Most of the websites are using HTTPS in 2021. You probably have considered using it too, but you are afraid that it may cause large ranking and traffic loss. Actually, that was the story of years ago. Now, if you do it properly, you will see a big benefit in both the short and long term.
Why should you migrate to HTTPS?
Google is more advanced than years before. It has more crawl ability to make sure that an HTTP to HTTPS migration goes smoothly with little to no ranking loss.
Better ranking and more traffic
Google says “HTTPS sites receive a small ranking boost but don’t expect a visible change. Google uses HTTPS as a positive ranking signal.” From my experience, when Google says it will boost your rankings, it will be a big benefit in the long run.
When Google says AMP pages and structured data will not increase rankings, many SEOs has implemented them and they get very good results.
More secure
Google has explained why HTTPS matters very well. By establishing an encrypted link between a web browser and server, all the data transferred remain private and secured. Especially e-commerce site, HTTPS is a must have.
More credibility
As you can see, HTTPS sites display a green lock in the browser’s address bar. It increases users’ trust. If users know that their information is encrypted and protected, they are more likely to engage on your site.
Google pushes you to
Google has notified every site owner who does not use HTTPS that Chrome will show security warnings. Since October 2017, Chrome (version 62) has shown a “Not Secure” warning when visitors enter any information in an HTTP web page, which really decreases trust. Google has pushed you to migrate your site to https many times.
Well, Google’s first mission is to always provide the best searching experience to users. Since Google thinks HTTPS provides better performance, you should use it.How to do HTTP to HTTPS migration the right way
1. Install an SSL Certificate on your server or Using Cloudflare
To begin, you need an SSL certificate. Most of the web hosting services, like Bluehost, include a free SSL certificate. If your web host does provide free SSL, there is no need to purchase from a third party.
There is also an easier and free way to enable configure SSL. You can use Cloudflare. After setting up your CloudFlare account, click Crypto tab and select Flexible mode. If you have enabled SSL in the server end, then you can use Full mode.
To make sure the SSL is effective, you can use tools like SSL Labs Server Test to check it.
2. Update all Hard-coded Links to HTTPS
Google has recommended using the protocol-relative link (without https or HTTP) to get rid of mixed content. If you are using WordPress, you can use a free plugin called Remove HTTP.
The protocol-relative link is the best practice because it can avoid mixed content without causing crawl issues. Googlebot is not that smart to always crawl the relative links correctly. With protocol relative links, Googlebot can understand correctly.
It is always best practice to use relative URLs, but there will always be times when someone has hard-coded a URL and so you will want to do a full sweep on your site and database during an HTTP to HTTPS migration.
If you prefer absolute path, then you should change all the internal links to HTTPS, especially the canonical tags and image links. Otherwise, you will have a mixed content issue, which leads to web browser not showing the green secure bar.
3. Update Custom JS and any actions to HTTPS
You should also check your custom js including third-party hosted scripts. To find any Non-Secure Content on your site, you can use the SSL Check tool.
4. 301 Redirects to HTTPS
301 redirects are permanent redirect that passes 90-99% link juice to the destination path. In other words, 1-10% link power is lost, so you should use redirects as less as possible.
Normally, you can Add the following to your .htaccess file to redirect to https
RewriteEngine OnRewriteCond %{HTTPS} offRewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
To avoid duplicate content issues, many sites if not all have redirected non-www version to www version or back. You should use the correct configuration to redirect to your preferred domain with one redirect.
For example, my preferred domain is https://chrunos.com
I need to redirect http://www.chrunos.com, https://www.chrunos.com, and http://chrunos.com to https://chrunos,com with only one redirect.
Because I use CDN service CloudFlare, I changed the settings to Always use HTTPS and created one page rules to do this.
5. Update your robots.txt File
Change any hard-coded links in your robots.txt to HTTPS if there is any that point to HTTP directories or files.
6. Verified the HTTPS site in Google Search console.
Login to your Search Console and then simply click on “Add a Property” and continue with the claiming process. If using the default option to verify the HTTP version, you do not need to upload the file again, and you can just click Verified to complete the process.
7. Update your sitemap
You can change all the links in your original sitemap from HTTP to HTTPS or create a new one. Then submit it to Search Console.
I personally prefer creating a new one, because it will crawl your whole site and it may find some crawl issue. There are many free sitemap generator tools that can crawl 500 pages. If your site has more than 500 pages, you can use this XML Sitemap generator.
8. Fetch the HTTPS version
In order to let search engines know that you have migrated your site from HTTP to HTTPS, you can do a fetch and crawl on your new HTTPs site.
- In the Fetch as Google page, click on “Fetch and Render” and then click on “Submit to index.”
- Then choose “Crawl this URL and its direct links.” You should also submit other important pages that are not connected to your homepage.
9. Update Your Google Analytics Profile URL
You should also change your website URL in Google Analytics to better monitor your site’s performance. You need to change the URL from View Settings and Property Settings. If you have connected Google Search Console with Google Analytics, you need to reconnect it to the HTTPS version.
Summary
It may seem like a lot of work. Actually, it won’t take you much time to get this done. After you have done all these steps, Google and other search engines may take a while to index all your content as HTTPS.
In some cases, it may take as long as a few months to re-crawl everything correctly, but you do not need to worry. The pages that are not indexed as HTTPS will still remain the ranking position. All you need to do is wait for a small ranking boost.
During the time when have not indexed all your HTTPS pages, you should view both your HTTP and HTTPS property for long tail keywords, ranking positions, crawl issues, and other data.
Do you have any other HTTP to HTTPS migration tips that I missed out? I’d like to hear your thoughts about moving sites to HTTPS. Just drop a comment down below.
