SSL is a web encryption technology that provides visitors of your website with a secure and encrypted connection. It stands for secure socket layer. It’s an encryption standard that operates between the web server and the user’s web browser.
SSL safeguards any exchanged data and provides an added layer of protection – reducing data compromises caused by intrusion from hackers, criminals, or data-miners. In its early days, SSL was common among e-commerce businesses and websites where personally identifying information (PII) was exchanged. This included sites that asked for social security numbers or personal addresses. Today, SSL is much more widely used.
You can get an SSL certificate from dozens of providers now, and it’s more affordable than it was before. In fact, even free SSL certificates are available through Let’s Encrypt and similar services but with reduced functionality.
Google and other search engines remained quiet for years about whether HTTPS was a significant factor in their search engine ranking algorithms. While all the indicators suggested that it did indeed help, it was never publicly stated.
Matt Cutts, Google’s head of search spam at the time, was excited when the company announced a new option to exclusively search over SSL in early 2010. However, there was still no indication that SSL had managed to creep into their primary ranking algorithm.
Google – SSL is an influential rank factor
It wasn’t until late 2014 when Matt Tweeted that finally, Google was recognizing SSL as a subtle factor in SEO with potential to carry a heavier signal later on.
Matt stated, “HTTPS (HTTP with SSL/TLS) is now a very lightweight signal – carrying less weight than other signals such as high quality content. Over time, we may decide to strengthen the signal.”
The Tweet came just a day after “HTTPS as a ranking signal” was published on the Google blog.
As I write this, we’re now approaching 3 years since their post went live so there’s no telling whether the signal has already been enhanced. It’s likely that it has.
A shift toward HTTPS would undoubtedly be good for users as it means safer and better protected connections across the web. Security is essential in a world where breaches and intrusions are a likely possibility. SSL provides a strong standard in protecting the data of your users and preventing compromises.
SSL’s most obvious benefits:
- Faster page load times – Provides a better user experience. This is another search engine signal that has been publicly verified as a rank factor.
- Encryption – The data of your customers is safe and protected.
- Authenticity – SSL indicates your business is trustworthy and concerned about data compromises.
- Lower bounce rate/Higher conversions – Your customers care about SSL. A smart shopper will avoid sites without HTTPS. While the impact here isn’t substantial, this could grow overtime and as users become more aware.
If you’re accepting payments online, even through Paypal, Stripe, or another payment processor, it’s essential that you have an SSL certificate. SSL allows your customers to feel safe shopping with you. Often times, shopping carts will redirect the user to the payment gateway during the checkout process. There, the website will be secured through SSL. You know this, but your customers might not. They expect all website they interact with to provide the same level of protection, otherwise there’s room to start questioning if their data is really secure.
Some things to remember about SSL:
- Don’t block HTTPS from being crawled by spiders in your robots.txt. Allow search engine spiders to freely crawl your website and update your URLs.
- Use 2048-bit SSL key certificates.
- Decide whether you’ll need a single, multi, or wildcard certificate.
- When linking to an internal resource (a page on your own website) you may want to use relative URLs that don’t include http or https. This allows the server to redirect users appropriately and if you ever decide to discontinue your certificate, you won’t have to change all of the URLs on your website.
Most domain name registrars and shared web hosts provide SSL certificates that you can purchase and install easily. Keep in mind, pricing is typically higher when you buy through your host, and is sometimes higher through domain registrars as well.
To get the best deal, consider these SSL distributors:
Once purchased, you will have to install the certificate yourself. Most shared web hosts provide cPanel, which is the preferred control panel today. Installation is easy and takes only a few minutes. You may also be using the Plesk control panel, which simplifies the process as well. Plesk is the second most popular web hosting software.
If you own a VPS or dedicated server that runs Linux/CentOS as the operating system, you can use the free CentOS Web Panel. It’s not as powerful as cPanel, but it’s free and opensource. You could also consider another free and opensource alternative, such as iMSCP, ZPanel, Vesta, Froxlor, Sentora, or Webmin.
I’ve personally never considered anything other than cPanel, but the license cost to add cPanel to your own VPS or dedicated server can be pretty steep. In most cases, it would be cheaper to consider a provider such as CloudWays, where they offer a managed VPS from any of the most popular providers. It doesn’t come with cPanel, but their control panel makes it easy to run WordPress or any other PHP-based content management systems.
For under $35/year through most providers, SSL is a reasonably inexpensive purchase that offers far more than just SEO value. But with search engines acknowledging SSL as a rank factor, that’s just one more reason to secure up your site and provide visitors with the peace of mind.