e-Commerce SEO Challenges of HTTPS
Name · Title · Dunn Solutions08/18/2016Dirk Lester · SEO Consultant · Dunn Solutions
Today’s Agenda
Dunn Solutions is a full-service IT consulting firmfounded in 1988
Raleigh, NCDelivery Training
Bangalore, IndiaDelivery
MinneapolisDelivery Training
ChicagoDelivery
Practice Areas
Application
Development• Portals
• eCommerce &
Content Managed
Websites
• Mobile App
Development
• Custom App
Development
• Search Engine
Optimization
Training
• Certified
SAP/Liferay
• Classroom, On-
site, Computer
Based & Virtual
• Mentoring &
Custom Training
Frameworks
• Accountable Care
Orgs (ACO’s)
• Corporate Legal
• Higher Education
• Optical Shop
Solutions
Analytics
• Analytics & BI
Platforms
• Data Warehouse
& Data
Integration
Predictive
Analytics
Application Development Practice
• Innovation
• Collaboration
• Customer
• Responsive Design
• Enterprise
eCommerce
Solutions
• Custom Software
• Custom Off-the-Shelf
• Assurity™
Methodology
• Business
• Consumer
• iOS, Android,
Windows
Portals
Custom Application
Development
e-Commerce & Content
Managed Websites
Mobile Application
Development
Analytics Practice
Business Intelligence
Big Data
Data IntegrationBusiness Analytics
Data Warehousing
• KPI’s and Metrics
• Dashboards
• Data Exploration and
Visualization
• Ad Hoc Analysis &
Reporting
• Data Mining
• Predictive Analytics
• Prescriptive Analytics
• R, AzureML
• Hadoop, MapReduce
• AWS and Azure
• Hive, Sqoop, Spark
• NoSQL
• Data Lake
• Columnar
• In-memory
• EIM (Data Integration
and Data Quality
• Dimensional Modeling
Search Engine Optimization Services
Initial Services
• Competitor Research
• Search Domain Audit
• Keyword Targeting
• SERP Landscape
Analysis
• Keyword Target
Recommendations
On-Going Services
• Site Architecture Optimization
• Technical On-page/Off-page
Optimization
• Digital Content Optimization
• Social Link Building
• Monthly Site Traffic, Rankings
and SERPs Reporting
Competitive
Audit
Strategic
Diagnosis
Tactical
Optimization
Tactical Adjustment
Google Algorithm
Shakeup
Tactical Adjustment
Strategic Results
Review
PartnershipsPartnerships
Selected Clients
Today’s Agenda
What is HTTP and what is HTTPS
HTTP stands for HyperText Transfer Protocol, it’s a simple way to send and receive text based messages
and it’s the most frequently used protocol on the web. It’s the kind technology that’s invisible because it’s
ubiquitous. Similarly, HTTPS stands for HyperText Transfer Protocol Secure. It’s the same protocol as HTTP,
but the text is encrypted using Transport Layer Security (SSL). So when you see HTTP in your browser’s
address bar it’s unencrypted and when you see HTTPS the connection from your customer and your
website is encrypted. Migrating to HTTPS and installing the SSL certificate that requires won’t change the
look of your site. But visitors will see their browser bar status change to indicate that your site is an HTTPS.
What Are the Benefits of HTTPS vs HTTP
It's so rare for Google to reveal its actual ranking factors that figuring out what they are is a
profession, so in 2014 when Google announced they’d be rewarding websites using HTTPS
encryption with higher search results it was surprising. But as rankings factors go, Implementing
HTTPS entails a few risks and some cost. Webmasters balance them out with benefits including:
More Referral Traffic Data
Using HTTPS Will Be a Rankings Boost
Gives You a Security and Privacy Boost
More Referral Traffic Data
Most e-commerce sites use a setup where visitors shop on HTTP and checkout on HTTPS. But
when traffic passes from a non-secure HTTP website to a secure HTTPS website, the referral
traffic data is stripped away. The traffic shows up in Google Analytics as 'Direct.' Which is a
problem because you can never quite tell where your most valuable traffic is actually coming
from. But once you have an all HTTPS site, all of your referral traffic information is preserved.
Using HTTPS Will Be a Rankings Boost
It’s been almost exactly two years since Google
introduced a real time rankings signal designed
to encourage site owners to migrate their
websites from HTTP to HTTPS that gave HTTPS
websites a comparatively small rankings boost.
