Important changes regarding SSL encryption in your online shop

Update: Will SSL certificates have a positive effect on the SEO ranking in the future?

SSL encryption

Since this question first came to the attention of the web community in April 2014, there have been growing signs that Google is really serious and will prefer encrypted web pages when searching. Google wants to help make the web more secure, following a global trend. Worldwide, the number of encrypted connections for data transmission has more than doubled since 2013. Many providers, such as providers of free e-mail services, have already converted their services to encrypted data transmission. However, there is still a lot of catching up to be done on a large number of websites, including many online shops.

Encrypted connections with SSL certificates

Especially when sensitive data such as customer data, bank details etc. can be entered on a website, data transmission should always be encrypted. SSL Certificates are not only an excellent way for visitors to verify the authenticity and integrity of a page, but the connection to a page with an SSL Certificate is encrypted. This is indicated by the HTTPS protocol note in the address line of the browser. An encrypted connection with an encryption rate of 256 to 2,048 bits is common.

Important change from 01.01.2017

From 01.01.2017 unencrypted websites, on which passwords and/or credit card data are entered, will be marked as unsecure in the Google Chrome Browser.

Can you hope for a bonus in Google's rating by using an SSL certificate in the future?
- Yes, but only if you consider some important points.

The conversion from HTTP to HTTPS is like a domain transfer

Even if it seems to be just a change in protocol from HTTP to HTTPS, Google rates it as different URLs. You should handle the conversion to encrypted connections using HTTPS like a domain transfer. - Avoid duplicate content by completely moving the content of your http pages to the corresponding new https page and setting up corresponding 301 redirects. - Adapt all internal links to the new link structure. - Update your XML Sitemap

Partial encryption of a web page as a problem

Often only certain areas of a website are secured by an SSL certificate. These are usually the areas in which sensitive customer information is collected, such as online banking, form fields or the order process. This is a good thing for reasons of customer safety. For the ranking at Google it can become a problem, because Google recognizes the (unencrypted) main page and all pages before the order process first and therefore evaluates your website most likely as unencrypted, or only the encrypted pages receive the "SEO bonus". Therefore, all pages under the main domain (including "outsourced pages", such as landing pages that are not accessible via the navigation of the main page) should only be accessible via HTTPS (the protocol for encrypted connections).

Content delivery exclusively via HTTPS

Perhaps you have stored contents such as images, graphics, videos, CSS files, etc. in a separate subdomain. Make sure that these contents are also delivered in encrypted form. In this case, please remember to extend the validity range of your SSL certificate and specify the corresponding subdomains when ordering. Or, you can order a wildcard certificate in which you can include an unlimited number of subdomains on one level. Of course, you also have the option of applying for your own SSL certificates for subdomains. You can also easily combine different types of certificates, for example an organization SSL certificate to secure your main domain with a domain SSL certificate, which you use to secure a subdomain to which you have outsourced your content.

Which SSL Certificate should you choose?

All SSL Certificates offer an encryption rate of 2,048 bits. Since Google primarily assesses the existence of a secure connection to a website (encrypted data transmission), the selected certificate type should have no relevant influence on the ranking of your website, provided that it is validated. If you want to secure a large number of subdomains via the SSL certificate, we recommend the cost-efficient choice of a wildcard certificate. Both domain and organization SSL certificates are available as wildcard certificates. If you are running a commercial website where sensitive data is collected and/or online payment functions are used, you should definitely opt for an organization SSL certificate or extended validation certificate. These two types of certificates allow your visitors to verify the authenticity of your site by providing them with reliable and detailed information about who runs the site.

We recommend that you contact your hosting operator if you have any queries or wish to change to SSL encryption.