on the letters “HTTPS” in the URL, as opposed to the existence of a valid certificate. That means that even insecure pages could receive a rankings boost if they masquerade behind an HTTPS notation. This seems like a pretty weak effort from the search giant, but it reportedly decided to focus on other areas in the algorithm.
Still, in the competitive world of search engine optimization, even a small boost in rankings could give you the lead over a competitor and create additional natural search revenue.
Bing, the world’s second largest search engine across desktop and mobile devices combined, considers the security of the site to be a matter of the owner’s choice, rather than a ranking signal. Bing does not, reportedly, provide a rankings boost for HTTPS.
Migrating to HTTPS
Migrating to HTTPS isn’t as simple as purchasing a security certificate. Everything from images to links to 301 redirects is involved. The process is often complicated.
Much of the complexity involves SEO, as the migration should preserve organic rankings. It should be treated as any other URL change or technical migration. Search engines consider HTTP and HTTPS as different URLs. Thus HTTP and HTTPS can be indexed simultaneously and create duplicate content that competes for rankings and splits link authority between different versions of the site.
As such, make sure to register and verify in Google Search Console and Bing Webmaster Tools the HTTPS versions of the site and all subdomains — including www and non-www. The search engines use these tools to send you messages about your site’s performance and crawl-ability, which will be vitally important as you migrate.
For a much more detailed list, see contributor Hamlet Batista’s excellent article, “SEO: How to Migrate an Ecommerce Site to HTTPS"