Should You Get An SSL Certificate?
SSL certificates are mainly used for websites that collect personal information. Personal information can be something simple like a contact form asking for your email, or very personal information like a credit card number.
If you plan on accepting credit cards on your website, then you’ll definitely need an SSL certificate. If you just want an SSL certificate because you heard that Google will rank your website higher, then you you’ll need to consider a few things first.
SEO and SSL Certificates
Search engines mainly care about the user experience, so websites that offer a secure connection via SSL are smiled upon. If a user can view your website or fill out forms on your website securely, then that makes your website trust worthy.
Search engines are trying to get spam and/or useless websites off their front pages, and webmasters that have an SSL certificate are usually a real business with real products. Most people wont invest $100 – $500/year for an SSL certificate if their website is spam.
If you do decide to get an SSL certificate on your website, the earlier the better! When you purchase an SSL certificate, you can lose a lot of link juice because “http” and “https” (the secure website) will have different backlinks. For example, you can get 1000 Facebook shares on your website, but if you purchase an SSL certificate your website will change from “http://” to “https://” and now you’ll have zero Facebook shares because the URL different.
So if you have a lot of backlinks to your current domain and you already rank well with search engines; then an SSL certificate might hurt your SEO. If you’re collecting credit card payments on your website, then you don’t have a choice. But if you want to install an SSL just because Google announced that as a new ranking factor, you could end up hurting yourself.
SSL and Redirections
Hosting companies have no problem selling you an SSL certificate, but they fail to help you set it up correctly. If you don’t redirect your current pages to the new secure HTTPS pages, then you’ll have duplicate content.
What I mean is that people will be able to access your website from http and https which defeats the purpose. It’s kinda disappointing that web hosts won’t tell you this upfront, they just install the SSL certifcate for you and they leave you to it.
If you’re using WordPress, I heard there are some plugins that will redirect all your pages to the secure pages. Somebody recommended a plugin called “Forced SSL” but the reviews didn’t look that good to me so I passed.
As an alterantive, and if you’re comfortable using cPanel with your hosting provider; you can add a few lines of code to your .htaccess file that will redirect all your unsecured pages to the secure domain. This will ensure that anybody that clicks on your old links from search engines, blogs, or social bookmarking sites will get redirected to the secure HTTPS page.
If you don’t create the redirection, then people that click on your old unsecured links will get sent to the unsecured page which will create a problem. Also search engines might get confused because they wont know if they should index the secure pages or unsecured pages.
If you need help finding the correct code to enter into the .htaccess file, then send me an email. Your hosting company might send you a default template that you can use, but I found that the template they use left a lot of pages unsecured.
–SEO Company Los Angeles