A few weeks ago, I made the switch to SSL and now my website has a pretty green lock (and an https:// as well!) on it indicating my website is now secure. Why did I make this change? Well because people from the main organization I take SEO advice from said that they believe Google will sooner or later be looking at this as an indicator of rank and websites that take the plunge now, may benefit later. So they actually set up a cool way for websites to make the switch but we’ll get to that later.
1) Let’s actually get the definition out of the way. SSL. What is it?
Secure Sockets Layer is the full term but honestly, what does that even mean? As someone who is new to this topic, I can’t really go too deep into it and I’ll admit that my knowledge on SSL is limited, but it is enough to know how to get it done and that it is important for ranking, so all I’ll say is this:
My understanding of this is that a secure site is essential to ANY website that has a checkout cart.
If you have a Paypal button, sell anything eCommerce related and require that people enter their personal info and even things like email, then a secure site is necessary and also, many programs dictate that you must have it before selling things on your page.
Furthermore, an https:// which is what your site’s URL changes to once it’s secure vs a regular http:// has a more unconscious/subconscious (I don’t know the difference, use the know which makes more sense contextually…) reaction in our minds. I have gotten used to doing business on websites that have the https:// on it because it represents security to me.
And when it comes to security and https:// has less chances of maleware or any other bugs going into your page. This is one of the reasons why people naturally trust secure websites more than regular ones.
Now let’s talk SEO. What is the evidence that it can affect Google ranking? Well they said it themselves…
Here is the following title and a small snippet taken from one of Google’s pages:
It’s hard to put up the whole article, but I’m going to do something unorthodox, I’m going to link directly to that article here so you can read it yourself (though I will summarize it now).
Basically in the article, Google started looking at https:// as an added ranking metric nearly 3 years ago. Although there were no mandatory recommendations for all websites to change to this, the fact is, it has been used and considered to be looked as a metric for ranking.
Plus I have heard from at least 3 people I personally trust with SEO that their traffic grew after switching their sites to an https:// format.
Now while it is still anecdotal, I honestly do not see any reason to dismiss this is a testing period and truly believe that sooner or later, all sites that move to being secure will have a stronger influence within Google.
It is absolutely true that they seek great content, but with an additional security on top of that, why would it hurt to have that on your site?
It was this evidence and recommendations that eventually had me switch it up and this brings me to…
How to make your site secure (SSL friendly):
Right now if you have a website, odds are if you type the URL, you will likely see the following icon:
Also I’d like to note, this is an OLD website I haven’t touched in awhile, haven’t updated at all, and guess what…it got hacked…
Now I will say that your website can be safe from hackers even if it is NOT SSL friendly, you just need to keep all your plugins updated basically, but this would likely NOT happen on a secure site to begin with and after writing this article I will begin the long process of trying to resolve this nonsense on that site…
Anyway back to the point…as long that icon I mentioned is present, your connection is not secure and the key (pun intended) is to make it so. Once you do the icon will change from that i with a circle around it to a GREEN lock.
This is what it will look like:
So how do you make that change?
Well I only know of 3 ways. I’ll start from the more complex one, into the expensive but convenient one, then the cheapest, most convenient one.
Option 1: Set it up yourself.
First you need to have a website and hosting, but that hosting has to be on what’s known as a separate server meaning your IP address is on it’s own individual address. It’s like having private property.
If you don’t have it, you will need to buy it (the separate hosting).
Then your job is to buy what’s known as the CERTIFICATE that gives you the ability to turn your site into a secure page.
I don’t know if domain registrars sell them or not, but I have seen the price to be about $50 a year for one per site. And the hosting itself can also be around $5 a month, so you’re looking at over a $100.
Once you buy the certificate, you need to basically confirm you own your website through whatever area you purchased your certificate through by entering and/or copying/pasting a code they give you.
Note: These instructions should not be mistaken for detailed instructions. I am not an expert in setting up SSL, but I can give you the bits to go and do it yourself.
Once verification is made, then you can activate it and your site will change from http:// to https://.
Option 2: Pay an “expert” to do it. Price $100-$200.
That price range is based of a conversation I had a with a friend who said he made his site secure after hiring someone to handle all the coding of that.
Basically take the normal price of option 1 and add the professional set up of option 2 and you have the total price here, several $100 at least…
Option 3: Buy and/or host your website on Wealthy Affiliate, press a button and it’s done for you.
Basically, it’s included FREE when you host there, so no crazy prices and need for certificate buying/set up.
This is the only option I used and I found it to be the most convenient. Basically Wealthy Affiliate, while being mainly an educational program for online business is also a domain registrar that includes hosting.
- If you own a domain, you can move it there.
