Google's new HTTPS ranking signal. what does it mean for SEO

A few weeks ago Google officially announced that HTTPS would now become a ranking signal, meaning that websites using secure encryption may get a certain boost in Google rankings.

For now HTTPS is said to be a "lightweight signal", given less importance than numerous other quality factors, but Google admits it may become stronger over time:

The news is shaking up the SEO industry with lots of polar opinions. And to help you decide whether switching to HTTPs may be a good solution for your website, we've created a short guide that explains:

• What HTTPS is;
• Who should use it;
• How it may affect your SEO;
• And what pros and cons there are in switching to HTTPS;

So, let's get a closer look at HTTPS.

What is HTTPS?

HTTPS is a secure method of exchanging information across the Web that uses several extra means to protect the transferred data.

Normally (with a commonly used HTTP protocol), browsers and web servers exchange data in plain text, leaving you vulnerable to eavesdropping — an attacker is able to intercept your data, and then see and use it.

When sent via a "secure" HTTPS version of the protocol, your data gets protected by:

1. Encryption — encrypting the exchanged data to keep it secure from eavesdroppers. That means that while the user is browsing a website, nobody can "listen" to their conversations, track their activities across multiple pages, or steal their information.

2. Data integrity — data cannot be modified or corrupted during transfer, intentionally or otherwise, without being detected.

3. Authentication — proves that your users communicate with the intended website. It protects against man-in-the-middle attacks.

This way HTTPS ensures you can safely send personal data online (like credit card information, login details and so on) without a risk of its leaking to a third party.

For protecting the transferred data, HTTPS uses SSL technology. So, to enable HTTPS for your website, you need to get an SSL Certificate (usually on a paid basis) and install it on the server.

Does my website need HTTPS?

For any site that is taking transactions, like e-commerce stores and payment gateways, using HTTPS has long become a standard. And if you're not yet offering this protection to you users — you'd better do that asap.

For websites collecting personal information for account login, comments, email subscription and so on, HTTPS is a good practice, and can help you build user trust.

For a purely informational website, without any sensitive data transferred, there's no direct necessity in HTTPS protocol. Though this can to some extent protect your visitors from phishing and other scam practices.

Do I need HTTPS sitewide?

Even though HTTPS is already used by thousands of websites, quite a common tendency for many of them is to protect only separate checkout or login pages, rather than the entire site.

While this approach is definitely better than not having HTTPS at all, here are some cons of not having HTTPS on your entire site:

• Users' session IDs and cookies cannot be protected. With partial HTTPS protection, when a user switches from HTTPS to HTTP, his session ID and cookies must be transmitted in the clear, and thus can be intercepted and used to impersonate your users (like in the Firesheep case).
• Users may end up entering their credit card or login details on another website. Not protecting your landing page with HTTPS or protecting only the "Submit" form on the submission page leaves criminals an opportunity for a man-in-the-middle attack: they can intercept the unsecure pages of your site and lead your customers to fake submission forms instead of the intended ones.

Another case against partial HTTPS implementation (if you're only planning a move to HTTPS), is that setting the switch from HTTPS to HTTP within one website may itself be complicated. And, when set improperly, may often result in a scary error messages popped up to your users.

Note:  If you decide to use HTTPS only on the submission pages, make sure none of them slips your attention. If you're setting HTTPS protection for a login page, make sure you also set it for pass reset pages, and so on.

Will HTTPS boost my rankings?

Ever since the "HTTPS ranking signal" announcement, fears spread that not having an SSL certificate can now push your site down in Google results, making many website owners start moving their sites to HTTPS without proper research and understanding.

Yet you need to remember that for now HTTPS is considered only a "very lightweight signal" that can potentially give you a tiny rank advantage (together with a set of some 200+other SEO signals), rather than push you to Google top.

If transitioning to HTTPS would be relatively easy for you or important for your business (i.e. e-commerce), then by all means make the switch.

However, if it would be quite difficult to convert to HTTPS it may not be worth the burden, and you surely can find more effective SEO techniques to implement.

Pros and cons of switching to HTTPS

Security HTTPS protects your users from man-in-the-middle attacks and other forms of unauthorized eavesdropping and tampering.	Costs SSL certificates cost money and have to be renewed and maintained. Note: The price ranges tend to vary here, so you may find a reasonably priced solution (sometimes a shared SSL if it is provided by your hosting).
Industry standards Online businesses that handle cardholder information can use this website security as a way to comply with the PCI DSS (Payment Card Industry Data Security Standard)	Dedicated IP address Each SSL certificate requires its own private IP address. Note: If your server supports SNI (Server Name Indication) you may go with a shared IP. Yet you have to realize that SNI is not supported by some older browsers (ex. IE on Windows XP)
Conversion With a growing awareness of online fraud, many internet users will simply refuse to buy anything from an online merchant that doesn't encrypt their transactional data.	Site slowdowns: Encrypting and decrypting information requires extra server processing power and thus can slow down your website. Note: Proper HTTPS setup, SPDY support and OCSP Stapling help you reduce the slowdowns. Some webmasters even report their sites loading quicker after the HTTPS transition.
Reputation HTTPS padlock icon in the address bar has become a symbol of trust, and can boost your brand's image as a trustworthy source.	Redirect difficulties If you have little or no experience in server configuration, the process of properly redirecting all your content to HTTPS may be complex. Note: — Proper canonicalization lets you avoid duplicate content issues. — All HTTP URLs have to be permanently redirected to HTTPS with 301 redirect. — Any absolute internal links within your website need to be edited into the HTTPS URLs or into relative URLs (ex.<img src="//domain.com/img/logo.png">)
Google rankings Even being a small signal for now, HTTPS can potentially have an increasing effect on your search engine visibility.	Lost social signals Most social signals you've earned will be lost over the moving.
	Some external apps do not support HTTPS For instance, some WordPress plugins may not properly work on the HTTPS version of your site. Note: Run a deep research to make sure all external plugins you use support HTTPS, or find a replacement.
	No external HTTP content allowed Trying to leave external content from non-HTTPS resources will result in error messages shown. Note: Make sure your HTTPS pages feature only content from HTTPS sites and your CDN (Content Delivery Network) supports it too.
	AdSence revenue may drop As Google states on their AdSense page, "HTTPS-enabled sites require that all content on the page, including the ads, be SSL-compliant. As such, AdSense will remove all non-SSL compliant ads from competing in the auction on these pages… Ads on your HTTPS pages might earn less than those on your HTTP pages."

