Why you should move to HTTPS and what mistakes to avoid along the way.
In her speech at Pubcon, Olga covers:
- HTTPs adoption rates in various industries and countries
- the importance of this to Google
- mistakes companies make when migrating their website.
3. @olgandrienko #pubcon
Of the 218,000 sites looked at, only 630 (0.3%) switched
to HTTPS by September 21st, 2014.
Source: StoneTemple.com
4. @olgandrienko #pubcon
“Beginning in January 2017 (Chrome 56), we’ll mark
HTTP pages that collect passwords or credit cards as
non-secure.” – Google Security Blog (Sept 8th, 2016)
5. @olgandrienko #pubcon
HTTP page is
now marked
”Not secure”:
if the page has password or
credit card fields
when users enter data on an
HTTP page
on all HTTP pages visited
in Incognito mode
11. @olgandrienko #pubcon
It’s significantly harder to compete for
high volume keywords without https
now. In less competitive niches moving
to https is a great way to stand out
positively.
12. @olgandrienko #pubcon
Page loads over HTTPS in Chrome by platform (%)
Source: https://www.blog.google/topics/safety-security/say-yes-https-chrome-secures-web-one-site-time
Over 75% of
Chrome traffic on
both ChromeOS
and Mac is now
protected, up
from 60% on Mac
and 67% on
Chrome OS a
year ago
13. @olgandrienko #pubcon
HTTPS Adoption in TOP-10 and TOP-20 for Google US, UK, DE and FR (datafromSEMrush
Sensor,22Oct2017)
60%for US 65%for UK 63%for Germany 62%for France
14. @olgandrienko #pubcon
HTTPS
usage in the
world
Japan: from 31% in the last
year to 55% now
Brazil: from 50% in the last
year to 66% now
71 of the top 100 sites on the
web use HTTPS by default, up
from 37 a year ago
15. @olgandrienko #pubcon
HTTPS vs HTTP Usage in the Top 100,000 Domains
HTTPS usage
among TOP
100K domains
has increased
from 7.6% in
2014 to 31.5% in
2017
21. @olgandrienko #pubcon
50%
Issues with Mixed content
Some elements on the site are not secured with HTTPS
(such as images, links, IFrames, scripts, etc).
22. @olgandrienko #pubcon
Mix of secure and unsecured content
Result: content is blocked by the browsers and there are security issues when viewing the page
24. @olgandrienko #pubcon
2%
Expired SSL certificate
Warning message will be shown to users landing on your website,
which usually stops them from going further.
25. @olgandrienko #pubcon
3.6%
Old security protocol version
Running SSL or old TLS protocol (version 1.0) is a security risk.
Implement the newest protocol versions.
27. @olgandrienko #pubcon
50%
Internal links on HTTPS leading to
HTTP
If any link on website points to the old HTTP version of website,
search engines can become confused as to which version of
the page they should rank.
30. @olgandrienko #pubcon
FiliWiese SearchBrothers “That’s a clear yes, onall accounts. HTTPS
if anything demonstrates to users that a
site is trustworthy. Googledoes seem to
prefer secure sites, whenever possible.”
31. @olgandrienko #pubcon
Bastian Grimm
Peak AceAG
“I haven’t seen criticalevidence of HTTPS
increasingrankings. However, not being on
HTTPSisan issue. My personal take is that
Google willflag insecure URLs in SERPs, which
willresult in a massivedecline in your SERP
CTR.”
32. @olgandrienko #pubcon
Website Migration
Case by Guy
Levine
(28daysaftervs28days
prior)
Search Impressions
Average Position
Clicks
CTR
116,771 (+21,626)
35.1 (+3.4)
2,097 (+246)
1.8% (-0.15%)
64/100 (-2)Mobile Speed
Desktop Speed 81/100 (0)
34. @olgandrienko #pubcon
Get the slides via bit.ly/https-pubcon
Olga Andrienko
Head of Global Marketing at SEMrush
Twitter & Facebook: @olgandrienko
o.andrienko@semrush.com