HTTP vs HTTPS: it’s a decision every website owner has to make.
You may have noticed that some website URLs begin with HTTPS while others begin with HTTP. What’s the difference and which one is better for SEO?
That’s what you’ll discover in this article.
- #1. What Is HTTP?
- #2. What Is HTTPS?
- #3. HTTP vs HTTPS – What’s The Difference?
- #4. What Are The Advantages of Using HTTPS?
- #5. How To Switch From HTTP To HTTPS
- #6. SEO Considerations when Switching to HTTPS
- #7. How to Force Websites To Use HTTPS
- How Much is an SSL Certificate?
- Conclusion
- More Articles About SEO
#1. What Is HTTP?
HTTP stands for Hypertext Transfer Protocol. It was created by Tim Berners-Lee in the early 1990’s, when the Internet was still in its early stages.
So what exactly is HTTP?
Well, without getting too technical, it’s a network protocol that allows web browsers and servers to communicate with each other through the exchange of data.
But there’s a problem with HTTP.
And that is that the data sent and received is not encrypted. It can be intercepted by third parties and potentially altered, making both the information itself and the information receiver vulnerable.
#2. What Is HTTPS?
HTTPS stands for Hypertext Transfer Protocol Secure.
The ‘Secure’ part of HTTPS refers to the fact that data is transmitted securely, either through a Secure Socket Layer (SSL) or through Transport Layer Security (TLS).
Put simply, HTTPS is HTTP with an added layer of security.
HTTPS encrypts data
With HTTP, information flowing from server to browser is not encrypted. That means any data you enter into a form on a website site (e.g. username, password, credit card or bank details) will be sent as plaintext. It can therefore be intercepted and used by third parties.
But with HTTPS, data is encrypted before being transmitted. Even if someone were able to intercept that data, it would mean nothing to them because the information has been turned into code.
HTTPS and SSL/TLS
Adding an SSL (Secure Socket Layer) certificate to your website is what turns the HTTP part of your URL into HTTPS.
Although people still call it SSL, the latter has now been deprecated and replaced by TLS (Transport Layer Security). TSL does the same as SSL: it encrypts data and authenticates connections between server and browser. But it’s much more secure than SSL was.
#3. HTTP vs HTTPS – What’s The Difference?
In most browsers, a website that uses HTTP will be marked as ‘unsecure’.
In Google Chrome, for example, an HTTP site is labelled ‘Not Secure’:
In Firefox, an HTTP site will be marked by a padlock icon with a slash through it:
In both cases, the visitor is being warned that the site is HTTP and therefore not secure.
So the difference between HTTP and HTTPS comes down to an SSL certificate: one of them has it and the other doesn’t.
Here are some technical details about the difference between the two protocols:
- HTTP sends data over port 80 while HTTPS uses port 443.
- HTTP operates at application layer, while HTTPS operates at transport layer.
- HTTP doesn’t require domain validation, whereas HTTPS requires at least domain validation and certain certificates even require legal document validation.
- There’s no encryption in HTTP, whereas with HTTPS the data is encrypted before sending.
#4. What Are The Advantages of Using HTTPS?
The main advantage of HTTPS is simply having a more secure website. If you use WordPress, for example, your user name and password will be more secure with HTTPS.
Here are some other advantages of using HTTPS:
- Build trust with your website visitors because your site is secure – in a study carried out by GlobalSign, more than 80 percent of respondents said they would abandon a purchase if there was no HTTPS in use
- Improve your website’s SEO – in 2014 Google announced HTTPS as a ranking signal.
- Better data in Google Analytics – HTTPS preserves referrer data whereas with HTTP, referral sources will just appear as “direct traffic”.
- Eligibility for AMP (Accelerated Mobile Pages) – AMP is a stripped down HTML created by Google that produces fast-loading mobile versions of web pages. But to be eligible for AMP, you need to have an HTTPS website
#5. How To Switch From HTTP To HTTPS
Here’s a list of things you should do when switching from HTTP to HTTPS:
- Decide which type of SSL certificate you need/want.
- Install and configure your SSL certificate on your hosting account (most times, this will be done for you by your
web host ). - Make a backup of your entire site so that you can return to the HTTP version if necessary.
- Change any hard internal links from http to https
- Update your robots.txt file so that it includes your updated sitemap
- Update Javascript and any third party plugins
- Update your CDN (Content Delivery Network) SSL settings
#6. SEO Considerations when Switching to HTTPS
Switching to HTTPS is a big plus for your SEO. But your URL changes when you switch to SSL, so there are some things you to do to protect your website’s current SEO:
- Notify Google (in your Google Search Console account) that you have switched from HTTP to HTTPS.
