HTTP Web Sites to HTTPS

The HTTP protocol is now so common browsers don’t even display it in the address bar anymore.

But when visiting an HTTPS Web site, the data between your computer and the Internet is exchanged with the SSL protocol that encrypts the content exchanged between your computer and the server to prevent hacking and spying.

Google now uses SSL as a ranking signal and encourage webmasters to use HTTPS to protect their visitors.

HTTPS pages now have an actual SEO boost in search and are displayed to users by default. What’s important for webmasters is to ensure they’ve implemented SSL security certificates properly In Web sites to provide the best possible user experience and retain their search rank positions.

SSL stands for Secure Socket Layer, the standard encryption technology used to transfer data from a user’s browser to the Web server. Web sites with SSL encryption prevents hackers from intercepting and misusing the data that users leave on a Web site (like checkout pages, registration, or contact forms). SSL scrambles public information while private encryption keys decrypt it so that it can be read by someone monitoring the transmission.

When a person visits an https:// page, his or her communications, data, and transactions are safe from possible hacking. Company and eCommerce Web sites that collect personal information such as Social Security numbers and credit card numbers, where the use of SSL security certificates is a matter of necessary credibility will find the SSL useful to protect data..

Key considerations when getting the SSL certificate

Having a SSL security certificate on a business Web site can shape the way consumers perceive the company. However, SSL certificates come in different forms and there are several things that need to be taken into consideration, when choosing the right one.

These steps should be handled by professional Web site designers and developers.

In order for Google to index a Web site properly there are steps to take after choosing the right SSL provider and getting the certificate.

1. To verify the Web site as a trusted source, use SSL certificates issued by trusted certificate authorities to protect visitors from potential hacks.

2. Decide on the SSL certificate you need: single, multi-domain or wildcard certificate.

3. Use 301 redirects to point both users and search engines to the HTTPS pages.

4. Use protocol relative URLs to minimize the possibilities of serving 404 errors when a user lands on a URL loaded from a development environment.

5. Use a web server that supports HSTS (HTTP Strict Transport Security)

6. Test your pages using Qualys SSL/TLS

Set up all the pages to point to the HTTPS versions

7. Check server settings to properly redirect all URLs to point to their HTTPS versions by editing the htaccess file of your Web site.

8. Redirect your server to point to HTTPS instead of HTTP.

9. Inspect your internal links to ensure all pages, images, JavaScript, CSS, etc. are using HTTPS. This part may turn out to be quite exhaustive, but it is definitely the most important one in the whole process.

10. Set SSL for your CDN.

11. Consider setting Google’s SPDY networking protocol to make your site faster.