HTTPS in 2017 – The Ship Is Going To Hit The Fan!
I have some great news for you!
In 2017, SEO is going to get even simpler! (I know, it was simple already :>)
Woo hoo, let's all do a little dance.
Sorry, I was only joking. I hate dancing. (Aussies can't dance anyway - remember, we were all criminals exported from the UK)
Let me actually tell you the truth.
Things just got a little bit more crazy on the SEO, HTTPS and WordPress front.
WHAT? Haven't you been paying attention?
Or maybe, you just don't give a ship about all this tech stuff?
In 2017 that might change my technophobic friend.
For you and for me. Yes, we are both in this ship together! Down the creek without a paddle...
(look at the URL of my website - IT IS NOT HTTPS EITHER!).
HTTPS and SEO - Where It All Started
Can you believe it all started with Google?
Back in 2014 Google made serious moves to add HTTPS as a ranking factor in search.
Here's the infamous Matt Cutt's tweeting about it:
What does that mean for non-gobbledygook speakers (aka non-seo people)?
If your website is HTTPS then Google might give you some love! And we all enjoy some lovin' from Google, right? 
Moves our websites up and up in the rankings and gives us more free traffic from search.
Don't you just love free search traffic, instead of paying for ads? (that was another recent rant of mine).
But then in September, things got a little more serious...
Https and Chrome Are Buddies - AKA Taking HTTPS To The Next Level
So, where was I...
Oh yeah, back in September, Google rather quietly announced (imagine this in a hushed tone):
Starting January 2017, Chrome 56 [version] will label HTTP pages with password or credit card form fields as "not secure," given their particularly sensitive nature.
- Mr Google.com
Did you catch that?
Starting in January (aka next month), "THE GOOG" is going to show Chrome users a big ass "insecure" sign on your front door.
Remember, Chrome is the world's most used browser - at 56%. Yes, everyone except my Dad is using Chrome.
Are you accepting credit cards or asking users to enter passwords?
This is what it will look like in January (see that BIG RED Not Secure sign) :
OUCH!
Not sure I want one of those on my website, do you?
But Wait There Is More...
Just like a late-night TV ad, there is more good news, and it ain't a set of steak knives!
Google is not stopping with web pages containing passwords and credit cards - that is just the beginning of this merry dance.
In following releases, we will continue to extend HTTP warnings, for example, by labelling HTTP pages as “not secure” in Incognito mode, where users may have higher expectations of privacy. Eventually, we plan to label all HTTP pages as non-secure, and change the HTTP security indicator to the red triangle that we use for broken HTTPS.
- Google.com
WOOOAH....see that last sentence: "Eventually, we plan to label all HTTP pages as non-secure."
Translation: if you don't have https, all your pages will have that nasty red label in chrome.
AT SOME POINT IN 2017 (is my guess).
Now WordPress Wants To Party -HTTPS Style
Google starts the ball rolling, and now everyone is jumping on the HTTPS train.
This is what inspired me to write this post actually (yes, I don't have a muse sitting next to me).
WordPress is now making a move towards encouraging (aka pushing) HTTPS.
It is not clear exactly what they will be doing, but here is what their boss (Matt's his name) said on December 1:
First, early in 2017, we will only promote hosting partners that provide a SSL certificate by default in their accounts. Later we will begin to assess which features, such as API authentication, would benefit the most from SSL and make them only enabled when SSL is there.
- Google.com
Cutting through the tech-speak for you: WordPress are encouraging HTTPS and are slowly going to enforce it on developers who wish to work with them.
Who knows what the final version of this move will look like, but things have just gotten even more serious in the HTTPS game!
Just watch this lass, she is HTTPS savvy!
WOOT! (Man, where do people get the time to learn this stuff!)
Should We All Move To HTTPS
Alright, you only ask difficult questions. Damn you!
First let me explain a few things first...
Understanding HTTPS - Just A Quick Rundown (I Promise)
HTTPS is all about SSL certificates.
When anyone talks to you about HTTPS it can get confusing, so here are the cliff notes:
- HTTPS is just the letters that appear in the browser at the start of the URL (web address)
- SSL stands for Secure Socket Layer, and refers to the technology that helps make the web secure by encrypting traffic between a website and your browser
- You need an SSL certificate in order to use SSL and move to HTTPS
- Many hosting companies are now providing these for free, or next to nothing, because it has become cheaper (my host does and so might yours, just ask!)
Moving To HTTPS - How Can You Do It?
Moving to HTTPS can be quite simple, if - you use WordPress and have a simple site (not so many pages).
OR, it can be a little more complex - if you don't.
There are a few steps to doing it the easy way, and lots more pain and frustration if it does not go well. (your site might break for starters! I am sure you will enjoy that.)
So, I don't recommend it as something you take lightly. (despite some people having it easy)
(HINT: I have not done it yet because it can go horribly wrong and might take me days to fix).
I am not here to tell you how to do it, because I have not (and I don't like pretending to be a doctor on the internet).
Instead I will point you to a few reputable people who have and know what they are talking about.
If you are not "technical" (unless you are severely strapped for cash) I don't recommend doing this yourself as the results can be disastrous.
Here are the posts worth checking out:
- Sugar Rae Hoffman gave it a go back in July and can tell us a thing or two about it
- Yoast has a useful guide on it
- The pros at Authority Hacker who I generally listen to have a great podcast on their experiences
- This guide to HTTPS migration at Kinsta is one of the most extensive I have seen
There are loads more guides on Google, just check out Google.com (and type in "migrate to https wordpress" or not WordPress, if you don't use it - Seriously, no WordPress?).
Am I Going To Move To HTTPS?
I honestly don't think I have a choice.
Can I be bothered?
NO
I have better things to do than screw around with my website and perhaps break it.
But, the push is there both on the Google/SEO front and on the "not scaring away my customers" front.
It seems like we have a little time as HTTPS is only going to affect credit card payments and passwords in January.
But, the clock is ticking!
Look, here is a watch you can check...
About the Author Ashley Faulkes
Ashley is obsessed with SEO and WordPress. He is also the founder of Mad Lemmings. When he is not busy helping clients get higher on Google he can be found doing crazy sports in the Swiss Alps (or eating too much chocolate - a habit he is trying to break).