Internet transfer security is a major concern for many organisations, explaining the rise of the Secure Sockets Layer (SSL) protocol. This is indicated by adding an 'S' to the more familiar Hyper Text Transfer Protocol (HTTP), which enables online browsing. According to digital marketing software company Moz, HTTPS-prefixed links now account for 50% of Google's first page search results.
When these acronyms appear in the browser bar, users know they are in a secure zone, providing greater peace of mind. This is especially important when handling personal data or making payments for e-commerce purchases.
The HTTPS protocol also assures users they are on the legitimate site shown in the navigation bar, eliminating the risk of fake pages.
These advantages explain the surge in this secure protocol, which has gained significant visibility on Google's search engine results page (SERP) in just a few months, as detailed below.
The Rapid Increase in HTTPS Links
Figures show a surprising rise in HTTPS adoption. This is evident from data recently shared on the Moz blog by marketing expert Peter J. Meyers. Nine months ago, Meyers conducted a study using Google searches based on 10,000 keywords. From these results, 30% of the links appearing on Google's Page 1 were associated with the HTTPS security protocol.
Earlier this week, this figure reportedly climbed to 50%, according to Meyers. The expert noted no significant variations in results, suggesting that this increase is due to growing HTTPS adoption, not major changes in Google's algorithm.
The SEO and marketing platform Rank Ranger corroborated this data using another tracking and measurement system, adding robustness to the statistic.
If this growth rate continues, the percentage of secure page links on Page 1 of Google search results will reach 65% by the end of this year. This projection doesn't even account for the possibility that the tech giant might modify its algorithm to reward HTTPS links, given their widespread use. Gary Illyes, a Google analyst, confirmed via Twitter to Moz that such a modification was not in the company's immediate plans.
What was a promising trend in 2018 is now an unavoidable standard in 2024. According to a 2023 Statista report, over 95% of pages on Google's first results page already use HTTPS. This exponential increase underscores the critical importance Google and users place on security. Gary Illyes' prediction that Google would not modify its algorithm to reward HTTPS has been partly fulfilled; instead of a 'reward', the absence of HTTPS has become a 'penalty' or, at least, a factor that erodes trust and visibility.
Security: An Unfinished Task for Many Top Sites
While difficult to confirm, Google's inaction may stem from the fact that significant websites have yet to incorporate secure results. As an example, consider the top-20 sites analysed by Moz, alongside the number of secure subdomains using the HTTPS protocol.
In this list, the case of eBay, a global e-commerce leader, is particularly striking.
1) en.wikipedia.org – 100.0%
2) www.amazon.com – 99.9%
3) www.facebook.com – 100.0%
4) www.yelp.com – 99.7%
5) www.youtube.com – 99.6%
6) www.pinterest.com – 100.0%
7) www.walmart.com – 100.0%
8) www.tripadvisor.com – 99.7%
9) www.webmd.com – 0.2%
10) allrecipes.com – 0.0%
11) www.target.com – 0.0%
12) www.foodnetwork.com – 0.0%
13) www.ebay.com – 0.0%
14) play.google.com – 100.0%
15) www.bestbuy.com – 0.0%
16) www.mayoclinic.org – 0.0%
17) www.homedepot.com – 0.0%
18) www.indeed.com – 0.0%
19) www.zillow.com – 100.0%
20) shop.nordstrom.com – 0.0%
The list presented, though historical, illustrates a crucial point: even major market players were slow to adopt HTTPS. Today, seeing an e-commerce site like eBay without HTTPS would be unthinkable. This evolution shows that pressure from Google and user awareness have forced a massive change. In our experience at ZDS Digital, migrating to HTTPS is now one of the first steps in any serious SEO strategy, especially for sites handling transactions or sensitive data.
Why Adopt the HTTPS Protocol As Soon As Possible
Beyond the potential SEO benefits of adopting HTTPS, there are other reasons to commit to this secure protocol. The Chrome browser will start marking pages that do not incorporate it as 'not secure', especially those requesting passwords or credit card numbers.
As HTTPS adoption becomes more widespread, pressure from Google to incorporate this security protocol may increase. Therefore, it is advisable for new websites to include it from the outset (especially if they handle confidential information). Security certificates are relatively inexpensive and pose minimal risks.
Direct Impact on User Experience and Conversion
The 'Not secure' flag in browsers like Chrome generates distrust and can directly impact bounce and Conversion Rates. A 2023 GlobalSign study revealed that 84% of users would abandon an online purchase if they detected the page was insecure. For e-commerce, this translates into significant losses. Page load speed, often linked to server configuration and site optimisation, can also improve with HTTPS, as it allows for the use of HTTP/2, a more efficient protocol.
