Why is Google stressing so much to put HTTPS into ubiquitous effect?
Because it has a long-term plan to make the web a secure medium for information exchange.
Since January last year, Google is working to improve user-experience by labeling encrypted HTTPS sites as ‘secure’. When inquired about the developments, the Chrome team responded:
“A web with ubiquitous HTTPS is not the distant future. It’s happening now, with secure browsing becoming standard for users of Chrome.”
Chrome has already marked HTTP sites collecting credit card and other sensitive information as ‘non-secure’. And now, according to a blog released in February, the biggest move towards HTTPS encryption will roll out with Chrome 68 in July.
“Beginning in July 2018 with the release of Chrome 68, Chrome will mark all HTTP sites as “not secure”,highlights the blog post.
Last week, in another blog post, Google announced to phase out the Green padlock as an assertion of a secured site. It explains that a secured site on the internet should be a norm and it should need no label.
Here is what the blog said:
“Since we’ll soon start marking all HTTP pages as “not secure”, we’ll step towards removing Chrome’s positive security indicators so that the default unmarked state is secure. Chrome will roll this out over time, starting by removing the “Secure” wording and HTTPS scheme in September 2018 (Chrome 69).”
These rapid developments from Google are a big reason to consider moving to HTTPS if you haven’t already. Moreover, Google Engineer, Adrienne Porter Felt has also shared her views on why you should move from HTTP to HTTPS.
If you have yet to migrate to HTTPS, we have a step-by-step guide to help you with the process.
Anyway, in this post, we are going to list a few important things that would be important for you before and after moving to HTTPS. So make sure to be fully prepared.
1. Update, update, update
You need to update everything!
Here is a list of what you must update during the course of migration to HTTPS.
Inbound links are a blessing, and you would not want to prevent them from bringing traffic and search engine power to your new website.
Just like your inbound links, all canonical URLs should also be updated to the new website version. Make sure you have those URLs hard-coded.
Social site URLs
Update the changes URLs on your social sites to send the audience to the right address. You could have invested in social media promotions. Make sure you don’t lose money with people landing to a 404-error page. Also, remember to update social sharing extensions.
You would also like to update your Google Analytics account with HTTPS. It is optional, but to stay up-to-date, it could be worth the effort.
2. 301 redirects
Once again, check if you have properly set up 301 redirects.
Make sure all HTTP page visitors are being redirected to new HTTPS pages. If not, reapply redirects and repeat.
For better redirection speed on mobile, eliminate redirection chains. You can do that with the help of HTTP Strict Transport Security (HSTS).
3. Set up a new Google Console Property
Google treats every HTTPS migration as a new website. Therefore, you should set up a new Console Profile with the updated website version.
Having two console property accounts (of the old and the new website) would enable you to compare performances of both simultaneously.
You would see SERPS falling on HTTP and increasing on HTTPS. If the numbers (of raise and drop) don’t even out, you can devise strategies to make up for the loss.
4. Resubmit the disavow file
While you are setting up your new Google Search Console account, you should submit a new disavow file there.
You can download the disavow file from the old Google Console account.
Moving forward, only update the file for the HTTPS version of the site.
5. Add a new sitemap
Create a new sitemap with the updated URLs and submit it to Google Console Profile.
6. Push site crawls
Before rendering site crawls, check that the content on both versions of the site is the same.
If it’s not, make necessary changes so that the SEO is not disturbed.
After verification, run the crawl. Start with the HTTP version first.
The results of the crawl will help you figure out what is not being redirected. For example, errors of 4XX, 5XX or 302 redirects.
Fix them and enable Google to crawl through the new HTTPS site.
7. Eliminate unsafe scripts
If there are any unsafe or failing scripts discovered during the crawl, stop to fix. You can use Google Tag Manager to take care of issues with scripts.
Note that Google marks failing scripts as an error message shown in the right corner of the address bar.
8. Undo blockages
Check your Robot.txt file to make sure you are not blocking Google from crawling into certain sections of the HTTPS site.
If you are, Google won’t be able to direct users to certain pages that you meant to index.
9. Change ads
If you have run an ad with Google on the older version of the site and its duration has not expired, update it to HTTPS.
Follow these instructions by Google to update your ad URLs.
10. Monitor changes
After enabling all these actions, give a week to your HTTPS website to perform.
During the time, keep a very close check on happenings like user redirects, changes in SERPS, and social sites’ behavior.
Don’t expect the same results as your old website immediately, but if the performance indicators are positive, it’s time to relax.
Website security, data privacy, and SSL certificates are becoming more and more important themes every day. It is important to evolve at the right time than being left behind in an already competitive search-engine world.
Migrate your site from HTTP to HTTPS today. Use our free guide on migration.