It’s been an interesting first week of August this year. There’ve been a number of new updates by Google in the past couple of weeks, but the latest announcement on August 6, 2014 has been a huge game changer in how web pages are to be displayed for visitors, including changes to Google’s Algorithm regarding SEO and SERP rankings. Let’s begin with a little history.
Everyone is familiar with typing http:// at the beginning of a website URL, and this has been standard practice since the very beginning of the web. HTTP is the Hyper-Text Transfer Protocol, and it’s the method in which information is transferred from a web server to a browser (website visitor). For the past 20 years, we’ve all used this method, and when online stores came into being, the “secure checkout” using HTTPS (secure mode) rose its head.
Just What is HTTPS, Anyway?
HTTPS (secure transfer) is just that, it’s secure. It encrypts the page on the server level and then decrypts on the end-user side. This ensures that there’s no “man in the middle” type attack or hack that takes place. Anyone taking credit cards online should be using this mode. Since 2005, it’s been pushed even harder with the PCI Compliance guidelines (Payment Card Industry). In fact, if you’re accepting anything that could be classified as secure information (credit cards, username and password, etc), then you should be using the HTTPS mode of connection for those pages.
HTTPS is a slower transfer mode in that everything needs to be encrypted. This puts a little extra strain on the server, so many cheap web hosting plans don’t offer this ability, but when you’re running an online commerce website, the money you make should more than cover the extra fees.
When you browse the web, you’ll notice that many large websites are already using HTTPS mode for their entire website. A quick look on Google.com, Facebook, YouTube, Twitter and even sites like newspapers encrypt everything. This is now going to become the norm for all websites.
The Cost Of HTTPS, It’s Not Just About Price
An SSL Certificate (the part that encrypts a website transmission) runs anywhere from $20/year to $1,000/year depending on what you’re needing. Most online shopping carts range in the $20-$200/year range. In order to activate an SSL, you must also have the right web hosting account which generally means not using a $5/month hosting plan but using a $25-$50/month hosting plan. Again, not a problem for an online store whose sole purpose is to make money and will cover those fees. But what about an informational blog, or website that doesn’t sell anything online? We’ll cover that in a minute.
In years past, you generally wouldn’t want your entire website in HTTPS mode as not only could search engines not search through the pages, but you also couldn’t cache the page. This meant that every page that loaded for a visitor had to be re-downloaded each time, creating a considerable amount of extra traffic (or bandwidth usage) for a visitor. Looking back on Dial-up Internet, you probably remember how slow pages were to load. Well, if we didn’t have page cache, it would have been even slower.
Page cache is the ability for a browser (Chrome, Firefox, Safari, Internet Explorer) to reuse certain aspects of a page on the next loading. Things like javascript, images, backgrounds and layout would all be cached, and then only the new content (text and whatever new images) would need to be downloaded when you navigated to the next page. Caching was a huge bonus to web hosting companies when webmasters would use it, because they had to pay less for bandwidth in their datacenter. When a website moved into HTTPS mode however, the cache ability was stripped, and this meant that every page had to be re-sent every time a visitor loaded a page. This is why there’s a higher cost for people using SSL and HTTPS on websites.
So cost is definitely an issue, but time is the other factor. As website owners, we know that if you haven’t delivered your page within a few seconds, you will likely lose the visitor. The average internet user allocates a maximum of 3-5 seconds for a page to load. If it takes longer than this, a visitor would likely close the window and search on another website. Serving the page in HTTPS, while more secure, means risking losing the visitor when they come to the website.
August 6, 2014 – The Move To HTTPS
In August, Google announced through their webmaster portal that HTTPS will now be a ranking factor when it comes to search engine listings. SEO Companies around the world started a massive rework of their websites to convert everything to HTTPS. It’s generally not a simple flip of the switch, and involves making “301 redirects,” commenting things in the .htaccess files, and updating all links in the website to use the HTTPS call rather than HTTP.
Panic sets in! We see a large number of SEO people embracing the change, but for every one person who encourages it, we see 20 people screaming and pulling their hair out. It means a ton of work, which generally means SEO companies will come out making more money in the process, but website owners in general, who barely have enough time to keep their websites updated as it is, are freaking out about the hours they now need to invest to move to the new guidelines.
Relax people! Google states that less than 1% of websites will be impacted. This is a phased rollout that will likely take several months to complete, and Google is well aware of it. The change to HTTPS is an enhancement which will mean that those who use HTTPS will see a slight bump in ranking positions, but it’s only a slight bump. Google won’t simply remove your website tomorrow if you’re not using HTTPS and have openly stated that it likely won’t have a huge impact for several months. So go enjoy your weekend, and the rest of summer, because you don’t need to drop everything today to start work on it.
That being said, SEO companies, get on the ball! If you want to stay ahead of the competition, making this move could be the extra little push you need to move from position number 4 to number 3, or number 2 to number 1.
So What Do We Do About Speed?
For many years, website owners have taken advantage of Content Delivery Networks (CDN). This allows a copy of your website to be stored on several servers around the world so that the content and page loading is fast for website visitors no matter where they are. It’s really a neat system, and one that we’ve used ourselves for many years. CDNs are used by everyone from Google to Amazon, to your very own Big Red SEO. The big difference, however, is price.
CDNs for the general population can run from $10 per month to $1,000’s per month, but again, it all depends on what you’re doing on the website, how much traffic you need to cache, and how many servers you need to utilize for optimal speed around the world. For us, we use a CDN optimized for the United States, and we don’t pay for other “points” or “edge locations” around other parts of the world.
Most CDNs Don’t Support HTTPS By Default!
This is very true. Most Content Delivery Networks don’t support HTTPS unless you pay additional fees, and even then, some of them don’t have an option for HTTPS at all. Those that do support it can charge large fees to use it. Again, the theory behind it is that you’d be running an online store and making money, so your fees are covered.
But there are some CDNs that do support HTTPS, and at a reasonably low fee! MaxCDN, the company that we utilize, does support SSL mode, and even on their $10/month plan! Granted, this is on their 100GB/bandwidth per month plan, but for most websites, that’s all they would need.
So Do We Move, Or Do We Stay Where We Are?
This is really a case-by-case decision. Some web hosting companies include access to a CDN by default, and some of them have the option to use an SSL on those connections. Most hosting companies, however, don’t currently have this as an option, but we expect to see this changing in the coming months. Check with your hosting company about your options.
For a regular WordPress website, you can expect to see your fees associated with your website increase. Instead of just paying $5/month, you’ll now spend up to $50/month ($25 for hosting, $10 for a CDN, $1-5 for a dedicated IP address, and $10-20/month for an SSL Certificate). Prices are rough estimates and can be decreased with annual payments. For an ecommerce website, just start opening the wallet!
One thing for sure is that the web has changed with this new announcement from Google. SSL companies, web hosting companies and Content Delivery Network companies are definitely going to love the announcement and have a lot to benefit from it, but website visitors are going to benefit too! You can rejoice in knowing that your information, which is in transit anyway, is now secure.
What Do You Think?
Let us know what you think of the latest changes. Are they going to benefit your users in the long run? Will you be one of the first to make the move to SSL and HTTPS for extra SEO benefit?