We hope this outline will help you take informed and grounded decision on if, when and how to switch your website to HTTPS protocol. Please join the comments below to share any thoughts you have on the issue!

And if you found this guide useful, send your thanks to SEO team, and share it with your contacts via the social buttons on the below! 

========================================================================+++++++++++======================================================================

SEO Clients Should Not Worry About 5 Things

SEO Clients Should Not Worry About 5 Things

When you hire an SEO to optimize your website, there is understandably an element of concern for the success of the optimization campaign. SEO isn’t IT, it is active marketing of the website. As such, you need to be intimately involved in the campaign from start to finish. You can never just let the SEO loose and then hope for the best.

At the same time, you can’t expect your SEO to do their job if you are constantly contacting them with yet another “concern”.

Yes, you want your optimization campaign to be a success, but some details are better left to the professionals! As much as some business owners are determined to stress about the success of their optimization campaign, there are several things SEO clients should never worry about.

Push these concerns off your worry plate:

DON’T WORRY ABOUT GETTING #1 RANKINGS

The SEO’s job is to help your business’ online presence grow. Part of that is getting you top search engine rankings, but that’s just one piece of the puzzle.

There are many areas of a successful online marketing campaign that have little to do with which keyword is ranked where.

 That’s not to say the SEO can neglect rankings altogether, but that is just one tool in the total arsenal that brings success. Rankings alone don’t cut it.

If you’re wondering when you’ll be #1, forget about it! It’s never going to happen. OK, never is a strong word, it certainly can happen and it’s great when it does, but it should not be expected.

Sometimes a powerful #3 ranking can mean more conversions than a #1 spot. Other times, there are sites that simply are just too powerful for you to beat without significantly increasing your time, energy, and finances. That money is probably better spent bringing other keywords to the first page. Having 100 keywords in the top ten is likely far more valuable than a single #1 ranking!

DON’T WORRY ABOUT EVERYTHING MATT CUTTS SAYS

Do you watch Matt Cutts’ videos where he answers questions about Google’s algorithm? We do. And we also know that not everything Matt says is 100% pure truth. Sometimes it is propaganda, sometimes certain pieces of information are left out, and sometimes he chooses his words carefully in order to give the wrong impression.

You can’t blame him, he works for Google. His job is to protect Google’s algorithm, and if he can do that by steering people away from strategies that shouldn’t—but do—work, he’ll do that. If he says that X is the best strategy, he may be right in a perfect world, but we all know that X doesn’t produce the same effects as Y.

Matt Cutts definitely does provide a valuable resource, but take what he says with a grain of salt and don’t bug your SEO about everything he says. Trust your SEO to sort it out.

DON’T WORRY ABOUT INTERACTING ON EVERY SOCIAL PLATFORM

There are thousands of social networks. A few are far more valuable than most and some come while others go. Do you have to interact on every platform for your social efforts to succeed? Not even close. In fact, there may be only one or two platforms that hold any value for you.

Work with your SEO to determine which social platforms are best for your business, but don’t expect them to jump on every new bandwagon, especially one that is unproven and doesn’t immediately show a clear value. Let other people spend their time building these networks, develop a strategy, and only as you have time and budget get involved.

DON’T WORRY ABOUT PANDA/PENGUIN UPDATES

You should never have to be concerned about the next Panda or Penguin (or whatever they want to call the next major algorithm change) update. Your SEOs should be far enough ahead of Google to be Panda and Penguin proof before those updates were ever spoken of.

Remember what I said about Matt Cutts? Well, if SEOs are paying attention they’ll know what Google is working toward, even if it isn’t fully true at the time Cutts says it is. That means your SEO’s strategies should be the kind that are developed for algorithm changes that haven’t happened yet. They need to be looking years down the road to determine how to ensure your site weathers any storm that Google can throw at us.

If you have been negatively impacted by these updates, it might be time to find a new SEO, one that can stay ahead and not charge you to fix what they broke.

DON’T WORRY ABOUT EMAILS FROM OTHER “SEOS” CLAIMING YOUR SITE ISN’T OPTIMIZED

Guess what? Your site will never be perfectly optimized. There are always keywords to optimize, architecture to fix, links to get, blog posts to write and to socialize. Someone will always be able to find fault with the optimization of your site.

But almost all of those “SEOs” who send emails telling you they could not find your site on Google because it’s not optimized have never even looked at your site. If they had, then I would not be getting them too! Why would an SEO company tell another SEO company they can SEO their site for them? They wouldn’t.

If you find yourself worrying that your SEO isn’t doing what he or she needs to do, you might be right…because they are spending too much time trying to keep you from interfering with questions and concerns.

If you did your due diligence before hiring your SEO, then at the very least trust yourself. Your SEO has it covered. And you have five less things to worry about!

Those emails are nothing more than spam being sent to anyone and everyone they can find. Which begs the question, if they can’t find you because your optimization is so bad, how did they find you to send that email?