SEMrush, discover the complete beginner's guide for success. SEMrush is by far our favorite SEO…
Set up HTTPS: Instructions and tips
Safety first! The topic of website security has been on everyone’s lips since 2014 at the latest. This year, Google announced that the HTTPS protocol as a ranking factor can influence the ranking in the SERPs.
A functioning SEO concept should therefore – if it has not already been done – switch from HTTP to HTTPS. Please note the following points when setting up HTTPS!
Step-by-step instructions and control tool in one: anyone who does not yet have a security certificate on their website will find a how-to for setting it up here.
Those who have already made the change can use the post to check whether you have thought about the change in all parts of the website.
HTTPS – what is it?
The “http: //” in front of the domain in the address line of the browser should be familiar to many. A Hypertext Transfer Protocol is primarily responsible for transferring the data from websites to the web browser.
The Hypertext Transfer Protocol Secure also takes on this task, but transfers the files in a tap-proof manner.
While using variant one, the user cannot be sure whether his data will not end up with a hacker instead of with the website operator, transmission with HTTPS protects against such phenomena.
Initially, it was mainly online shops and sites that work with confidential customer data that made the switch to HTTPS. In the meantime, encryption has become a trust element for users and therefore also for search engines.
Many website operators rely on this secure form of protocol, especially since the corresponding certificates are available cheaply or even free of charge.
Which SSL certificate do I need?
The “S” in HTTPS stands for the SSL certificate (or TLS certificate), which is added to prevent data theft and data abuse. The certificates there are available with different scope and different security levels.
Depending on the risk of fraud on your website and the value you place on credibility and trust, you can choose the appropriate certificate.
Do’s & amp; Dont’s – measures for the conversion
There are numerous sources of error in the course of installation and configuration: Starting with the correct forwarding, a wide variety of references are also affected by the HTTPS switch.
Since the ranking factor website security is becoming more and more important for users and search engines, error-free implementation comes first.
Is your website accessible with HTTP and HTTPS? Then something seems to have gone wrong with the changeover! If the certificate is integrated, the older HTTP version must be redirected to the new HTTPS version with a 301 redirect.
Make the appropriate setting in the htaccess file on your server, although the commands required may vary depending on the provider.
If the forwarding has been carried out correctly 1: 1, you do not have to worry about major losses in ranking. Probably alternative variants with noindex or canonical attributes do not represent a permanent forwarding and should therefore not be used.
Forward image files
Not only will the individual pages of your website be converted to HTTPS, you shouldn’t forget resources such as images, PDFs or CSS files! Like the duplicate content (accessibility of the page with HTTP and HTTPS), mixed versions of the website (e.g. HTTPS page with HTTP images) should also be avoided.
Anyone who has done good preparatory work in the area of internal linking can now save themselves the effort. Relatively set links (that is, without “http://www.domain.de”) only indicate the path of the respective subpage and therefore do not have to be changed.
In the case of absolutely set links, it is necessary to edit each individual link and add the “S” to the log.
Canonical tag and hreflang tag
The canonical and hreflang tags are like the internal links: Absolute links require manual editing. With the hreflang attribute, it also depends on how the language versions were created:
- Like other subpages, language directories are converted with a 301 redirect.
- So-called wildcard certificates must be purchased for subdomains.
- If the language versions have their own TLDs, their own certificates are also required.
If you set up HTTPS on your website, it is important to create a new sitemap immediately afterwards. You can initiate the generation manually thanks to free online tools, then load the new sitemap onto your server and also submit it to the Search Console.
An error-free sitemap that contains all pages with the new HTTPS protocol can speed up the indexing of the new URLs!
Like the sitemap, the robots.txt also needs a small update after the website has switched to HTTPS. In the file itself, only the link to the sitemap may need to be corrected.
It is much more important to check whether the robots.txt can actually only be called up as an HTTPS version. Otherwise, unwanted crawling specifications can be passed on to the search engines.
Changing backlinks to the newer HTTP version makes the entire changeover a much bigger act, but should be implemented if possible. Contact the website operator and ask them to update the link – the adjustment is usually not a problem.
For directory entries, you can simply log into your account and edit the log in the link yourself. The extent to which this step makes sense depends on the size of your own page and the number of backlinks.
Don’t forget Google tools
Did you succeed in setting up HTTPS, adjusting all internal links and files? Then the final step is to note the change in your Google tools as well. The protocol change represents a change for Google Analytics as well as for the Google Search Console and Google My Business.
Start with the entries in Google My Business: update the noted URL in your profile and all locations!