Switching to a secure HTTPS connection: an algorithm that allows you to save traffic
The transition from HTTP to HTTPS is due to security requirements. Moreover, search engines insist that the connection be secure. This factor was even included in the ranking principles. Leading experts from Yandex and Google say that not a single user wants to “shine” not only their payment information, but also the fact that they interact with your resource. So the connection must be secure. But how to switch to HTTPS and not lose your position in the search results?
Let's open a simple algorithm that takes only a few hours.
What gives a secure connection?
Are the risks of traffic loss justified or is it better to leave everything as it is? No, it's still better to get the "green line" displayed in the browser. This “security signal” demonstrates that the connection is encrypted and cannot be intercepted by fraudsters from a third-party service.
This is especially important where there is critical confidential information - for example, in online stores or payment systems.
Transition: preparing and setting up
Before changing the protocol to HTTPS, you should change absolute internal links to relative ones. This means that http://webakula.ua/sajt-prostoe-reshenie/ will be referred to in texts as //webakula.ua/sajt-prostoe-reshenie/ or as /sajt-prostoe-reshenie/.
Scripts and remarketing codes are replaced with relative ones: with the domain name without specifying the protocol. Links to video and photo content are replaced with the same ones.
Choosing a security certificate
Free SSL certificates do not provide security. Browsers often read such a resource with an error. If you do not want to see warnings that "the certificate is not trusted", you need to choose paid certificates.
They differ in cost and degree of protection:
- Domain Validation, $10-30/year. Common certificates covering one domain name. Issued by any certification authority.
- Organization Validation, $40-$200. It confirms not only the domain, but also the organization, which means that the center can request a certificate of state. certification.
- Extended Validation, $120-$300. It implies extended verification: registration of the brand, correspondence of the physical address.
Certificates also differ in functionality: standard, Wildcard for subdomains, and SAN for a number of domains.
During the transition, you can actively use the help of hosters. But sometimes it happens that hosting has to be replaced, since not all of them support SSL certificates. If the hosting is replaced and the site switches to HTTPS, then it will still be available at the old address. Therefore, you will need to set up redirects.
The correct installation of the SSL certificate is checked by online services. One of the most popular is SSL Server Test, where you can also get recommendations for troubleshooting. Now your site is accessible via a secure protocol. It remains only to check the settings to save traffic.
Rules for setting up a site when switching to HTTPS
To change the protocol in Yandex.Webmaster, you need to send a request using "site relocation". You will receive a notification that https:// will appear in the line in the near future. But the mirrors are re-glued automatically: the process is lengthy and will not be accelerated. It is at this time that the issuance becomes unstable. The process of regluing mirrors can take more than a month, and in Google it is completed faster than in Yandex.
You should also update the line with the sitemap and robots.txt, replacing the host line in it. Now not only the domain name should be written here, but https: // domain name.
Then the site with the new protocol is added to the Google Search Console. Update the XML map, set the region, reload the Disawov Tool rejected references file.
After that, you can proceed to the most important stage: setting up 301 redirects. After that, all images and pages should open using a secure protocol.
It is very important to check all links, pages, language versions, and so on, so that there is no mention anywhere that “this connection is not secure”. It is also important to check the response codes of the page server: existing - 200, non-existent - 404 or 410. After that, it remains to wait for reindexing.
We expect the result: the site receives a secure protocol, and its visibility and traffic remain stable or even grow.
Keep in mind that search engines strongly recommend switching to HTTPS: secure data encryption is extremely important for users.