In late 2014, Google announced that switching your website to HTTPS would give you a ranking boost. Edward Snowden had leaked NSA documents that showed how the agency was using information from Google data centers, and Google responded with this initiative to help make the web more secure in general. To get that HTTPS address (instead of the standard HTTP you’re used to) that can improve your Google rankings, you must install an SSL certificate. In the past, we only used SSL certificates for e-commerce websites or other websites that might transmit sensitive data like credit card numbers. Because HTTPS is one of about 200 factors on which your Google ranking is based, and because SSL certificates can generate a host of other maintenance issues, we did not rush to recommend that all customers have one installed. But now the time has come.
Security Advantages of an SSL Certificate
As we just pointed out, SSL certificates are essential for websites that collect sensitive data like credit card or health information. But these days, most sites are built using a CMS (Content Management System) such as WordPress. To log in to the back end of your website, you use a password. And that password constitutes sensitive data. Installing an SSL certificate for your WordPress website just makes sense.
- For you the password-enterer, HTTPS prevents third-party tampering, stopping so-called “man-in-the-middle” attacks that can occur when you are entering your password and a bad actor “eavesdrops” on the communication.
- For your users, HTTPS verifies that your website is on the proper server and is otherwise legit.
- And again for your users, HTTPS encrypts all communication, including URLs.
SEO Advantages of an SSL Certificates
We did point out that HTTPS status is one of about 200 factors that can improve your Google rankings. That makes it difficult to isolate the value of an SSL certificate on its own, but we believe the value of an SSL certificate will increase over time.
In any case, it’s worthwhile to be the first of your competitors who has an HTTPS address to set yourself apart. An SSL certificate generally costs about $70 per year, and some hosts offer a free shared SSL certificate (Hostgator). The worst part is getting it set up the first time, when your web developer needs to ensure that all your content is displaying properly, that your website uses the right kind of redirects (302 permanent redirects), and that your canonical URLs are in order. There likely will be some costs associated with that first implementation, but from then on it should just be a matter of renewing the SSL certificate every year.
(Attention hosting companies: why can’t you make the renewal process for SSL certificates easier?)
Data Advantages of an SSL Certificate
If you have an HTTP site (no SSL certificate), and traffic comes to your website from an HTTPS website, the referral data gets stripped away. Or, more concretely, if someone goes from a store website like https://coolclothing.com to your website http://coolaccessories.com, you will only see the word “direct” in your Google Analytics data.
However, if someone comes from https://coolclothing.com to your SSL-protected website, https://coolaccessories.com… Now you’ll be able to see in your Google Analytics reports that your traffic came from the Cool Clothing website. Whenever traffic passes from to an HTTPS site, the referral information is preserved. And with more websites using HTTPS, it’s becoming increasingly important to have an HTTPS website yourself so you’re able to access that important measurement data.
To sum up: if you’re doing any kind of business on the web, it’s worth getting an SSL certificate installed on your website. Need help getting one set up? Contact us!