As part of the SEO work that we do for our digital marketing customers, we recently finished converting our remaining clients websites to HTTPS. Google has been pushing for property owners to secure their sites for at least a year and we’re getting to a point where Google is going to quit asking and simply throw the switch.
To obtain another point of view on the subject, I caught up with Patrick Stox who is the Technical SEO Lead for IBM. Patrick has been on the front edge of understanding HTTPS conversions for some time and published a great guide in a 2016 Search Engine Land article. If your organization hasn’t taken this on yet, you might want to continue reading.
Lance Fisher (LF): For the average business that’s out there, they’ve had an HTTP site forever. They’ve had no issues. They’ve had no consequences. They don’t receive money from clients [online]. Why on earth should they make the effort to become secure and go HTTPS?
Patrick Stox (PS): I’d say there are a lot of reasons. One is simply because you don’t want people injecting ads on your website. You’ve spent a lot of money to make your site look like what you wanted. This is happening more and more. Your own ISP, hotels, airlines, you’ll see ads on sites that don’t have ads. They’re actually able to inject that because they’re not secured end to end. Another reason is because Chrome just changed. You’re now seeing “not secure” on these websites. Next year, I think they’re going to make that a big red symbol. That’s going to be scary for a lot of people.
LF: So, Google wants it. Why are they pushing so much for this to happen? Why the big effort to make the web and make your site secure?
PS: I think a lot of it is to protect the world’s information. One thing people don’t typically talk about with HTTPS, is it prevents things like censorship. We’re not China yet, but there’s a lot of politics in the US right now. What if these websites or what if your ISP decides, hey, I’m all for Republicans so I’m going to change the content of your website to be more in favor of me.There is also the hijacking of connections. This actually happened in China. There were some stuff on GitHub that China wasn’t happy with, so they hijacked a bunch of connections and basically DDOSed GitHub for those pages to take them down.
LF: For IBM, 50, 60, 70 million pages, how on earth would go through the process of making everything secure? I guess I’ll start with is everything secure at IBM.
PS: No, not everything. We’re in the process. We actually just rolled out HTTPS in April of this year to the first section, which is a huge majority. Everything under www.IBM.com is now secure. It’s mainly a lot of the subdomains which might be on different servers or running applications that aren’t secure yet.
LF: Did you see any sort of drop off in rankings or any sort of enhancement in rankings? That’s the big scare for anybody who is going from pages that are making money for people, all the sudden you’re doing this new thing to your site. What did you guys find at IBM?
PS: Traffic was pretty normal. We actually saw an uplift, but it was probably because of how the data is connecting. When you go from a website on HTTPS to HTTP, which is how we had it before, you lose the referral value, generally. So that traffic would show as maybe direct in Google Analytics, or other platforms might show no referrer. It’s called dark traffic and they don’t know where it came from. Well, we do know where it came, you just dropped the referrer. So you get some of that data back, which is huge. You’re now able to have better attribution.
LF: Any final thoughts?
PS: People are really going to be scared with Chrome next year. You wouldn’t want a big red symbol saying “not secure” right? And it’s not that difficult. If that’s the only thing you’re doing, you can get free certificates, there’s all sorts of guides. Pretty much any system you’re on, you’ll find a process to make the change.
I’d like to thank Patrck for being so gracious with his time and knowledge. I always enjoy his thoughts and ideas. Feel free to follow him on twitter for anything SEO related.