Migrating to SSL

An SEO Guide to Migrating to SSL

Learn How to Migrate Your Site to SSL (and not ruin your SEO)

This guide walks you through migrating your current nonsecure site to an https site. There are a ton of benefits for adding an ssl certificate to your site. We’ll cover some of the benefits below, but before we get into that, let’s first answer the question what is ssl?

What is SSL?

Let me start by saying, while I work with web developers, I’m not one. So I’m not going to bore you with the details of how all this works, because frankly – I don’t know. But I can tell you what it does and why you should definitely have SSL on your website and maybe guide you to actually getting it. I put the ssl certificate on this site all by myself.

SSL (or secure sockets layer) is technology protocol that establishes the methods by which a server (my website) can communicate with a web client (your browser) in such a way that if the communications are intercepted, they can’t be understood.

It doesn’t matter much but in case you come across it, what we all refer to as SSL today has actually changed names with version 3.2 to TLS. I’m not going to dwell on that because to us non-technical folks it’s just not that important.

SSL Certificates are issued so typically you acquire them from an issuing body. Digicert is well respected and I’ve used them many times. If you have a particularly complicated need like a wild card certificate, you may still want to consider one of the bigger companies. Lately, there’s been a big push to secure the entire internet and huge strides have been made in the last couple of years. One of the biggest is the efforts of Let’s Encrypt who have set out to provide free (you read that correctly) SSL certificates to the entire internet!

I’ve heard some complaints about having to renew them, but I think that’s been smoothed out over the last few months. My hosting provider now puts them on for free and maintains the renewals. It’s a no brainer and we put them on every single site we build now.

Benefits of Securing Your Site with SSL

The benefits of SSL are numerous and I’m really glad to see that SSLs are becoming easier to handle and more popular.

SSL is Faster

An https site loads indisputably faster than it’s non-secure counterpart. Some may debate that technically that has nothing to do with the SSL certificate itself, but instead because having the SSL is a requirement to allow for multiplexing. Nonetheless, your site will be noticeably faster and that may be the most important factor as we move forward into the future of the web.

SSL is Secure

It may sound super obvious but it’s not. The biggest deal is that the information your customer, clients, friends, and your mom who are visiting your website and filling out forms is secure as its being transmitted. If we value our clients, particularly new ones who are filling out lead generation forms, we should protect that information as we would protect our own.

SSL is Good for SEO

In a bold and relatively rare move, Google publicly announced that SSL would be a ranking factor in helping to determine the search engine rankings. Initially, it will be a small factor in increasing ranking – giving webmasters ample time to begin to the transition – but it will increase in relative importance over the next several years.

Tests by Neil Patel and others, have shown that on individual sites, the effect can be far more profound than Google would have us believe. Here’s a video from Google detailing their efforts to Secure Everything.

How to Migrate Your Site to SSL

Actually applying a certificate to your site is pretty easy. You pretty much purchase it (either through your host or a third party), digitally sign it and then ut it on the server. That’s pretty much it. In fact, most quality hosts will do it for you. But the work doesn’t stop there.

The Two Big Gotchas of SSLs

SSL Mistake Number 1 – Dude, Where’s my Green Lock?

The first thing you should check after applying your brand new, fresh out of the box, ssl certificate is my site actually secure. Just applying the certificate is just step one, you need to make sure you get that green lock that will make your customers feel fuzzy and warm.

So what’s keeping my site from being secure? There are two common culprits. The first is pretty easy – there is some detail on the certificate you applied that is not matching up with your site details or the certificate itself is expired. This can usually be resolved with whomever applied your https certificate or from where you purchased it.

The second and far more common culprit is mixed content.

What’s mixed content?

Mixed content typically crops up when some assets on your site are being requested from non-secure sources. For example, maybe that ico at top of your browser is hard coded into your theme with the http location.

The easiest way to find these little pieces of mixed content is to use Chrome Developer tools, if you’re pretty savvy. If you use premium hosting that has customer service they may be able to help as well. Those are your best bets. It may also be useful to look at the page source code by right clicking on the page and looking at ‘view page source’ and then do a search for http:// and you just might find the culprits.

There are some tools that scan the site too. Here’s one.  Many of these can be fixed by simply re-uploading images to your media folders or simply changing links throughout the site to relative links.

Another important tip is to make sure you check all your pages (or at least the important ones) as you might solve the homepage but still have issues on other pages. The cert is page by page.

Here’s a more detailed guide from Google on how to find the mixed content offenders.

Improper Certificate Details

This doesn’t happen as often but sometimes the details on the cert don’t match the details of your site. In this case, contact whoever put the cert on for you (or if you did it yourself  – who you bought it from) and have them fix it.

SSL Mistake Number 2 – Where did all my traffic go?

While getting, installing, and trouble shooting SSL certificates has gotten way easier, many don’t understand the potential impact this may have on their SEO. The SEO work behind the scenes is usually the bulk of the time it takes to properly place a site under SSL. Here’s the reason, straight from Google.

If you migrate your site from HTTP to HTTPS, Google treats this as a site move with a URL change. This can temporarily affect some of your traffic numbers ...

By far, the biggest mistake I see is that people change a site to ssl and do not bother to set up proper 301s from their old pages to the new pages. That’s right. Though it seems insane (and surely this will change), Google still seems to treat an https site as a completely different site. This can lead to:

  • Duplicate Content (bad)
  • Lost inbound links (bad)
  • Confused Customers (super bad)

So go through all the processes you normally would if you were to completely change your domain. Here’s a high-level checklist from Luna Metrics, but you may want to have an SEO consultant help with this part.

Conclusion

I hope you found this article useful. It really is more of a pain than it should be and I expect Google and Bing! to be better in the future about handling these sorts of issues. If you have any questions or problems, don’t hesitate to reach out.

Cheers!

Looking for an SEO AUDIT so you can review your site yourself? Check out our FREE SEO AUDIT.

Jason Matson
jason@matsongroup.com

Prior to founding Matson Consulting Group, Jason ran the operations of one of the mid-Atlantic's most successful ecommerce companies. Now he brings that expertise to SMBs throughout the world. Jason has an MBA in Entrepreneurship from Drexel University’s Lebow School of Business and degrees in Physics and Philosophy.