In the last few years, Google’s main objective has been to move everyone to a safer and more secure web. One of the most highly effective ways to do this has been to secure your web pages by moving them to HTTPS. Although this is a great idea, it has a few caveats. One of them being the loss of organic traffic that blogs sustain when they move their web pages to HTTPS. In this article, we’re going to show you how to combat this problem while simultaneously making your web pages safer and more secure.
What are HTTPS and SSL?
SSL is an acronym for Secure Socket Layer. What this means is that SSL, as a security protocol, ensures that all communication between a server and a browser be encrypted. Any and all information, private or not, such as passwords, usernames, credit/debit card information or any other information input by the user is encrypted and safe.
HTTPS or Hyper Text Transfer Protocol Secure is a newer version of HTTP or simply Hyper Text Transfer Protocol. The only difference these two is an ‘s’ but that ‘s’ is extremely important for your safety as an internet user and your blog’s security as a blogger. How HTTPS works is that along with the help of an SSL or TLS (Transport Layer Security) certificate, it uses something known as an asymmetric Public Key Infrastructure to encrypt data.
There are two keys in use with this. The public key and the private key. Only the user of the computer has access to the private key which is why their data is protected. In case of websites and blogs, the private key is embedded into the website.
Why should you move from HTTP to HTTPS?
When you use an HTTP connection, all of the data being sent through the network is sent as plain text and is not encrypted. This makes all the data susceptible to attack which can compromise private information. HTTPS, on the other hand, encrypts your data so that it’s extremely difficult to break into the network. When you use an HTTPS connection, all of your customers’ and visitors’ information will be secure and in case they want to purchase something from your website, their private data will be secure and so will the payment.
Users have generally stopped trusting sites that still use HTTP connections because providing any sort of data to these sites is a risky matter. On the other hand, if your domain has an HTTPS connection, users are more likely to think of you as a professional website and can verify your authenticity. Google has also stated that it offers a small SEO benefit to sites that switch from HTTP to HTTPS. But the opposite seems to be happening. Blog owners are reporting that they are losing traffic post-switch. Why is this?
Why is HTTPS leading to a loss of traffic?
Many websites and blog owners have reported a sudden drop in their number of visitors after they switched to the secure domain. Now, since the number of visitors is supposed to increase, according to Google, why is the opposite happening?
It’s because of a host of reasons, but broadly, it’s because people are not switching over correctly. They aren’t changing links or implementing redirects, so anyone that clicks on a link to the website before it was changed to HTTPS is going to receive an error message since there was no redirecting order from the user.
How to correctly switch to HTTPS
The reason so many people have reported sudden drops in traffic is that of incorrect migration. The following steps are to be followed if you want to correctly change your domain and hopefully gain a little traffic along the way.
Purchase an SSL certificate– The first step is to purchase and install an SSL certificate of 2048-bit key encryption. Depending on the type of SSL certificate, the costs can go anywhere from $10 up to $300 per year.
To purchase an SSL certificate, contact a certification centre such as Comodo or contact your web hosting provider. After the installation of the SSL certificate is done, check if it’s working by going to your website using HTTPS.
Change your URL– The next step is to change your site’s URL to HTTPS. If you’re using WordPress, go to the settings menu, then to the General tab. After you’re done saving the changes you’ll be logged out of WordPress and will have to log in again.
Add Redirects– As mentioned before, not everyone is going to notice that your site moved from HTTP to HTTPS so they might still use the HTTP URL to locate your website. To make sure that instead of getting a redirection error they are redirected to your HTTPS site, edit your .htaccess file.
Search and Replace– All your internal links will have the HTTP URL instead of the HTTPS one so you need to change that by using a Search and Replace plugin to change the HTTP to HTTPS. For instance, search ‘http://www.exampleurl.net’ to change to ‘https://www.exampleurl.net’. This should change all your internal links to HTTPS.
Add website to Google Search Console– To officially inform Google that you have changed from HTTP to HTTPS, you need to add your HTTPS website to the Google Search Console. Make sure that you have both HTTP and HTTPS URLs as Google sees them as different websites.
Check Robots.txt– Robots.txt can sometimes block others from accessing your site. To change this, go to the Google Search Console, select robots.txt tester. Click the Test button and see if you get a green bar. If you do your site isn’t being blocked.
Resubmit to Google– Go to Fetch as Google on the Google Search Console and click Fetch and Render. For errors, check the Partial link and if there are no errors click Submit To Index and then Submit All URLs.
Those are the steps to correctly change your website from HTTP to HTTPS.