SEO reduction when going https

16 replies
  • SEO
  • |
Recently we converted our website from http to https as we figured we would get a bit of a bounce in search engine ranking. The main thing to remember if anyone is going this route is that Google needs to re-render all of your pages from it's original to the https version. We run a web design company called BigNet Design and we went through this process over the holidays. We finished the process about a month ago and we are still seeing massive drops in our SERPS but thankfully over the last few days we are starting to see them come back.

Was wondering if anyone had any comments or has anyone gone through this process before? Any insight as to how long it might take to come back would be great.
#https #reduction #seo
  • Profile picture of the author MikeFriedman
    Hate to tell you this, but if you did this for some perceived SEO benefit, you wasted your time. Every test that has been done and shared publicly has shown no increase in rankings or ranking losses by converting to HTTPS.

    I hope you made sure to 301 redirect all of your HTTP URLs to their corresponding new HTTPS URL.
    Signature
    {{ DiscussionBoard.errors[10984685].message }}
  • Profile picture of the author SEOtraveler
    Indeed, there`s no proven correlation between moving to https and rankings going up. There have been a lot of arguments about that, still no proof, so even if it`s a ranking signal - it`s an extremely controversial one.

    Sometimes it may indeed lead to drops in rankings, but commonly this would be caused by some issues you might have missed or provoked while switching. Check the proper redirection in the first place, also consider revising the sitemap, make sure it only includes valid https URLs, you may also check your website for broken links, as switching to https may sometimes increase the number in case you were using absolute links anywhere on your website.
    {{ DiscussionBoard.errors[10984740].message }}
  • Profile picture of the author BigNet Design
    Yes it seems that way but the official word from Google is it has a small ranking boost. To be honest I think that might be a bit of a yarn but who knows that boost might materialise at some stage in the future.
    {{ DiscussionBoard.errors[10984961].message }}
    • Profile picture of the author MikeFriedman
      Originally Posted by BigNet Design View Post

      Yes it seems that way but the official word from Google is it has a small ranking boost. To be honest I think that might be a bit of a yarn but who knows that boost might materialise at some stage in the future.

      All they said is that HTTPS is one of over 200 ranking signals they use, and like I said no test has shown a boost from switching to HTTPS.

      I don't think it would ever make sense for them to make it a significant ranking signal. There are tons of major websites that don't use it, and really have zero reason to, like CNN and ESPN.
      Signature
      {{ DiscussionBoard.errors[10985052].message }}
      • Profile picture of the author richardZ
        Originally Posted by MikeFriedman View Post

        All they said is that HTTPS is one of over 200 ranking signals they use, and like I said no test has shown a boost from switching to HTTPS.

        I don't think it would ever make sense for them to make it a significant ranking signal. There are tons of major websites that don't use it, and really have zero reason to, like CNN and ESPN.
        Yes, still major sites are there which are not using ssl certificate but very soon firefox new version 51 will give error for web pages which are getting confidential information like login information on http.
        {{ DiscussionBoard.errors[10991918].message }}
        • Profile picture of the author MikeFriedman
          Originally Posted by richardZ View Post

          Yes, still major sites are there which are not using ssl certificate but very soon firefox new version 51 will give error for web pages which are getting confidential information like login information on http.

          So?

          Most sites people here are running do not ever require someone to log in.
          Signature
          {{ DiscussionBoard.errors[10992129].message }}
          • Profile picture of the author richardZ
            Originally Posted by MikeFriedman View Post

            So?

            Most sites people here are running do not ever require someone to log in.
            Yes, there are many sites where no need to login even if you can access the site or their content to read but previously I was talking about the sites where people give their confidential information for online transaction and at that time they will find indicator as 'non secure page' then they will believe that website is not safe for their confidential information which decrease website's reputation in customer's eyes.
            {{ DiscussionBoard.errors[11005774].message }}
  • Profile picture of the author paulgl
    You did zero to little research before switching, I presume.

    And if you run a web design company, well, shame on you.

    First of all, you keep the http version for a whole host of reasons. I can only assume that you obliterated it.

    That alone could kill you.

    https does things to your website, like increasing load time.

    Since the ins and outs of a complete, reliable, correct switching to https are too numerous to talk about here effectively, hire someone that can do it. There various levels, believe it or not, of ssl. Again, if you did not know that and purchased a standard certificate.....and it was not appropriate, well....

