HTTPS and SSL as a Ranking Signal
Security is a top priority for Google and as far back as 2014 the internet giants announced that they want to see HTTPS (and not HTTP – the “S” representing Security) being used everywhere. Google is now increasing its focus on this and Google Chrome will now notify a user if a website is secure or not.
Chrome 56 implemented new security settings back in January this year and given that it is by far the most popular browser, web owners will want to think about using HTTPS. When browsing a site via HTTP, which means it is without a Secure Socket Layer (SSL) certificate, you are opening yourself up to potential problems including having your data stolen.
What does all this mean in terms of rankings and traffic and what can you do about it? Since Google has stated it is taking security into account as a ranking factor, we expect this to become more important over the coming months. So here’s some background on SSL considerations for businesses and some actions you should take.
The bottom line is you should invest in getting an SSL cert and the good news is – it’s cheap!
SSL in Action
When a person logs onto an SSL protected site the server responds with a certificate that shows the website is encrypted. The data gets encrypted at the source and decrypted at the users end which stops any unwanted third parties modifying the site before the visitor sees its content.
A green padlock will appear in the address bar of secure sites and it is also possible to see https://. If you are unsure, change the url and manually type in https://www……… (for example https://inspiration.ie) and Chrome will tell you if the site is encrypted or not.
The last couple of years has seen a shift towards more security and lots of sites are now equipped with SSL encryption. This is probably most evident in e-commerce sites where people are handing over personal details such as credit card details and addresses.
One of the biggest benefits to having an SSL certificate, from a user’s perspective, is that it gives people piece of mind. Sites with SSL have lower bounce rates and in many cases longer visit times. Internet users are starting to view the encryption as a quality seal.
Get Your Certificate
So now you know a little bit about SSL you’ll probably want to get a cert. There’s a few straight forward steps in the process. Give us a shout if you need any help along the way.
1. Buy Your SSL Cert
Companies such as SSl.com sell different certificates to suit the needs of your business. Depending on how many domains you have and what way they are configured will determine the most cost effective solution. Costs can be as low as €60 a year for a single site and €150 p.a. for multiple sites.
2. Generate and Submit CSR
Each individual cert requires a unique Certificate Signing Request (CSR) to identifies and protects your website. Most servers can generate a CSR.
Once you have generated a CSR you will need to submit and validate it. You can validate via email and also by file verification where you place a file in the root of the site.
4. Install your SSL Certificate
Once you have downloaded your cert you can install them on your server. Most good servers have helpful guides on the installation process.
The addition of an SSL as part of your digital plan for the year is a good idea as it’s going to be more and more important in browsers such as Chrome and Firefox. The European Union is also taking data protection seriously and new regulations will be in place by May 2018.
If you want any advice on adding security to your website don’t hesitate to get in touch.
Quick Security Tips
Having a secure password has never been so important. The 2 most popular passwords today are 123456 & 123456789. Pretty easy to crack eh? Hackers are finding new ways all the time to access your website.
Your username should also be changed from your standard ‘admin’ to something more specific to you or your company.
A great way to keep your website secure is to update your Content Management System (CMS) regularly. When your CMS is not up to date it is vulnerable to attacks. Here at Inspiration we use the popular CMS WordPress for all our websites – we’re WordPress nuts!!
A CMS like WordPress is very popular and so this means it can be a target for hackers. Keeping the Core and all Plugins up to date helps keep out any unwanted intruders. There are also many plugins which help with keep you safe. One plugin we like to use is Wordfence but we always keep up with the latest plugins and techniques.
If your website has been compromised you may not know it. It’s a good idea to keep an eye out for any signs of a hack as Google may blacklist your website and domain.