Google’s latest changes – Moving towards a more secure web
Now small business owners have one more reason to switch to HTTPS thanks to Google latest change in the way it searches for URLs. Google has announced that it is modifying the way its indexing system seeks out for more HTTPS pages. The recent changes came as Google’s Webmaster Trends Analyst, Zineb Ait Bahajji announced that Google will now give HTTPS pages priority over equivalent HTTP pages. What this basically means is that even if you have an HTTP URL, Google’s new search algorithm will now give similar HTTPS URLs priority back in June 2016.
During this announcement, Bahajji explained:
“Specifically, we’ll start crawling HTTPS equivalents of HTTP pages, even when the former are not linked to from any page, Bahajji also stated,”When two URLs from the same domain appear to have the same content but are served over different protocol schemes, we’ll typically choose to index the HTTPS URL if:
It doesn’t contain insecure dependencies.
It isn’t blocked from crawling by robots.txt.
It doesn’t redirect users to or through an insecure HTTP page.
It doesn’t have a rel=”canonical” link to the HTTP page.
It doesn’t contain a noindex robots meta tag.
It doesn’t have on-host outlinks to HTTP URLs.
The sitemaps lists the HTTPS URL, or doesn’t list the HTTP version of the URL
The server has a valid TLS certificate”
Presently HTTP or Hyper Text Transfer Protocol, has been the method for to establish a connection with the server and send HTML pages back to the user’s browser. The biggest drawback to this method of communicating is the Web page is transmitted without any encryption, which makes it susceptible to hacking the data as it is travels across the web. HTTP is fine for streaming video or reading content such as news or blogs, but not for sending personal information when conducting a purchase on an eCommerce site. Web addresses that use HTTP protect its data by encrypting it by using an SSL (Secure Sockets Layer) Certificate.
Currently there have been concerns raised because some types of HTTPS may be accessible to hacking.
Most of these security concerns are presently being addressed. At present HTTPS is still considered the safest way to conduct eCommerce. With Google’s recent announcement to change its algorithm to boost sites that use https. This move by Google gives small eCommerce owners one more reason to change their sites to HTTPS.
Google Chrome Changes
To help users browse the web safely, Chrome indicates connection security with an icon in the address bar. Historically, Chrome has not explicitly labelled HTTP connections as non-secure. Beginning in January 2017 (Chrome 56), will mark HTTP pages that collect passwords or credit cards as non-secure, as part of a long-term plan to mark all HTTP sites as non-secure. Chrome currently indicates HTTP connections with a neutral indicator. This doesn’t reflect the true lack of security for HTTP connections. When you load a website over HTTP, someone else on the network can look at or modify the site before it gets to you.
Studies show that users do not perceive the lack of a “secure” icon as a warning, but also that users become blind to warnings that occur too frequently. Chrome plans to label HTTP sites more clearly and accurately as non-secure will take place in gradual steps, based on increasingly stringent criteria. Starting January 2017, Chrome 56 will label HTTP pages with password or credit card form fields as “not secure,” given their particularly sensitive nature. In following releases, they will continue to extend HTTP warnings, for example, by labeling HTTP pages as “not secure” in Incognito mode, where users may have higher expectations of privacy. Eventually, they plan to label all HTTP pages as non-secure, and change the HTTP security indicator to the red triangle that we use for broken HTTPS.
Requirements in Changing From HTTP to HTTPS
Changing from http to https seems like a pretty simple procedure:
Purchase an SSL certificate from a hosting company, or from an SSL certificate vendor
Install your SSL certificate on your website’s hosting account
Make sure that any website links are changed from http to https so they are not broken after you flip the https switch
Set up 301 redirects from HTTP to HTTPS so that search engines are notified that your site’s addresses have changed and so that anyone who has bookmarked a page on your site is automatically redirected to the https address after you flip the switch.
Seems like easy process. However, due to the large number of options offered by SSL certificate vendors and by hosting companies, this process then become somewhat confusing.
Also keep in mind that by moving your site from http to https will require dealing with more tech work than most small business usually like to deal with.
One thing to be sure about changing from http to https, is that you will be confused at some point during the conversion.
Your website site will benefit if you leave most of the tech work to a professional and focus on the decisions you need to make about what SSL Certificate is the right one for you. The benefits you’ll reap include greater customer trust, data security and even a chance that Google’s new algorithm will rank your site higher.