An SEOs Guide to SSL and HTTP2.July 23, 2019
Many SEO experts and digital marketing consultants do not often concern themselves with what goes on server-side of the websites or online platforms they manage.
These days, with the advent of super fast page speeds and lightning quick load times influencing both search rankings and site conversion rates, knowing what goes on behind the scenes, such as how server requests are handled and what SSL is, can prove vital, even when talking purely about SEO.
Let’s start with what SSL is
To describe it using as few technical terms as possible, SSL is simply a security technology that is used to create an encrypted link between your desktop browser and the web server that it communicates with.
An SSL certificate, which is another term you’ve probably heard of, is a certificate that provides a sort of digital thumbprint, signing data that may be passed over to a server so that its origin/destination can be authenticated.
Websites that do not have SSLs are served via HTTP (Hypertext Transfer Protocol). Alternatively, those that do have an SSL are served by HTTPS, where the S stands for secure.
What does this matter for SEO?
Well, first of all, everyone should be concerned with security. In the digital age, making sure that the connections we use are secure and private should be everyone’s responsibility.
Aside from that, however, Google has made it abundantly clear that it will no longer tolerate unsecure websites. The most prominent example is that when you visit an unsecure website via Chrome, you will be issued a warning informing you of exactly that.
Potential visitors that see this warning will be very apprehensive about using your website, especially if they have to complete any sort of sensitive action such as entering a password or completing a payment.
There are plenty of other SEO reasons including the fact that security is a ranking factor, that Google’s AMP can only be used in secure websites, and even that Google Analytics performs better via HTTPS.
So how hard is it to use an SSL?
Depending on the structure of the website, how old it is, how much content is on there, and the platform its hosted on, the process can range from dead simple to annoyingly time-consuming.
For instance, if your site is hosted on WordPress with a reputable provider, you can purchase an SSL certificate and install it very easily. Activating it is then a simple matter of installing an appropriate plugin which might even fix potential issues.
Just to give you an idea, one of the most common problems you will encounter is the mixed-content issue. In simple words, this happens when your website is served over HTTPS but some content on it (like images) are trying to pass via HTTP.
While in some situations it might take a little more effort to migrate a site to HTTPS, it’s worth the trouble every single time.
A quick and simple solution can be to use a service like Cloudflare which both caches your content and serves this using a flexible SSL.
That’s enough about SSL. What about HTTP/2?
So far, I’ve briefly mentioned occasions where your browser needs to communicate with a server. This happens all the time even when you don’t realise and more so today than any other time before.
But before delving into HTTP/2, you can’t talk about the sequel before knowing at least a little bit about the original (in this case, HTTP/1.1). First, consider the amount of requests your browser makes when you use a site.
To see this in action, load up any page on the web, bring up developer tools (on Chrome, just hit Ctrl/CMD + Shift/Option + J) and go to the network tab. Reload the page and see how many requests are made.
In many websites, more than 100+ requests are made just to load the page. Never mind when you do pesky things like complete a form or load up different images in a gallery.
What does this have to do with HTTP/1.1 and HTTP/2? Well, everything
As the name, which we previously mentioned, hints at, this technology is all about transferring data. For instance, when you submit a form, your browser sends a POST request to the server.
In contrast, when you need to receive data from the server, then your browser sends a GET request so that it can retrieve the title of your favourite movie or the titles of the projects you’ve been working on.
Both HTTP/1.1 and HTTP/2 work in a similar manner in this case.
This all sounds great. So what’s the difference?
Well, HTTP/1.1 is quite an old protocol. In fact, it’s been used for about 2 decades, unchanged. The problem lies with its efficiency.
With this original protocol, each request and response is made separately. If 100 different requests need to be made, these will be made one by one and the response will come back the same way.
Basically, it can be incredibly slow in today’s world where we serve up content by the truckload.
With HTTP/2, there are several new mechanisms that can mitigate speed issues. For example, multiple requests can be sent in at the same time.
Another exciting mechanism is that HTTP/2 can instantly serve up data that has not yet been requested but is anticipated. For example, when you load up an HTML page, you will almost certainly want the CSS and JS files as well, so you don’t have to wait at all for them.
So how do I switch over?
Unlike an SSL, where you have to actively purchase a certificate and then manually complete certain actions such as ensuring HTTPS redirects, HTTP/2 works entirely in the background.
All you need to do is make sure your hosting provider supports HTTP/2 and perhaps also consider a CDN that also supports the protocol. After that, you’re golden!
It’s all about efficiency and security
As is the case with pretty much everything we do with SEO, efficiency is the key. When you have a technology that lets you do things more effectively and securely, you just have to go with it.