When it was first rolled out it seemed to function
on a one vs one basis. Which just means that
whenever the algorithm had to decide between
two websites competing for the same position, it
would award the higher ranking to the HTTP site.
That said, just this week, we’ve actually seen a
fairly sharp uptick in the Google rankings of
HTTPS sites, indicating that they’ve cranked up
the importance of the signal. When asked,
Google said they hadn’t tweaked the HTTPS
ranking boost but that “no” usually means they
have.
Gives You a Security and Privacy Boost
If you’ve had any exposure to this topic, you’ve probably heard that HTTPS can only offer you an
advantage if your website uses sensitive passwords. But that isn’t really true. But even average
everyday, non-commerce sites, can benefit from HTTPS privacy and security in the following ways:
• HTTPS ensures that the website is the one the server it is supposed to be talking to
• HTTPS prevents Man-in-the-middle hacking, making your website more secure
• HTTPS encrypts communications, including URLs, so it protects visitor browsing history
and credit card numbers
SEO Best Practices for HTTPS Migration
You don’t need to be concerned when switching from your site from HTTP to HTTPS for the rankings boost.
Google was telling webmasters that it was safe to do so for years before their 2014 rankings announcement.
Unfortunately hat doesn’t mean that you won’t need to properly communicate to Google that you’ve
movedyour site fromHTTP to HTTPS and take these two steps to ensure yourwebsite’s trafficdoesn’t suffer.
Use Relative URLs for resources that reside on the same secure domain
Decide the kind of SSL certificate you need, single, use 2048-bit certificates and keep it up to
date
Use Relative URLs in Your Internal Links
There are two types of URLs that can be used in
internal links, Absolute and Relative. With an
absolute URL, you include the entire web
address of any page that you’re linking to in the
link. You literally hard-code your full domain, in
each and every link, http//www.site.com/topic.
That's using an absolute URL. Which presents
an obvious problem in the context of an HTTP
to HTTPS migration. Fortunately it’s possible to
code internal links as relative URLs instead. A
relative URL is just /topic. Essentially what that
does is rely on a visitor’s web browser to
assume that: This link is pointing to a page on
the same site we're on so I’m just going to go
there. So using Relative URLs simplifies your
redirects needs.
Use The Right, Up to Date, SSL Certificate
First, what is an SSL certificate? An SSL certificate is a digital public document that ensures that visitors
access the site they want to visit by demonstrating ownership. If you’re an e-commerce site owner, an SSL
prevents third party attackers from impersonating their website. For your customers, your SSL certificate
will establish a secure connection between their web browser and your site that protects information like
passwords and credit card details by adding a layer of encryption when their data is sent back and forth.
Use 2048-bit key certificates
SSL Certificatesare time sensitive, you’llneed to keep yours up to date or risk the above result
There are single, multi-domain and wildcard certificates, so you’ll need to get one that matches
your needs
SEO Challenges to Overcome with HTTPS
The main SEO issues we typically see after HTTP to HTTPS
migrations result from site owners neglecting to set the
HTTPS site as the preferred version and leaving the HTTP
version live. Because doing so means that there are as
many as four versions of a site online and that can result in:
Duplicate Content Penalties
Back Link Dilution
Search Engine Crawl BudgetWastage
Duplicate Content?
What do we mean by Duplicate Content? Well, onsite duplicate content refers to content that appears on
two or more pages of your website. Now, the best way to get into why duplicate content is bad is to explain
why unique content is good. It works like this: Having unique content sets you site apart. If you’re using the
same copy to describe your services as your competitors, Google has no basis to give your site a rankings
advantage. Having the same word for word text on a WWW and a non-WWW URL or an HTTP and an
HTTPS URL or all four URLs, diminishes the value of your content. Google doesn’t want to offer multiple
pages that repeat one another in results, so the algorithm looks for content that’s unique between competitors.
Backlink Dilution?
Google ranks your website based on two categories of factors. On Page factors, meaning your site’s
code + content and Off Page factors that vary but pretty much all boil down to Back Links. Which
means that basically every time someone links to your website by bookmarking it on del.icio.us or
sharing it onto their LinkedIn feed, Google gives you points for it. Unfortunately, having two or four
versions of site live means that different users will come across the different versions then share and
link accordingly. So the points for the links will be divided between two or four URLs rather than one.