HTTPS as a Key Factor in E-E-A-T and Helpful Content
In current SEO, where E-E-A-T (Experience, Expertise, Authoritativeness, Trustworthiness) and Google's Helpful Content Updates are paramount, HTTPS security is a fundamental pillar. A website that isn't secure cannot be considered trustworthy, undermining its authority and expertise in Google's eyes. The algorithm aims to provide users with useful and secure content, and HTTPS is a basic requirement to meet the 'secure' part. At ZDS Digital, we always emphasise that security is the foundation upon which a successful content strategy is built.
The Importance of Core Web Vitals and HTTPS
Core Web Vitals, which measure user experience on the page, are also indirectly affected by HTTPS. While HTTPS itself is not a Core Web Vital, a secure site tends to have better infrastructure and, therefore, better performance. The new INP (Interaction to Next Paint) metric, which replaces FID (First Input Delay) from March 2024, assesses a page's responsiveness. A well-implemented SSL certificate and optimised server configuration can contribute to faster loading and smoother interaction, thus improving INP.
GA4 and Data Privacy
With the full transition to Google Analytics 4 (GA4) and an increasing focus on data privacy (GDPR, CCPA), HTTPS is more crucial than ever. GA4 is designed to be more resilient to privacy changes, but collecting user data in an insecure environment is a risky practice and can lead to penalties. An HTTPS site ensures that data transmitted between the user and the server, including analytics data, is encrypted and protected, which is fundamental for complying with current and future privacy regulations.
AI Search and Content Trustworthiness
The proliferation of AI-based search, with tools like ChatGPT, Perplexity AI, or Google's own SGE (Search Generative Experience), underscores the need for trustworthy and secure content. These AIs are trained and base their responses on information sources they consider authoritative and secure. An HTTPS site is a basic indicator of this trustworthiness. If an AI detects a site as 'not secure', it is less likely to use it as a source, affecting the indirect visibility of its content in AI-generated results.
How to Implement HTTPS: Quick Wins and Common Mistakes
Key Steps for a Successful HTTPS Migration:
- Acquire an SSL Certificate: Free options like Let’s Encrypt exist, or paid ones with different validation levels (DV, OV, EV). For most SMEs, a DV certificate is sufficient.
- Install the Certificate on the Server: Your hosting provider can assist with this.
- Update All Internal Links: Ensure all internal links on your site point to the HTTPS version.
- 301 Redirects: Implement 301 redirects from HTTP to HTTPS for all URLs. This is crucial for maintaining SEO value and preventing duplicate content.
- Update External Resources: Review images, scripts, CSS, and other resources that may be loading from HTTP URLs.
- Update Google Search Console and Google Analytics: Inform Google of the protocol change. In GA4, ensure your property settings reflect the HTTPS URL.
- Update Sitemap.xml and Robots.txt: Ensure these files point to HTTPS URLs.
Common Mistakes to Avoid:
- Mixed Content: When elements (images, scripts) load via HTTP on an HTTPS page. This can generate security warnings in the browser.
- Incorrect 301 Redirect Implementation: Results in lost link authority and indexing issues.
- Forgetting to Update Canonical Links: Canonical links must point to the HTTPS version of the page.
- Ignoring Load Speed: While HTTPS is secure, poor configuration can slow down the site. Optimise your resources.
- Not Monitoring After Migration: Use tools like Google Search Console to detect crawling or indexing errors.
Recommended Tools for Migration and Monitoring:
- Screaming Frog SEO Spider: To crawl your site and detect mixed content, internal HTTP links, and redirect errors.
- Sitebulb: Offers comprehensive technical audits, including SSL security checks.
- Google Search Console: Essential for monitoring indexing status, crawl errors, and search result Performance Marketing after migration.
- SSL Labs SSL Server Test: To verify your SSL certificate configuration and server security.
- Cloudflare: Offers CDN and free SSL certificates (flexible or full) that facilitate HTTPS implementation.
The Future of Web Security and SEO
Looking towards 2026 and beyond, web security will continue to evolve. We will see an increase in the adoption of more advanced security protocols, such as TLS 1.3, and greater integration of security at the application level. Google will continue to prioritise user experience and trust, meaning HTTPS will not only be a requirement but a foundation upon which future quality and Ranking metrics will be built. For businesses, investing in a robust security infrastructure is an essential business strategy for long-term credibility and sustainability.
Want to Incorporate Secure Protocols into Your Website?
Are you planning to create a website and want it to be truly secure for users? Do you want to achieve good visibility in Google search results as soon as possible?
If so, contact us or call us without obligation on (+34) 93 532 93 78 or (+34) 654 20 61 16. At B2 Performance, your digital marketing agency in Barcelona, we will analyse your business's characteristics and guide and support you in the creation of effective and profitable websites or blogs. We look forward to your call!
