Moving From HTTP to HTTPS For SEOs

HTTP to HTTPS has now become a necessity for your own or your client’s websites, as Google Chrome has started delivering warnings within the browser when visiting unsecured websites. Whilst most of the work will be done by developers/webmasters in regards to the move, it is highly important SEOs know the details and check everything from CMS settings to the config file redirects. As a non-technical SEO, you’ll be glad to know; this guide is more of a checklist, rather than a technical how-to.

So, without further ado…

How To Move From HTTP to HTTPS (SEOs Checklist)

#1 Start With A Test Server

A ‘rehearsal’ on a test server is very wise, especially for larger sites. Everything can be tested before you push live. Make sure your dev gives you a test server environment to check everything first.

#2 Check Server Documentation for Specific HTTPS Requirements

Although most HTTPS switching processes are standard across most servers it is a great idea to read the specific documentation as there may be some slight differences/quirks in your server setup you’ll have to address.

#3 Get A Security Certificate & Install it On Your Server

Getting a security certificate is down to personal preference but there is a free version ‘Let’s Encrypt’ that can be installed on your server, and paid versions such as ‘Digicert’. The differences between free certificates and paid are explained well here.

#4 Update Settings on CMS

There will be an option somewhere on the CMS to update the site settings, including the URL. WordPress makes it really easy to change to HTTPS. Other CMS and platforms have similar settings

#5 Update All References of HTTP to HTTPS Within Content + Code

This can be a laborious manual task, especially for larger sites, but this can typically be done with a search and replace on the database or through plugins like Better Search Replace. All internal links and images should be switched over.

#6 Update All References Of HTTP to HTTPS within Plugins, Scripts and Templates

 

Depending on your specific situation, your website may have plugins, scripts or templates that are run on a regular basis. Ensure that these are all updated to HTTPS otherwise the next time they run, it could break something. This includes forms, tools and apps that may run on your website.

#7 Update Canonical Tags

Your CMS platform should already have this covered, but double check that your canonical tags are working as they should be after the switch.

#8 Ensure a 301 Redirect For All URLs In Config File

Making the switch to HTTPS in .htaccess or your server config file is pretty standard, but we SEOs care about how they have been redirected. We of course need them to be 301’d. Show your dev this .htaccess redirect generator so that they can 301 all URLs.

#9 Update Your Analytics Settings

Whether you’re using Google Analytics or another platform, you should have a setting to change the URL. This will ensure all tracking is running smoothly after the switch. Don’t forget to change the URLs of goals too.

#10 Update Webmaster Tools

You’ll have to create a new profile in Webmaster tools with your new HTTPS URL. This will ensure accurate stats and tracking and business as usual within WMT.

#11 Update Advertising Profiles

Ensure that all advertising profiles have the correct URLs for ads and goals. Whilst they will all still redirect fine, it will ensure there are no issues/bugs. Plus, you get the added ‘secure’ factor for your ad URLs.

#12 Update Social + Directory Profiles (Instagram, Facebook, Twitter…)

You’ll need to go through all of your social and web directory profiles and ensure all HTTP references are now HTTPS. Whilst it’s not important to update old posts, ensuring your static ‘web address’ setting within your profile is updated is good practice.

#13 Update Other External Tools

If you’re anything like us, you’ll have a whole array other software such as split testing tools, heat mapping, live chat and more. Ensure all of these tools have the correct settings for your URLs otherwise you may run into bugs.

#14 Run A Site Crawl With Screaming Frog

Finally, use a tool like Screaming Frog to run a crawl on your website to ensure there are no errors, broken links or images.

Should I Update All Of My Old Links to HTTPS?

So you’ve been link building for a few years, and all of your old links are still HTTP. Should you go and contact all of the webmasters and have it updated to HTTPS?

Our short answer. No. As long as your URLs all 301 redirect to your new HTTPS URLs as discussed in point 8, this should pass the value. We deem it too risky, and a potential waste of time to go through old links and update. If all of your old links change within the same time period this could trip a filter.

Why Move To HTTPS Anyway?

It’s happening! All HTTP pages will be marked “not secure” as of Chrome 68 ? https://t.co/eD2RsuYudM

— Google Webmasters (@googlewmc) July 24, 2018

#1 Google Said So

Google have given us several reasons to move to HTTPS, but the main reasons are Encryption, Data Integrity and Authentication. This just means an overall more secure site for users, which is especially important when handing over sensitive data. Bear in mind, your site may still be vulnerable to attacks and hacks, the HTTPS doesn’t solve and secure everything.

#2 Security Warnings in Chrome

Google are now issuing security warnings in Chrome. This could cause issues of trust with visitors.

#3 Ranking Improvements

As discussed above, Google are actually admitting to ranking improvements when switching to HTTPS.

#4 It Looks Better + Helps Trust/Conversions

Let’s face it. HTTPS in the URL just looks better. We’ve already covered the trust this helps build, and this in turn can help with conversions.

 

 

So there you have it. That was our guide on switching to HTTPS for SEOs, we hope you found it useful, and if you have anything to add, or any questions at all, simply contact us.