In March 2014, Matt Cutts stated at the SMX West that site security was going to be a ranking factor and that they were giving more considerations to sites working with HTTPS. Websites using SSL (Secure Sockets Layer) encryption get a ranking boost compared to sites using TLS (Transport Layer Security). HTTPS websites ranking signal is not as strong as quality content for example but it still matter for Google.
A study has shown that 20% of first pages in the SERPs are now HTTPS websites. But when it comes to updates, there are also drawbacks.
What HTTPS means for your SEO
- 301 redirects
When switching your basic HTPP to an HTPPS website, in most cases, this change comes with many 301 redirects which means you are facing a loss of link equity. Unlike Google said, moving to HTTPS can lead to a loss of rankings and have the total opposite effect of what you were expecting.
Even if in many cases, this change is going well, it can be a tough job to do. Moz has stated that when they updated their HTTP to an HTTPS to be more secure, they met a loss of 9% in their organic search traffic.
- referral data
With HTTPS comes a loss of referral data. Actually, you can get information about the source of your traffic. If a site sends traffic to another one, you can access data on where this traffic comes from. This has a beneficial impact for your SEO because most of the time people will want to see where their traffic is coming from and will click on your website when checking their analytics. But this technique has been used too much by spammers who used it for referral spamming.
This is not working anymore when the traffic comes from an HTTPS site to a HTTP one. You will not have access to the referrer data anymore and so will not know where the traffic is sent from. This is translated by the “not provided”.
Be also careful with you rel=canonical, external linkings, etc. If you need all the details of the impact of HTTPS on your SEO, you can check this article from Branded3.
How the meta referrer tag can help
Moving to HTTPS is a fact. Security has largely become a criteria to rank well so you can’t avoid it. But to avoid this loss of referral data it exists a simple trick to install, it is call the meta referrer tag and let you control your referrer information.
In other words, you can still take advantage from the HTTPS and from the referrer data but in a more secure way. Traffic stays encrypted but you can pass this referrer data to all websites even if they are under HTTP.
Moz have shared the HTML code on how to implement it in your <head> section and the 5 differents ways to control how browsers are sending the information from your site:
- None: Never pass referral data
<meta name=”referrer” content=”none”>
- Unsafe URL: Always passes the URL string as a referrer. Note that if you have any sensitive information present in your URL, this isn’t the safest option. By default, URL fragments, username, and password are automatically stripped out.
<meta name=”referrer” content=”unsafe-url”>
- Origin Only: Sends the scheme, host, and port stripped of the full URL as a referrer, i.e. https://moz.com/thispage.html would simply send https://moz.com
<meta name=”referrer” content=”origin”>
- None When Downgrade: Sends referrer information to secure HTTPS sites, but not insecure HTTP sites
<meta name=”referrer” content=”none-when-downgrade”>
- Origin When Cross-Origin: Sends the full URL as the referrer when the target has the same scheme, host, and port (i.e. subdomain) regardless if it’s HTTP or HTTPS, while sending origin-only referral information to external sites.
Originally published on the OnCrawl blog. If you liked this piece, you might also enjoy this one.
