Why You Should Switch to HTTPS Now

Published September 22, 2017
Website security is an issue that is increasingly finding its way into the mainstream spotlight. From data breaches to WordPress hacks, most websites have found themselves wrestling to correct a problem related to security. We’re at a point where all businesses must look for ways to improve security for themselves and their users.
There are numerous ways that websites and online data are vulnerable, and while it’s important to consider everything from malware intrusions to server side risks, one opportunity that every website should be considering at this point is a secure protocol.
In this article we’ll go over the many reasons why switching your website to HTTPS should be on every business owner’s short term agenda. But first, let’s start by defining the nature of this protocol itself. 

What is HTTPS?

HTTP stands for Hypertext Transfer Protocol and the added “S” in HTTPS stands for “secure.” With this protocol, communication is encrypted by Transport Layer Security (TLS) or, previously, a Secure Sockets Layer (SSL). As Wikipedia explains it, “HTTPS provides authentication of the website and associated web server with which one is communicating, which protects against man-in-the-middle attacks.” Historically HTTPS has been enacted to protect user privacy during data exchanges, specifically financial transactions. However in the last decade we’ve seen the use of HTTPS become more widespread and common among all pages of a website to provide added levels of protection for both users and the site’s themselves. There are a few different ways that HTTPS can make a website more secure.

Security Protections

Even when sensitive information is not being exchanged, on a standard HTTP connection user behaviors can be tracked and aggregated to reveal information about user identities. On HTTPS, user activities are better protected from outside parties looking to gather and utilize identifying information. In addition to increased privacy, HTTPS can help prevent external intrusions like the injection of malware into user communications. There are also less nefarious, but still undesirable, manipulations of a non-secure transfer protocol like the injection of ads into web pages where they shouldn’t be. Using encryption will make that impossible. HTTPS also helps protect data integrity and authenticates that users are in fact giving their information to the intended recipient website.

There are certainly limitations to the protections provided by HTTPS; for example, it cannot eliminate persistent attacks or network hacks. But, the data encryption created through a secure transfer protocol protects both the website and its users from external interference to the traffic between their browsers and the website while also improving overall user privacy.

Data Advantages

In the past we’ve discussed understanding direct traffic in Google Analytics. One of the murkier aspects of direct traffic is the way that traffic coming from a secure source to a non-secure page can be attributed to direct traffic. The nature of this security is that when traveling from an HTTPS source to an HTTP one, the browser should not report where it has been, and therefore even organic traffic may be attributed as direct. This discrepancy may skew our understanding of traffic volume by channel. But moving to HTTPS will preserve secure referral information, which will provide a more accurate picture of where visitors are coming from.

SEO Advantages

One of the more popular reasons for changing from HTTP to HTTPS in recent years has stemmed from Google’s announcement that sites using HTTPS might receive a rankings boost. While the Google statement indicated this would be a minor ranking factor, when it comes to organic positioning, any advantage, no matter how small, is worth the effort in the long term. That news came out about two years ago, meaning that there has been plenty of time for more websites to use HTTPS and allow the industry to analyze the results.

In a recent study of ranking factors, SEMRush found that 65% of domains ranking for the high volume keywords they studied are using HTTPS. This insight is not, on its own, definitive though because there are several other ranking factors that contribute to these positons. It does however support a strong correlation between organic search performance and the use of secure transfer protocol.

While the process of switching to HTTPS isn’t necessarily difficult, it does require meticulous attention to detail, and considerations of everything from CSS elements to page speed as part of the implementation process. But for the potential organic search performance enhancements, as well as other benefits, it is a change worth considering, particularly if there are other major structural or design related changes happening.

Chrome’s Form Warnings

Finally, another recent Google related announcement adds an additional impetus to switch to HTTPS. In August of 2017, Google sent emails through Search Console, notifying webmasters that beginning in October of 2017, Chrome would begin showing a “not secure” warning to users who were entering information into a form on HTTP pages or visiting HTTP pages in “incognito mode.”


Chrome Warning about HTTP Security


Even though HTTPS use has been a security standard for the exchange of password or financial information, a simple contact form or email opt-in on a non-secure page has not been flagged. While the warning itself will consist simply of a “Not Secure” label alongside the URL in the URL bar, its very existence could deter some users from proceeding with inputting information. Considering the importance of form completions and email acquisition as part of ongoing marketing campaigns, this change could be counterproductive to those efforts.

Aspects of AMP Require HTTPS

The growing popularity of mobile search gave rise to the introduction of AMP pages. AMP stands for Accelerated Mobile Pages which is a Google supported open source initiative for content delivery. The idea is that AMP allows publishers to serve content more quickly on mobile devices. Specifically this mobile-friendly content loads almost instantly for a better mobile user experience.


Google AMP Project


We are seeing the growing influence of AMP as it pervades search results. According to there are already over 1.5 billion AMP pages published, and content management systems and analytics programs are embracing this as a new standard. Given this assimilation, AMP is likely to continue to play an important role in mobile content delivery. The fact that many URL values in AMP require HTTPS is another supporting argument to move to a secure transfer protocol.


Website security may feel like a matter best left to the developers, but the issues and opportunities associated with secure transfer protocol affect an entire organization from the CEO to the content writers. While any one of these reasons might be enough to support an eventual move from HTTP to HTTPS the combination of all of them creates a greater sense of immediacy. There are multiple levels of the protection, prevention and benefit associated with implementing a secure transfer protocol. Considering the current and potential future advantages to having a secure website, making the move as soon as possible is an action item that belongs on everyone’s to do list.


When the client first came to you, you talked up the value of Google Analytics. You emphasized the importance of seeing where your traffic was coming from. You went on and on about how Google Analytics can show traffic sources to pinpoint whether people came from search, social media or a specific site referral, and how valuable this data was. You sold them on it, so much so that your client looked forward to receiving that first report, the magical day when they would finally understand where visitors were coming from.
But then the report came, and it looked like this:



It showed that 10% of your client’s traffic came from “(direct)/(none)”. What does this label mean? How do you explain Direct traffic to your client? Better yet, how do you explain “none”?
Let’s take a closer look at understanding Direct traffic in Google Analytics and how we can address it with clients.
Digital marketers spend a lot of time focused on PPC and SEO campaigns in order to drive desirable traffic to a website. The phrases we’re ranking for and bidding on get meticulous attention, so much so that we often forget about some of the other ways that visitors find us.

We put a tremendous amount of the effort we put into reviewing organic search data and PPC campaign performance in analytics. But how closely do we monitor referral reports?

If that’s not a channel you review regularly, you may be missing out on seeing traffic that is coming directly from links you’ve obtained around the web, local business listings, news mentions, and more. Many times, links are only considered as a means to an end, a metric that Google uses in determining how to rank sites in the SERPs (search engine results pages). But the fact is, many of a site’s links may be directly contributing to its traffic.

In this article, we’ll review how to look at referral reports in Google Analytics, and some of the many ways to use that data to better inform your web marketing decisions.


Remember how your mom told you not to stand too close to the television because it might hurt your eyes?

The same rules can apply to data. If you’re too close, you may miss the patterns and trends that are crucial to understanding your website’s performance. You can’t judge a site’s performance looking at data in the bubble of a single day, you must consider any day’s traffic compared to the days before and after.

Google Analytics makes it fairly easy to analyze trends over long periods of time. But it also allows you to stand right in front of that TV, to look at more granular levels of time, right down to the hour.
There’s a better way to get that close to the data, without burning your retinas. We’ll cover how to analyze traffic effectively in today’s post.