    It looks easy as just switching....and maybe that lures many people to do it. Only to come here and ask what the frick happened...

    There is no benefit to https unless you handle data that needs to be protected.

    Kinda like a new rolls owner complaining about the lousy gas mileage.

    Paul
    Signature

    If you were disappointed in your results today, lower your standards tomorrow.

    {{ DiscussionBoard.errors[10985112].message }}
  • Profile picture of the author yukon
    Banned
    People worry about stuff that doesn't even matter.

    What are you doing collecting social security numbers? Is it top secret data? Is it the launch codes?

    Good grief. Odds are OP is using Paypal or Stripe to process payments which has nothing to do with his site.
    Signature
    Hi
    {{ DiscussionBoard.errors[10992232].message }}
    • Profile picture of the author dburk
      Originally Posted by BigNet Design View Post

      Yes it seems that way but the official word from Google is it has a small ranking boost. To be honest I think that might be a bit of a yarn but who knows that boost might materialise at some stage in the future.
      Hi BigNet Design,

      Using secure protocol is a bit like using double edged sword. It actually slows down the page load speed due to the encryption, which can have a negative impact on rankings if the slightly slower page load speed effects user behavior, that leads to lower page rankings.

      Though the slightly slower page load speed isn't likely to effect your rankings, it could be the proverbial straw that breaks the camels back in some situations.

      Your issue was likely due to redirect issues that may not have been implemented properly and have sense been corrected, or neglecting the canonical settings in your Search Console panel.

      Originally Posted by MikeFriedman View Post

      So?

      Most sites people here are running do not ever require someone to log in.
      Originally Posted by yukon View Post

      People worry about stuff that doesn't even matter.

      What are you doing collecting social security numbers? Is it top secret data? Is it the launch codes?

      Good grief. Odds are OP is using Paypal or Stripe to process payments which has nothing to do with his site.
      Hi Mike and Yukon,

      I agree that using secure protocol is not a significant ranking factor at the moment, however there is a sea-change a coming.

      Google has announce their intention of forcing all websites to switch to secure protocol or suffer major consequences. They have a long term plan that is being phased in gradually and the first blow is set to strike with the next release of Google Chrome this month.

      It is no longer a future concern, it is an immediate concern for some websites, and the rest will follow in the near future.

      https://security.googleblog.com/2016...ecure-web.html

      This first step will label webpages as unsafe in Chrome browser if they have a password or credit card form field on an insecure page. This is just the first step in a long term plan to label all websites that use insecure pages as unsafe. So it isn't simply about rankings any longer, Chrome users will be blocked on the first attempt to load your pages.

      Google has recently updated their websites to reflect their opinion that any page that has a form that asks for an email is requesting "sensitive" data and should be using secure protocol. It is probably a matter of months before those too will begin to be labeled unsafe and be blocked by users of Chrome. This next step will likely effect 95%, or more, of the member websites on this forum.

      I recently recieved this warning from Google:

      To: owner of [Redacted]

      Beginning in January 2017, Chrome (version 56 and later) will mark pages that collect passwords or credit card details as Not Secure unless the pages are served over HTTPS.

      The following URLs include input fields for passwords or credit card details that will trigger the new Chrome warning. Review these examples to see where these warnings will appear, and so you can take action to help protect users data. The list is not exhaustive.

      http://www.[Redacted].com/product/[Redacted]/

      The new warning is the first stage of a long-term plan to mark all pages served over the non-encrypted HTTP protocol as Not Secure.
      That page is a product page, not a checkout page, it has no form field for credit cards, it does have a sign-in form with a password field for previous customers to login to view previously saved products. So this is a warning shot across the bow, so to speak.

      I don't know the exact schedule, but it is clear now that we must at some point switch to secure protocol or suffer not simply from lower search rankings but also from a significant loss of credibility and traffic from all Chrome browser users. I'm sure other browsers will likely follow suit with similar restrictions on insecure websites.
      {{ DiscussionBoard.errors[10992413].message }}
      • Profile picture of the author savidge4
        Originally Posted by dburk View Post

        Google has announce their intention of forcing all websites to switch to secure protocol or suffer major consequences.
        This is a tough one.. In the past, as in ALWAYS in the past Google will position itself with either a product or say some type of change such as this. The #1 indicator they are looking for is Majority Adoption of the change or service. I would say that G+ is probably the only product that has not reached a critical mass, that they have kept around.

