HTTPS and SEO

[Thor]

I am not sure where this falls HTTPS is hosting, but SEO is web development anyway;

Does HTTPS play a role in SEO

Does a SSL certificate + EV (greenbar) play a bigger role than just a regular SSL certificate?

If it will enhance platinumwealth and muscletalk then I would get it, just never saw the need previously.

 

[adrianx]

For login and registration, you should be using https (TLS/SSL), in my opinion. I think the Chrome browser will soon start "discriminating" against sites that don't use TLS/SSL.

 

[koeksGHT]

Yes it does, Google now uses that metric more, but almost nothing overall

 

[Thor]

For login and registration, you should be using https (TLS/SSL), in my opinion. I think the Chrome browser will soon start "discriminating" against sites that don't use TLS/SSL.

Yes it does, Google now uses that metric more, but almost nothing overall

I shall be buying SSL certificates for both sites Monday morning.


Side note

Normal certificate vs EV ( Greenbar)

Is there a difference in quality according to Google?

 

[Adenoid Hynkel]

I shall be buying SSL certificates for both sites Monday morning.


Side note

Normal certificate vs EV ( Greenbar)

Is there a difference in quality according to Google?

No. the one is a validation of your domain the other of your business.

You can also use let's encrypt which is free. The latest cPanel version has it included and can be activated by your hosting provider if they run it.

 

[Thor]

No. the one is a validation of your domain the other of your business.

You can also use let's encrypt which is free. The latest cPanel version has it included and can be activated by your hosting provider if they run it.

I did not know that?

Regarding the let's encrypt.

What is the difference between free let's encrypt and say RapidSSL, Comodo, geotrust or Twarte

 

[Thor]

I had a look Afrihost does not have any ability to the SSL via Cpanel.

Domains has a section under security called SSL, but I do not know what to do

 

[Smartweb]

Hey Thor,

Does HTTPS play a role in SEO

Yes, it does. At this stage, it is still more of a minor ranking factor, but Google are definitely factoring 'https' into their algorithm when ranking sites, and the strength of the signal is only expected to grow with upcoming algorithm updates, as Google is pushing quite hard for a fully encrypted web. e.g. expect an upcoming Chrome update to flag non-SSL enabled websites for users.

See:
https://webmasters.googleblog.com/2014/08/https-as-ranking-signal.html
http://motherboard.vice.com/read/go...ll-websites-that-are-unencrypted-chrome-https

Does a SSL certificate + EV (greenbar) play a bigger role than just a regular SSL certificate?

Tthere isn't an SEO benefit at this stage for EV certificates. The real benefit of having an EV certificate is to provide your customers with immediate & extra reassurance via the green bar. The extra vetting process required for issuing EV certificates coupled with the company name prevalent in the highly visible green address bar, means that your customers are immediately reassured that they're dealing with a legitimate company.
For example: Many people, rightly so, are still very hesitant to enter their credit card details on a checkout page, so having "Company Name (Pty) Ltd" proudly displayed in the address bar, goes a long way in establishing trust.

As it stands, a padlock coupled with an 'https' website address is still an indication of a website's security, but with the current push towards a fully https-enabled web, we can expect that to change, as ALL websites in the future will need to be SSL-enabled, even websites which are not deserving of trust. When that finally happens, a simple padlock on a website will no longer be a strong indication that the site you're using is to be trusted, as a standard domain validated certificate can be issued to pretty much anyone.

At that point, EV certificates will become 'the new norm' insofar as establishing which websites are hosted by legitimate companies & are to be trusted.

Bottom-line: If you're thinking long-term, having an SSL certificate on your website should be a fairly straight-forward decision. They are an established SEO ranking factor, they demonstrate you value your users' security and browsers WILL start flagging non-SSL websites in the near future. Plus, you can pick up a 1-year DV SSL from a reputable brand such as Comodo, RapidSSL or even Thawte, for a very affordable price.

E-commerce stores, large enterprises such as banking institutions, or any online business seeking to maximize customer confidence, should strongly consider the benefits of an EV certificate.

 

[Smartweb]

What is the difference between free let's encrypt and say RapidSSL, Comodo, geotrust or Twarte

Firstly, LE certs do not include a site seal or warranty. Brand recognition still a goes a long long way in terms of online security & trust. The average user still values seeing clearly visible marks of security, so a "Thawte" seal, for instance, can help a lot in terms of trust.
The benefit of a warranty applies strictly to the end-user, rather than you as the site owner, so they're protected against fraudulent companies.

Secondly, technical support. Many people feel strongly about paying a small fee for peace of mind in the way of support. Things can break. It's nice to know that there's someone you can contact if/when it happens. Most people who work with SSL, know that there's often quite a bit of hand-holding that's required. Sometimes you need help with validation, installation, site seals, updates, compliance etc. Even with a basic DV cert.

Customers appreciate having access to a technical support team. For example, when something like the Heartbleed bug is announced, or it is announced that all SSL certificates are to be migrated from SHA-1 to SHA-2. People get confused and worried, and it's nice to know that there's an expert point of contact. An open-source community is great, but it's often not the best choice for professionals or businesses who need to quickly get their site configured and working. Is the risk or hassle worthwhile simply to save what might be a couple hundred Rand?

Thirdly, LE only issues 3-month single-address domain validated SSLs, so they're still very limited in their use/application. No wildcard certs, multi-domain certs, OV or EV certs.

There's no doubt that they're definitely a step in the right direction insofar as creating a more secure web, but unfortunately they don't do much in the way of proving you are who you say you are, and for businesses who take their customers security seriously, you typically get what you pay for with a cert from one of the premium brands.

Just my 2c ;-)

 

[Thor]

Oh wow. Thank you so much smartweb!!!!!!!!!!!

 

[jonno_081]

Hi Thor187. We use Letsencrypt certs quite a bit. We've developed our own hosting control (as per my sig) and it allows us to install LE with a single click. Of course if our clients want something that LE doesn't provide then that's fine too.

For most of our clients that works well. They don't have sites which require anything special (eg, banking, investments, etc) so the small SEO boost is the real benefit.

Incidentally I think the more correct question would be, "is SSL helpful to my clients?".. The reason I say that is because I recently helped someone who was not using SSL to access his webmail in a public wifi (airport lounge I believe) and very soon after that his email account was sending spam from someone who had gotten access to his password. We believe it was someone on that networking looking at the traffic. Had he been using SSL the traffic would have been encrypted..

 

[Thor]

Thank you everyone!!!

PW is now https!!

 

[Albert Broco]

I shall be buying SSL certificates for both sites Monday morning.


Side note

Normal certificate vs EV ( Greenbar)

Is there a difference in quality according to Google?

Go for your normal certificate. The EV means nothing. About 99% of all Internet users around the world does not even know the difference between normal SSL or EV. Most people just look for the lock. Use EV only when players such as Google decides it is more important and starts implementing metrics to force you into using it, as they are doing with SSL now. Besides, when Google starts giving alerts in Chrome, I have a suspicion that they will also discriminate in search rankings.