- Implement 301 redirects throughout your site on a page-by-page basis: this will ensure that the link juice from your http pages transfers to your https pages. This will ensure you don’t lose any SEO strength your website has accumulated.
#7. How to Force Websites To Use HTTPS
Even after you have installed an SSL certificate and converted your website to HTTPS, other websites will still be able to access your website using the HTTP protocol.
However, it’s better for both you and your visitors, if they only access your site using the HTTPS protocol.
And luckily, there’s a way to force all your website visitors to use the HTTPS version of your website.
Here’s how to do it.
- Go to the File Manager on your
web host and open the .htaccess file, which you’ll find inside the public_html folder. - Within the .htaccess file scroll down until you find a line of code that says: RewriteEngine On.
- Then, insert these lines of code (marked in red) immediately beneath.
RewriteEngine On
RewriteCond %{HTTPS} off RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
If you don’t feel confident doing this, your
With that code added to your .htaccess file, all visitors accessing your site will be forced to use your SSL certificate (i.e the HTTPS version of your URL).
How Much is an SSL Certificate?
The cost of an SSL certificate depends on the level of assurance that the certificate conveys. There are three levels of assurance in SSL certificates:
Extended Validation (EV) SSL
This is the highest level of trust assurance an SSL Certificate can have. Prior to a Certification Authority (CA) issuing an EV SSL, your website and business will be subject to a strict vetting process. This is why this kind of SSL is more expensive than the other two.
EV SSLs can range in price from $100 per year to $900 per year.
Organization Validated (OV) SSL
This SSL Certificate carries a medium level of assurance. With this certificate, a Certificate Authority (CA) will verify that you own the domain and will conduct some organizational vetting.
OV SSL certificates range in price from $35 per year to $350 per year.
Domain Validated (DV) SSL
This SSL certificate has the lowest level of assurance. It provides the most basic form of encryption and only establishes domain ownership.
DV SSL certificates range in prices from $9 per year to $200 per year
If you’re wondering why SSL certificates with higher levels of trust assurance are more expensive, the reason is the vetting process: it has to be done by humans and the more expensive the certificate, the more thorough the checking process.
Conclusion
HTTP is steadily being phased out across the Internet, in favor of HTTPS. If your website doesn’t already use HTTPS, you should seriously consider getting an SSL certificate.
If you’re still weighing up HTTP vs HTTPS, the two most important considerations are (1) trust and (2) SEO.
HTTPS increases the trust visitors have in your website. And that’s vital because trust is everything on the Internet.
The second consideration is SEO. If you rely on traffic from the search engines, then an SSL certificate is absolutely essential, since Google has made the presence of HTTPS a ranking signal.
More Articles About SEO
- Search Engine Visibility – 23 Valuable Tips For More Traffic
- Stuck on Page #2 of Google – How To Get Out in 7 Easy Steps
- How To Rank for Multiple Keywords and Triple Your Traffic
- 13 Types of SEO You Shouldn’t Ignore in 2022
- Choosing a Domain Name for SEO – 10 Tips For Getting It Right
- SEO Recipe For Success – The 7 Key Ingredients For Ranking Well
- What Is SEO? An Introduction to Search Engine Optimization
- Seven Google SEO Trends To Watch For In 2020
- How To Write SEO Friendly Blog Posts – 17 Important Tips
- Topic Clusters & SEO – 5 Easy Tips For Building Content Hubs
- What Is Anchor Text (+ 7 Best Practices For Link Text)
- SEO Off-Page Techniques: 7 Important Facts You Need To Know
- SEO Acronym & What It Means (+ 7 Proven SEO Techniques)
- The Advantages of SEO – 13 Important Facts You Need To Know
- SEO for Blog Posts – 15 Factors To Help You Rank Higher
- Podcast SEO – 5 Facts You Need To Know To Grow Your Audience
- 19 SEO Mistakes You Should Avoid At All Costs
- How to Reduce Server Response Time in WordPress (27 Tips)
- Bing Search Engine Stats – Some Interesting Facts & Figures
- The 9 Best Ways To Increase Your Domain Authority
- What Is Page Authority & What Does It Mean For SEO?
- Benefits of SEO for Bloggers – 10 Reasons You Need To Be On Page #1