- If you don’t own a domain, you can buy it there through it’s “Site Domains” option for a flat yearly fee and they don’t jack up the prices every year after that like other registrars do.
So basically what happens here is that if you have a website hosted on Wealthy Affiliate, an option to make it SSL is available at the push of a button. Here is how it looks:
And once I hit the on button, I made a before/after image of what my site looked like…
And bam, with literally one click of a button, I had a fully made https:// secure page up and running. And I didn’t need to pay anyone big money or figure it out myself.
Now to USE this feature, you need to be a premium member of WA which is $49/month. However, with free hosting for up to 25 sites and each one having free SSL for life, the savings are astronomical short and long term, and again, there’s also training to make any website you create make money so there’s a lot.
Ever since that feature came out, I have moved all of my major websites, including this one to SSL and it has been an absolute breeze doing so. Most people are still stuck on options 1 and 2 unfortunately who aren’t members. It’s just a move most places have not yet recognized and made easy for the general public. WA however has and I’d take full advantage of it as it’s readily available.
Troubleshooting: Sometimes activating SSL may not make your site secure. What to do then…
In certain cases, you may find that just by making your site secure only makes one, a few or even most pages secure, but if 100% of your site isn’t FULLY secure, then neither is the whole domain.
How to check your site’s SSL certificate (If it is fully secure or not):
While there are several places to check, the one I know is whynopadlock.com (indicating that green lock icon I spoke about and showed). Check your site there. If you set up SSL but it doesn’t show as being secure on that page, then it’s time to figure out why…
Now, for a moment, I have to bring it back to options 2 and 3 above…
Option 2: If you have an expert do this for you, you won’t have to worry about this.
Option 3: WA has free added support to help you with this if your page isn’t fully secure. They’ll basically help out like an expert would, but for free.
BUT, should you be stuck in option 1, where you are the one who set it up and things didn’t go your way, there are in my experience 3 reasons this can happen:
Reason 1: You just didn’t complete/confirm your certificate correctly. In that case, have someone from the place you purchased you certificate from walk you through it and redo all the steps necessary.
Reason 2: You may have an image or several on your site that are externally linked to an unsecured page and/or your images may have been uploaded in a way that makes them unsecured.
This option is probably the most complicated “looking” to fix, but it is still easy to do so. First you need to identify if indeed it is the image that needs to be changed. To do this, visit your website LIVE as it shows up to the public.
Then on any part of the site that isn’t a link, right click and select “inspect”. Then select “Console”. This will show you where on the page there is a unsecured image located.
If you have say 3 images on a page and the console options shows that image 2 is unsecured (it’ll show as http:// and that’s how you’ll know), your job will be to log into your site, whether through the dashboard or cPanel, whatever option you use and change the URL and/or code of the image and add an S right next to http:// so it becomes secured.
That would apply for just the 1 page where you inspect where it’s unsecured, you’d need to do that for every single page to be sure the whole thing has the green lock. With sites that have a small amount of pages, this isn’t a problem, for larger pages, you may need to think about hiring someone to figure this out if you encounter this problem and/or maybe transferring your site over to WA hosting so their support can help you resolve it.
This kind of stuff sounds and looks complicated but honestly, if you do a YouTube search on it, you should get great instructions you can follow, so with that said, don’t worry too much about this.
Reason 3: It’s your theme.
If the first 2 reasons fail to deliver a FULLY secure site, then it’s time to consider a theme change. Such was the case with me when my theme was the last obstacle between me and a secure website and ALL I had to do was change it.
In fact. the ONLY reason I had discovered my theme was the issue was that site support from Wealthy Affiliate told me they made the required changes to my site, but there was some sort of specific doe in my template that could not be changed to accommodate an SSL certificate, thus I had to change it to make it work and so I did.
Now I don’t know if there is a list of themes which are SSL friendly or not, but in my case, I switched to an Eleven40 Pro theme and BOOM, my site had the pretty padlock on it.
My final thoughts:
This is a topic that scared me when I first heard about it. Enabling SSL sounded like I was changing my whole website around but in reality, it’s just adding another SAFE, layer over it.
Once you make the switch, you can elect to let Google know through Webmaster Tools that you did this, but in my experience this is optional.
In other words, if you use webmaster tools for your site, you can leave it alone and the changes will be seen by Google on their own.
If you have rankings on your site, everything will automatically switch and your rankings will stay the same and/or rise depending on the switch.
Either way, switching over to SSL can only benefit your site in the long run and it’s something I’d do while it’s still a fresh assumption that Google is looking at for ranking.
But besides just the ranking thing, consider that people will also look upon your site from a more trusted view and that can only help your business/authority grow and if that happens, surely Google’s trust will also follow it, so it’s only going to help you!