HTTPS Migrations – Why Should You Care?

Now or Never – HTTPS Migrations

For websites out there that are still not fully “secure” (if served from HTTPS), the next few weeks could prove to be quite rocky. Chrome will soon start instructing users that your site may cause security concerns and other browsers will soon follow suit.

 

Not entirely sure what this means or whether you should be concerned? Read on.

Why Go HTTPS – The 30 Second Version

Moving from HTTP to HTTPS has been explained many times, but for those of you who aren’t sure, or need a quick refresher:

1. It creates a secure connection between the user and server, prevents data sent/received from being intercepted – which is essential for any website holding potentially sensitive data (not just e-commerce).
2. It is a potential ranking factor as Google wants all websites to go secure and have suggested it could provide ranking benefits.
3. It is a necessary step for many new technologies (Service workers, HTTP/2 etc). If you’re not secure, you’ll end up falling behind in other ways too.
4. SSL Certificates are free now! The cost used to put some people off.

 

Oh, and here’s the big one:

In July 2018, Chrome is going to mark all non-secure (HTTP) sites as “Not Secure!”

 

If you want any more detail as to why you need to worry about HTTPS, you can read what Google has said on the issue.

Should I Be Worried About July 2018?

Assuming that you don’t want your browser telling customers that your site could be putting them at risk, yes. For those without their entire site served by HTTPS, you could stand to damage your conversion rate, the trust/credibility from those who visit you and potentially lose traffic overall.

At the moment, it is mainly Chrome that will impact users, but when approx 50% of web users use Chrome, that’s a large chunk of websites that may start to struggle. E-commerce sites especially will have a high likelihood of losing revenue because of this.

What Stops Sites From Moving to HTTPS?

Migration to HTTPS isn’t a new thing – so why have some websites avoided doing so?

• Lack of technical ability/confidence: Whilst the process is straightforward when you know how there’s a lot you need to know beforehand.
• Not prioritising it high enough: As with any major web project, if it’s not at the top of your priorities, it can always be deferred until later.
• Fear regarding what could (and sometimes does) go wrong: There are many horror stories of this going wrong, a botched migration could cost thousands of pounds or more.
• SEO paranoia: Concern that Google may somehow pass less value through a redirect from HTTP to HTTPs.

 

For anyone who has put this off so far, time is running out – there’s a mad scramble to migrate websites before it’s “too late.” This is an important process, however, and much could go wrong if you rush it or move before you have the right steps in place.

HTTPS Migrations – What Could Go Wrong?

Whilst we’ve migrated many websites, there have been enough horror stories of them going bad. There are many (many) things that could go wrong. Here are just some of them:

• Implementing the wrong kind of redirect to HTTPS
• Excess 301 redirect chains
• Non-secure content after migration
• Not updating sitemap correctly
• Canonical URLs still referencing HTTP version
• Not updating internal links
• Not updating Adwords, Analytics or other third-party software
• The list goes on…

 

Remember you are (in Google’s eyes) changing every URL on your website. Whilst this can be done quite simply on most servers with a handful of steps, it must not be glossed over. Anyone of those points identified above can cost you heavily.

One great (bad) example of when a migration goes wrong is from Homebase (as spotted by Omi Sido here). The nail-biting period when HTTP is switched out with HTTPS becomes a moment from hell when you realise you have lost over half your traffic. HALF!

 

What did Homebase do wrong? Many things, but one of the most significant were that Google was redirected 3 times before hitting the new destination (2 more than was needed, which causes problems on a site this size). Not only that, but they also changed some key-ranking pages as part of the process.

What matters is that this could take weeks/months to correct – although, it’s hard to imagine exactly how much this poor-planning/implementation could have cost them.

The Reality of a Migration Done Well

Although it’s easy to reflect on migrations which have gone badly – and sometimes this is valuable – being able to complete it yourself is quite another.

We’ve migrated a considerable amount of websites over the past three years, but of the most noteworthy are two Magento stores, which we have consulted and pushed towards a migration before the new deadline is imposed.

This example is one which typifies what we see a lot – a retailer making a significant amount from Google while knowing their site needs to migrate, but are afraid to. We worked with their external developer, the hosting company and the in-house team in order to ensure that the entire process went without a hitch.

Here’s an organic landing page report for the period compared to the previous year (to account for seasonality). As you can see, everything was stable throughout.

 

When we take a look at overall organic visibility, we have seen that we even grew over this time.

 

There aren’t many case studies where we’d consider a flat graph as a success, however, this is certainly one of them.

Another Example

Whilst we wouldn’t suggest migrating to HTTPS as well as moving to a new site, sometimes the two events take place at the same time. This client had come to us following “development hell”, meaning they had waited months for a new version of the website to be complete after a summer of punishing rankings drops. We had to ensure that the migration went without a hitch.

Again, working with our own developers and the hosting company, not only did we maintain rankings immediately after the migration, but we’ve since been able to grow from here, recovering a lot of the lost ground.

We – and the client – were happy with this one!

Setting Expectations

Of course, it is most crucial for everyone to understand what happens (and what can happen) throughout a migration. We have heard some interesting takes on this though, for example, “you can expect to lose 25-40% traffic through a migration” being one of the most worrying.

If you plan and execute the process correctly there is no reason why you should expect to see significant drops. That said, for anyone also citing ranking benefits from HTTPS is also potentially misleading – this can happen, but it isn’t guaranteed.

There are a lot of elements that could cause problems, but with the right planning, they don’t need to happen.

Key Steps For a Smooth Migration

Here’s how you can ensure the process is completed without anyone losing any sleep:

1. Get all stakeholders to be involved and buy into what you’re doing! You are going to need to ensure that your developers, hosting company and marketing team know what they need to do.
2. Don’t change any more than you need to. Many change other URLs, redirect additional pages and even move domains at the same time. The more you change, the more you have a chance to mess up, equally, the harder it is to establish what part of the process caused the problem.
3. Map out the process to understand what needs to change and how. This can be a complex process and there may be many websites you are working across. An extra day’s worth of planning here may save you weeks further on down the line!
4. Establish a timeline for when thing needs to happen. There are some key non-negotiables during this migration, so be sure you know what they are.
5. Keep checking your work! Even when you think you’re done, check again.

Are You Ready to Take the Plunge?

If you’ve been putting this off up until now, chances are, there is still some pressure building to make a decision. Even with the many comprehensive guides on how to migrate from HTTP to HTTPS, which you can find out there, there’s no substitute for experience when it comes around.

Looking at examples of what happens when it goes wrong, undertaking a project like this without the correct knowledge, planning and expertise can be disastrous and could cost tens of thousands, if not more.

Not sure if you want to risk it? Get in touch today and see if we can’t put your mind at ease!