Page Experience Matters: HTTPS for Users and Ranking

Did you know that more than 95% of U.S. webpages loaded in Google Chrome are now encrypted? That’s good for websites and users. But not so good for the 5% that have not migrated from HTTP to HTTPS.

This article is No. 5 in our series on page experience. It highlights why HTTPS is important for everyone, but especially so you can better prepare for Google’s upcoming page experience ranking signal set to go live in 2021.

In this post (and be sure to see the other articles in this series at the end of this one):

What Is HTTPS?

HTTPS, or hypertext transfer protocol secure, secures the data that’s exchanged between a web browser (such as Chrome) and a web server (which stores, processes and delivers your webpages to a user).

What is HTTPS vs. HTTP illustration.
Image credit: “What is https?” by TutorialsTeacher.com

As the illustration shows, the difference between HTTP and HTTPS is that the data is not encrypted on HTTP. HTTPS helps protect against attacks that can happen while data is in transit.

Examples of attacks could be:

  • A breach of sensitive data like passwords, credit card numbers and health information
  • Malware installation onto the user’s computer
  • Fake content served up to the user instead of the content they wanted
  • Studying the overall browsing activities of users to ultimately discover a user’s identity

HTTPS came about in the ‘90s and originally applied to processing credit card information. But as companies like Google began to push for secure web browsing, HTTPS has become a gold standard for websites.

Google’s goal is to achieve 100% encryption across its products and services.

Why Is HTTPS Important?

HTTPS is important because it helps to protect your website and your website visitors from potential bad actors. HTTPS creates a good user experience, helps instill trust in your website, and protects your revenue.

HTTPS is also necessary when pursuing new web platform features, including progressive web apps (for more on what that is, see this article on Medium).

Google announced back in 2014 that sites with HTTPS would receive a ranking boost albeit a small one. In other words, if your site was not secure but a competitor’s was, their website may rank better, all else being equal.

Will HTTPS be a stronger signal in the future? Maybe.

In its 2014 announcement, Google said that “over time, we may decide to strengthen it, because we’d like to encourage all website owners to switch from HTTP to HTTPS to keep everyone safe on the web.”

But in 2017, Google rep Gary Illyes said they didn’t have plans to make it a stronger signal:

Another announcement coming from Google in 2015 said it would index HTTPS pages by default:

… we’re adjusting our indexing system to look for more HTTPS pages. Specifically, we’ll start crawling HTTPS equivalents of HTTP pages, even when the former are not linked to from any page.

A secure website can also protect website visitors and revenue. When people reach a webpage that is not secure, they may receive a message that labels it as such. This may cause a person to bounce from the site or abandon their cart.

Treatment of http pages, per Google.
Image credit: “A secure web is here to stay,” Google Security Blog

Plus, once you enable HTTPS, you can implement HTTP/2 on your site. This is the first major upgrade to HTTP since its inception, and it can improve page load time. Remember that site speed is a signal in Google’s ranking algorithm .

So it’s a good idea to implement HTTPS for security — and to do it ahead of Google’s page experience ranking update in 2021.

An additional note: I believe HTTPS is a strong trust signal, especially for ecommerce sites. But if everyone is finally HTTPS, then everyone is tied. That means NOT being HTTPS becomes a disqualifier.

How Do You Move to HTTPS?

If you’re ready to move your site to HTTPS, Google offers some good resources to start:

Just like any site migration, it’s common to see fluctuations in rankings and traffic for a period of time. Depending on the size of the site, this can take weeks or more. Traffic should resolve itself after things settle (and you may even see a ranking and traffic boost afterwards).

To avoid pitfalls that could impact your site during the migration, make sure that you:

  • Start small by moving a part of the site and testing as you go.
  • Do the migration when website traffic levels are lowest.
  • Monitor your rankings before and after — there will be some flux but it should work itself out.
  • Don’t block HTTPS with robots.txt.
  • Don’t forget to 301 redirect all the old URLs to the new ones.
  • Make sure your internal links and tags (canonicals, etc.) aren’t referencing the old HTTP URLs.
  • Avoid the noindex meta tag on important pages.
  • Look for excessive redirects that may cause slow page load times.
  • Ensure the content on HTTPS webpages is the same as on HTTP pages.
  • Crawl the site after and make sure you get the 200 status code on all pages.

Google offers its best practices for an HTTP > HTTPS move here.

For more details on the coming update, keep reading our Page Experience series:

  1. What’s the Page Experience Update?
  2. How to Make a Mobile-Friendly Site
  3. Intrusive Interstitials & Why They’re Bad for SEO
  4. Safe Browsing to Protect Your Website, Visitors & Ranking
  5. HTTPS for Users and Ranking
  6. Core Web Vitals Overview
  7. Core Web Vitals: LCP (Largest Contentful Paint)
  8. Core Web Vitals: FID (First Input Delay)
  9. Core Web Vitals: CLS (Cumulative Layout Shift)

If you found this article helpful, please share it and consider subscribing to our blog.

Bruce Clay is founder and president of Bruce Clay, Inc., a global digital marketing firm providing search engine optimization, pay-per-click, social media marketing, SEO-friendly web architecture, and SEO tools and education. Connect with him on LinkedIn and other social networks from Bruce's author page.
Comments (8)
Filed under: SEO — Tags: ,

8 Replies to “Page Experience Matters: HTTPS for Users and Ranking”

Trying to explain that a clients website isn’t showing up to potential clients is very difficult to articulate when the owner see’s his website perfectly on his end. I wish Google would make it clear to site owners that their sites aren’t protected better.

Thanks for the entry, Google recommends that all websites use the “https: //” protocol whenever possible.

Jennifer Rodriguez

Hi Bruce,
I appreciate your timing. I was trying to explain this to someone the other day…you do a much better job.

BTW, recently I have seen some non secure sites that won’t load at all. An error message indicates the site is not secure and you are not allowed to proceed.

… we’re adjusting our indexing system to look for more HTTPS pages. Specifically, we’ll start crawling HTTPS equivalents of HTTP pages, even when the former are not linked to from any page.

*Cool!

Google gives more search engine indexing priority to websites having HTTPS in their domian.

Hello Bruce !
I agree with your point that HTTPS is a very effective tool in protecting the visitors on your site . Your content has helped me acquire the concept of HTTPS more brief and elaborate . Hope that HTTPS be a stronger signal in future . Also thanks for adding photos for better understanding .

I think HTTPS is a mandatory requirement for any website today. However, the cost to implement this is keeping people away. Where can a website owner go to get low cost SSL if they don’t have it.

Another point to concider is security to avoid hackers etc.

LEAVE A REPLY

Your email address will not be published. Required fields are marked *

Serving North America based in the Los Angeles Metropolitan Area
Bruce Clay, Inc. | 2245 First St., Suite 101 | Simi Valley, CA 93065
Voice: 1-805-517-1900 | Toll Free: 1-866-517-1900 | Fax: 1-805-517-1919