Search Engine Crawl Budget?
There are three things to understand here. First, your site’s “Crawl Budget” equals the number of
URLs Google will crawl each time it visits. Second, Google ranks your site based on what it crawls so
the more it crawls the better your rankings will tend to be. Third in the same way that having
multiple versions of URLs after and HTTP to HTTPS migration can result in Link Dilution, it can dilute
your Crawl Budget. So having two versions of your site live will cut your Crawl Budget in half and
having four can turn 100 crawls per visit into 25 per, and that will impact you rankings proportionally.
Fixing For Your Post HTTPS Migration SEO Issues
Despite how often we encounter e-commerce websites suffering from particularly acute forms of all three
issues post HTTP to HTTPS migration, the tactics we employ to clean up the mistakes that caused them are all
on the technical side—which transplanted from SEO guy Greek means they’re all relatively easy to implement.
Deploy Canonical Tags Aimed at One HTTPS URL
Validate One HTTPS URL in Google Search Console and Bing Webmaster Tools
Use 301 Redirects to Aim Your Old HTTP URLs at your new HTTPS URLs
Update YourWebsite’s Robots.txt File and XML Sitemap with your new HTTPS URLs
Point External Links from Social Profiles and Local/Map Listings at Your HTTPS URLs
Deploy Canonical Tags Aimed at One HTTPS URL
Canonicalization may sound like it’s a training course for handling especially large projectile
weapons, but it’s actually a pretty important aspect of organic search engine optimization.
Getting canonicalization right will mean that Google will crawl more pages on your website;
it will consolidate PageRank and Link Authority and PageRank, which will give your site a
stronger backlink profile. It will also mean fewer broken links from other websites. Getting
canonicalization wrong (in the way Ricoh did in the image above) will mean the exact opposite.
Google Search Console and Bing Webmaster Validation
It may seem like I’m needlessly repeating myself here, but it is very important to understand that
http://site.com, http://www.site.com, https://site.com and https://www.site.com are really FOUR
different websites. So you’ll need to ensure that the HTTPS version of your website gets added to
both Google Search Console and Bing Webmaster Tools. And that in Google Search Console, you add
both the www and non-wwwversions. Then makeone of the HTTPS versions your preferred domain.
301 Redirect Your HTTP URLs to Your New HTTPS
Customer Name / 26
Many of the issues we’re seeing post HTTP to HTTPS
migration boil down to do with redirects. And that’s
because the change can be done at the registrar level, in
the server config, or even in a .htaccess file; all of which
have their own pitfalls. For instance, Apache servers use
302 redirects by default. Unfortunately, a 302 signals
the kind of “temporary” redirect you might use on your
site for an out of stock product. But a site migration
requires a 301 “permanently moved” redirect. So as
you go through and do your redirects, you’ll want to be
sure to check subpages, as well as the home page;
depending on how your site’s rules are written and
where they are placed, these can affect the redirects
differently. You’ll want to take a look at your URL’s status
codes and hops, not just whether or not they land on
the correct page to be sure things are working correctly.
Update Your Robots.txt File and XML Sitemap
I’ll start by defining my terms here. First,
robots.txt files are used by websites to
communicate with web spiders, to tell robots
which areas of your website shouldn’t be
indexed or displayed in search results—for
instance, the URLs where you login to its
backend. They also typically contain a link to
the location of your XML sitemap. So second,
an XML sitemap is a document submitted to
search engines that gives spiders a map of
your URLs, images and videos.
So obviously when migrate to a secure site
you’ll want to make sure that you update
both and re-submit your sitemap via Google
Search Console and Bing Webmaster Tools.
Point External Links at Your HTTPS URLs
Finally, you might that because your site is 301 redirecting your old non-secure
URLs to your new, search-friendly, secure URLs but that’s a less than ideal situation
in one instance … Your Back Links. You’ll recall that each back link pointed at your
website is worth a certain number of points toward your search rankings. Well,
when you use a 301 redirect you lose 15% of those points. So even though you
can never change them all, it’s worth your time to change the links back to your
site that you control, your branded social profiles and local search listings,manually.
- Unknown
“The best place to hide a dead
body is page 3 of Google
search results.”
Dirk Lester · SEO Consultant ·
Dunn Solutions
Questions & Answers