HTTP to HTTPS Migration Guide|Do SSL Certificates Affect SEO?

Updated October 6, 2023


Running your site on HTTPS is not an option anymore. Currently, Google alerts everybody that lands on your website that it’s insecure when you still use HTTP instead of HTTPS.

You can only switch to HTTPS by installing an SSL Certificate on your website. The SSL Certificates can, however, affect your SEO rankings if, after installing them, you fail to set up your 301 redirects in the preferred way.

This is because Google already indexes these URLs. If you modify them in a wrong way or don’t implement the 301 redirects correctly, Google may ‘think’ the URLs are deleted or old and stop crawling your site.

What is HTTPS and its Importance?

HTTPS (Hyper Text Transfer Protocol Secure) is a secure version of HTTP (Hyper Text Transfer Protocol). It was designed to ensure secure communication on computer networks and data transition between the server and the browser.

During communication, a Transport Layer Security (TLS) or Secure Socket Layer (SSL) certificate encrypts the communication protocol; thus, the name HTTP over SSL or HTTP over TLS.

Reasons Why HTTPS is Important

If you’ve been browsing the internet of late, you must have noticed a sudden upsurge of websites using HTTPS in the URL as compared to those still using HTTP. Now, when you land on an HTTPS web page, your browser requests for the site’s SSL Certificate.

Your browser will first unlock to initiate a secure connection on the web.

HTTPS is, therefore, crucial for websites because of these four main reasons.

  1. It ensures a better user experience: Most SSL Certificates come with a trust badge that you display on your website. This is important in giving your web users a peace of mind when shopping on your website because they’re sure that the data they share on your website is secure.
  2. Help you reduce bounce and cart abandonment rates: If you switch to HTTPS, you shall have reduced your cart abandonment rate by over 15 percent.

Since 2007, Google Chrome has been displaying ‘not secure’ warnings on browser bars, a factor that has been attributed to high bounce rates on pages still running on HTTP.

HTTPS Migration

Therefore, if you wish to boost the confidence of customers shopping on your site and preserve your link juice, you must migrate to HTTPS as soon as possible.

  1. It boosts your website’s search engine visibility: Each time a user types in a query on Google search bar, there are always two most relevant web contents battling it for the top.

It so happens that there are times when there’s a tie, and the quality and accuracy are all the same. Still, the search engines must only provide the first best option.

This is where HTTPS, as a ranking factor, comes in. According to Google’s Webmaster Trends Analyst Garry Illyes, HTTPS works as a tie-breaker in such scenarios.

  1. It’s a must-have for AMPs: From 2011, mobile internet has recorded a whopping 504 percent increase in daily internet traffic. Besides, mobile devices powered around 50 percent internet traffic in the first quarter of 2019 alone according to data from Statista.

This adds more weight to the constant need for website owners to optimize their web pages for mobile phones.

AMP refers to Accelerated Mobile Pages. It’s a powerful technology designed to make web pages load almost instantly on mobiles. Web pages that are AMP ready display lightning bolt icons on the left side of the browser bars. Now, Google made AMP as a priority for websites to rank high in the search engines by 2017.

AMP under Domain

This means that websites that are AMP ready also perform better on search engines than those that are not AMP ready. Here’s the catch, though. You must switch to HTTPS for your web pages to be AMP ready, among other subtle requirements.

How Can I Switch to HTTPS?

If you’re ready to switch to HTTPS, here’s a detailed guide to walk you through for a seamless migration.

Step 1: Get an SSL Certificate and Install it on Your Website

The first step in migrating from HTTP to HTTPS is getting a reliable SSL Certificate for your website. You can get cheap Symantec SSL Certificate from certified Certificate Authorities (CA).

The types of free SSL Certificates you’ll get from your hosting provider are, however, just the Domain Validated SSL certificates in most cases.

They will protect your privacy but are not up to with top-level certificates like Extended Validation (EV) SSL Certificates and Organization Validated (OV) SSL Certificates.

That shouldn’t put you off, though. If you wish to secure multiple websites with top level SSL Certificates while working on a budget, then a Multi-Domain SSL Certificate is all you’ll need. It will help you secure a maximum of 100 domains with just one certificate.

Step 2: Add Your Website’s HTTPS Version to Google Search Console

The next step after successfully installing an SSL Certificate on your website is adding the new version of the site to Google Search Console. This is also where you check to ensure that all the analytics software you use can track the HTTPS version of your website.

Step 3: Set Up 301 Redirects

301 redirects are permanent redirects from old URLs to new ones. They’re designed to direct search engine spiders and users to a specified URL.

If you’re using WordPress as CMS, the easiest way to set up 301redirects after installing an SSL Certificate is using a plugin like Really Simple SSL WordPress plugin.

It will do all major work for you. Either way, you can also add this code to your .htaccess file then save it.

# HTTPS redirect
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_USER_AGENT} !FeedBurner    [NC]
RewriteCond %{HTTP_USER_AGENT} !FeedValidator [NC]
RewriteRule (.*) https://%{HTTP_HOST}/$1 [R=301,L]

It will help you redirect all the HTTP requests to relevant HTTPS pages. From the code we shared above, you must have noticed that Feedburner isn’t included in the HTTPS.

This is important if you use Feedburner as an RSS generator; or else, you can leave it all out and feed the Validated lines if you don’t use FeedBurner. Save the .htaccess file then try accessing the site by typing your old URL variants to see if they redirect to respective new HTTPS variants.

Step 4: Modify All the Internal Links and Fix Mixed Content Warnings

Modifying just the primary URL is never enough. You must also check to ensure that all the static contents are secure too.

For the mixed content warnings, they will only come up if insecure resources are loading on your HTTPS pages. You must solve this early because Google won’t permit any mixed content to load from December.

Still, on this, a plugin like Really Simple SSL or SSL Insecure Content Fixer should help you out. Your SSL providers will also help you to solve the mixed content warnings issue.

If you wish to solve this on your own anyway, for example, open Google Chrome then open the menu icon. From the menu icon, open ‘More tools’, then navigate to ‘Developer tools’.

When on the developer tools window, click the Console tab, and you’ll see all resources that are still loading on HTTP. You can then edit them from your database and update it.

Step 5: Resubmit the Disavow Files and Modify All Your Backlinks

This is a critical step if you wish to maintain your site link juice. Simply download the disavow file for the HTTP version of your site for Google Search Console then upload it to the HTTPS version of the website.

From here, modify all the backlinks to point to the HTTPS version of your website. You may also need to collect all your contacts and tell the sources of your backlinks to change your site’s URL to the HTTPS version.

Wrapping Up

There are steps in this guide that will touch on the core aspects of your website. For example, when editing your database files to solve issues such as mixed content warnings.

Because of this, don’t forget to back up your website when editing anything in the database. Besides, if you don’t understand anything about HTTP to HTTPS migration, you should get in touch with an expert developer, so you don’t run into the risks of breaking your website if you miss anything

Leave your comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.