It’s official. Google has announced that HTTP sites with pages that contain forms or data fields of any kind will now display the ‘not secure’ warning. This starts this month, October 2017. Fortunately, if you’re yet to move your site to HTTPS, not only won’t you be alone (for the time being), but there are also some great opportunities to take advantage of. And not only the consumer confidence benefits linked to conducting transactions on secure websites.

It’s interesting to note that at the end of September 2017, no less than 50% of the page-one search results were HTTPS sites. In mid-2016 this figure was 30%, and as the migration is occurring so swiftly, predictions that the number of page-one search results would reach 70% by the end of 2017 aren’t at all unrealistic. While Google started the push for HTTPS sites back in 2014 when they announced a ranking signal boost, the move to HTTPS has been meteoric in recent months.

Moreover, what’s even more interesting, is that just five months ago, nearly half of the ‘big players’ hadn’t yet moved to HTTPS, However, by the beginning of October, nearly all have upgraded to the secure, encrypted version. The fact that HTTP sites will be marked as ‘not secure’ definitely has plenty to do with this, but that isn’t to say it’s the only benefit involved.

Have you been caught unawares?

There’s really no reason why any website owner should have been caught unawares by all of this as Google has made it clear that it has planned to prioritise HTTPS over HTTP for some time now. In late April, Google released a statement which said, “[in] October 2017, Chrome will show the ‘Not secure’ warning in two additional situations: when users enter data on an HTTP page, and on all HTTP pages visited in Incognito mode.” This was followed by an email notification (to website owners who have web pages with forms on web pages over HTTP) via Google Search Console. These email notifications looked like the one below:

This follows on from Google’s move back in January 2017 to mark all non-HTTPS websites that collect credit card and personal information, like passwords, as non-secure. Users rightly expect to have a safe, secure and private online experience when using a website and by penalising non-encrypted websites as a means of encouraging them to move to HTTPS, Google is helping to ensure they get it. Should we be surprised? Not really, in fact, we should have seen it coming.

Haven’t moved to HTTPS? The time is nigh…

HTTPS (HyperText Transfer Protocol Secure) is intended to provide confidentiality, security and data integrity, which it delivers, but there are many more significant benefits to moving to HTTPS than the security benefits alone. Take the all-important factor of page load times for example.

Website owners have long expressed concern about the perceived negative impact that HTTPS with its level of encryption will have on page loading times and server resources. While many believe encryption impedes performance — HTTPS adds a blanket of security over the conversation between the user’s device and the website using an SSL/TSL protocol — this hasn’t occurred due to software improvements. Moreover, this has been common knowledge for some time now as Google saw only a slight increase in CPU load on its servers, as was the case with its network overheads, when it turned on HTTPS for Gmail all the way back in 2010.

What’s more, instead of slowing page load times, HTTPS has made browsing faster for users because modern browsers support HTTP/2, which is a revised version of HTTP that offers a number of performance improvements. One of the ways in which HTTP/2 improves page load times is through “multiplexing”, which enables multiple files to be sent over a single connection. Another way it achieves greater speeds is through compression. Whereas HTTP/1.1 transmits requests and responses in plain text, HTTP/2 compresses information into binary code before transmitting it, resulting in more compact requests and responses. As this significantly reduces the amount of data being received and sent, it also offers obvious benefits for mobile users.

In addition to the perceived impact of page load speeds, another factor that has traditionally hindered the move to HTTPS on the part of website owners is the cost. Procuring the digital certificates required to move to HTTPS have long been a concern for many site owners due to the exorbitant prices involved. However, not only have the costs plummeted, but many web hosts offer HTTPS for free as part of their web hosting packages, and there are also many not-for-profit organisations which provide domain validation (DV) certificates free of charge.

Now that there’s nothing to fear about page load times, and just as importantly, the cost of maintaining a safe and secure website through encryption via an SSL/TSL protocol (Secure Sockets Layer and Transport Layer Security), there shouldn’t be anything standing in the way of you moving to HTTPS. Especially now that we know of the many excellent benefits to having a HTTPS site, as well as the unique opportunity it presents in terms of improved SEO rankings.

Benefits and opportunities galore

The benefits to moving to HTTPS are as profuse as well as obvious, like the added security and trust that HTTPS delivers, but what isn’t as well known are the many opportunities the situation presents. Not only is this a great time to move to HTTPS and a more secure website, as it’s also the perfect opportunity to improve your SEO rankings. And this is where things get interesting.

By moving your site to HTTPS, you’re presented with a unique opportunity to have Googlebot recrawl most, if not all, of the URLs on your site. When Googlebot detects that a site has been moved to HTTPS, it results in a temporary increase in the crawl rate because it’s attempting to crawl as many URLs as quickly as it possibly can. Provided that you go about things the right way, this enables you to improve your site’s overall ranking signals in the Google Index.

Who wouldn’t love to have the luxury of requesting that Googlebot recrawl their website? Well, now you’re presented with the opportunity to do so, because by moving to HTTPS it’s going to happen automatically. However, while that probably sounds like music to your ears, don’t rush into moving just yet, as there are some important steps that you need to follow first, starting with an SEO audit. The reason for this is to make SEO improvements before Googlebot recrawls your site, as you want your URLs to have the best ranking signals possible before this occurs.

The first step to take is to conduct an SEO audit of your website, which you should do as soon as possible because it can take some time to complete this all-important task, not to mention carry out the recommended changes. That’s step number two, so it would be a great idea to prepare for this in advance so that you can implement the recommendation of the audit quickly. Once the recommendations have been implemented, then it’s safe to move your site to HTTPS.

Although your website may still display the ‘not secure’ warning after you have completed your SEO audit and implemented the recommended changes, you can rest assured that it won’t be permanent, nor will you be the only one. Most of your competitors, along with many major websites who you would expect to have moved by now, will also be displaying the same warning for the time being. However, provided that you have improved your SEO signals by conducting an audit and implementing the recommendations, it won’t be long before you join the other safe, secure and encrypted websites on the first page of Google’s search results.

Need help with SEO and Google rankings? We’re here to help. Whenever you have time to chat, give our Brisbane SEO team a call on (07) 3216 1151 or contact us via our online contact form to arrange a convenient time.