        But looking specifically at SSL and Googles stance.. Its not that Im not sure.. I know for a fact that Critical mass will not occur. What I'm not sure about is the more technical aspect of the topic.. and that is can the infrastructure that is the internet actually handle say 60% SSL - I personally don't think so. Think small town USA and the slow down every day from 3pm til 10pm from kiddies hitting the net after school.. turn everything into a SSL connection, and the bog might become just short of unbearable.

        I get what they are after, a "Safer net" but just imagine the future of all things net.. and your refrigerator is ordering groceries.. it would have to be done with SSL. Driverless cars.. those already are SSL. and on and on and on.

        Simply put.. the pipe that is the internet is simply not big enough, and they cant make it bigger fast enough. I think pretty short term, the Google flexing will be tamed. BUT I could see them boosting the SEO benefit to get quicker / greater adoption.
        Signature
        Success is an ACT not an idea
        {{ DiscussionBoard.errors[10992787].message }}
      • Profile picture of the author yukon
        Banned
        Originally Posted by dburk View Post

        Hi Mike and Yukon,

        I agree that using secure protocol is not a significant ranking factor at the moment, however there is a sea-change a coming.

        Google has announce their intention of forcing all websites to switch to secure protocol or suffer major consequences. They have a long term plan that is being phased in gradually and the first blow is set to strike with the next release of Google Chrome this month.



        Google can't even protect itself while using https on it's own products so they're pretty much a hypocrite when it comes to security.



        More than a million Google accounts have been hit by malicious software, a security firm said on Wednesday.

        Check Point said in a blog post that the attack campaign, known as Gooligan, is expanding to an additional 13,000 devices a day. It's malware that infects devices and steals their authentication tokens to breach data from Google Play, Gmail, Google Photos, Google Docs, G Suite, Google Drive and other programs.

        The malware attack is said to be the biggest single theft of Google accounts on record, according to Forbes. But the reason for the attack may not be what you'd expect. It's not to grab personal information from the accounts of Google users. Instead, it's to force them to download apps that are part of an advertising fraud scheme that makes up to $320,000 a month, Michael Shaulov, head of mobile and cloud security at Check Point, told Forbes.
        Signature
        Hi
        {{ DiscussionBoard.errors[10993055].message }}
  • Profile picture of the author webdevpro
    It can be a coincident that your ranking drops as your switched to the https version. This could be due to the holiday season or something similar. IMO https has nothing to do with rankings but to make your data encrypted while transferring. As you said it is now recovering, so your have to wait and watch first.
    {{ DiscussionBoard.errors[10992279].message }}
  • Profile picture of the author MikeFriedman
    If they start throwing out warnings on pages that have zero reason to have an SSL certificate (pages that do not collect any information), I predict all that is going to do is piss people off with all the warning messages and drive people away from using Chrome.

    Firefox will be thrilled.
    Signature
    {{ DiscussionBoard.errors[10992443].message }}
  • Profile picture of the author albertCage1
    Hello,
    Firstly i would like to suggest you follow this rules from google.

    Google has been telling webmasters it is safe to do so for years. But you need to take the proper steps to ensure your traffic doesn’t suffer. That means make sure to communicate to Google that you moved your site from HTTP to HTTPS.

    1. Decide the kind of certificate you need: single, multi-domain, or wildcard certificate
    2. Use 2048-bit key certificates
    3. Use relative URLs for resources that reside on the same secure domain
    4. Use protocol relative URLs for all other domains
    5. Check out our site move article for more guidelines on how to change your website’s address
    6. Don’t block your HTTPS site from crawling using robots.txt
    7. Allow indexing of your pages by search engines where possible. Avoid the noindex robots meta tag.
    8. Google has also updated Google Webmaster Tools to better handle HTTPS sites and the reporting on them.
    {{ DiscussionBoard.errors[10992923].message }}
  • Profile picture of the author davidricherd
    you must have to use 301 redirect properly with losing your site ranking to move it from http to https.
    {{ DiscussionBoard.errors[10992961].message }}

Trending Topics