What is HTTPS? 

Take a look at these two different URLs:

http://www.slicedbread.agency/

https://www.slicedbread.agency/

The two look almost identical, but they differ in one essential aspect—the first one uses HTTP, while the second one is much safer, using HTTPS (the final “S” comes from "secure").

The “HTTPS” acronym comes from “Hypertext Transfer Protocol Secure”.

HTPTS's purpose is to provide a secure & encrypted means of communication between the users (using browsers) and websites.

A website must have a certificate - either SSL or TLS to use HTTPS.

Initially, HTTPS was used for websites needing a safer environment (e.g., when paying online or using an account). Today, most websites use HTTPS, which makes the web safer.

What is the difference between HTTP and HTTPS?

HTTP doesn't use security and encryption, so the data you access (send/receive) can be seen by other parties transmitting the data.

By using HTTPS, you avoid a lack of privacy & security.

What are HTTP/2 and HTTP/3?

HTTP/2 and HTTP/3 are significant revisions of the original protocol: HTTP/1.1.

They are meant to improve performance. If you can, consider using them.

These solutions are new, and not all hosting providers support them.

Why does HTTPS matter?

• It's a ranking factor - Google has said this since 2014.

• While we recommend the solution for most websites, any website that handles user information and/or payment solutions should integrate this. For e-commerce websites, using HTTPS is almost mandatory.

• It makes users and search engines trust your site more. Having the lock sign in your browser is a nice touch. Having users trust your site more will likely increase time on site and reduce the bounce rate.

• If you send newsletters or many emails using data hosted on your servers, emails might have better deliverability rates.

• It might improve some analytics (sites without HTTPS might lose some referral data, and HTTPS is used in Google Search Console).

• We recommend considering HTTPS as the default solution for the vast majority of websites. You can start a website without HTTPS and only add it later, but it's simpler to add it right from the beginning.

How to install HTTPS?

You'll need to buy an SSL certificate or use a free one like Let's Encrypt. Your hosting provider could help you install it. Finally, you'll need to change your standard address in your CMS from http to https and update your internal/external links to your pages to point to the https:// version, not the http:// one. The old URLs (HTTP) should automatically (301-) redirect to the new ones (HTTPS).

You'll want to ensure that you also refer to the new URL in other places, such as robots.txt, sitemap.xml, Schema.org, meta tags, image URLs, social networks, newsletters, Analytics, Google Search Console, and ads.

When migrating, follow all the steps; the consequences could be significant. For example, if you have Google Ads running, do an HTTPS installation, and don't implement redirect, you might get a lot of 404 hits on your website. If you run ads, many marketing efforts will be recovered once you fix such issues.

What SSL Certificate to choose?

There are two main types of SSL:

• Standard Validation SSL is the most common validation. Generally, it costs less than $100, and you can even get it for free (Let's Encrypt).

• Extended Validation SSL tends to cost much more and offers a higher level of validation, but its impact on search engines is minor to none. Users might have more trust in a website using Extended Validation.

What are some common issues?

Mixed content—If a page shows both HTTPS and HTTP content, the HTTPS icon in browsers might look broken. You can fix this by using a plugin like Really Simple SSL for WordPress.

For a slow website, you'll need to use a caching solution. Test your website using PageSpeed Insights to get more detailed solutions.

Redirects with errors: Make sure the homepage and internal pages properly 301 redirect from the old to the new URLs.

Consider running a crawl using a tool like Screaming Frog SEO Spider https://www.screamingfrog.co.uk/seo-spider/ to check for issues like these. Slicedbread Agency can help with this process (and with the whole transition to HTTPS).

What are some reasons your website should not switch to HTTPS?

When switching to HTTPS, you might encounter technical errors—broken URLs, non-working redirection, forgetting to update some links, etc. which will make your website slower. This is the most important aspect; it does, indeed, make the site slower. The benefits (security & encryption) outweigh the costs.

Conclusion

To get expert help with the switch to HTTPS, reach out to Slicedbread agency and review additional resources. Despite some disadvantages, we still advise the switch to HTTPS for greater SEO optimization.