(58)
As you may remember, Google made HTTPS a small ranking signal and many SEOs and webmasters flocked to switch their sites to be fully HTTPS. Heck, we moved this site and I also moved my corporate site - mostly so I can report back to you on the success or failure. I saw none in terms of rankings in Google.
And since most webmasters saw no ranking changes, some are considering switching back from HTTPS to HTTP.
A WebmasterWorld thread has one webmaster asking what should he think about when migrating back? It would be the same concerns you need to think about when migrating from HTTP to HTTPS minus worrying about your SSL certificate not working or having content mismatch errors. In fact, switching from HTTPS to HTTP is way easier than switching from HTTP to HTTPS.
Why is he switching back?
(1) don't really need https for an informational website
(2) don't see any ranking nor trust improvement
(3) browsers block http images, http iframes, any kind of non-https resource included in my websites.
(4) probably server load is higher for https (not tested)
Those are his reasons, and you can argue with number one, you can solve numbers 3 and 4 but number two, no one would argue with.
I suspect most people who switched are not switching back? Right?
Forum discussion at WebmasterWorld.
Comments:
I Am not a lover of Google
01/21/2015 02:35 pm
Chasing after an evil companies breadcrumbs can only mean a starving birdie
CaptainKevin
01/21/2015 02:41 pm
no way to tell if there was "trust improvement" but that is likely what you would expect here - resistance to being hit by Panda etc. Not all ranking factors work in the way that a second grader would have designed them, bit more complex than that.
Max
01/21/2015 03:26 pm
Unfortunately if you utilize 3rd party extensions/plugins, you are sometimes at their mercy of providing an HTTPS version of their includes, etc. As far as your own resources/images, you should make sure they are all available over HTTPS if you do make the switch.
Michael
01/21/2015 03:51 pm
Very interestung to know. It really was daft of Google to tell people they need https when they don't.
snuffy
01/21/2015 03:56 pm
I never switched to https because Barry reported that his adsense revenue tanked.
Goofler
01/21/2015 04:00 pm
If you aren't a bank, don't waste your time and money doing that shit. That's just another black evil under table business between Google and hosting companies. They are desperate for money and because their stocks are falling down... did you know that?
Josh Zehtabchi
01/21/2015 04:25 pm
I still can not understand how so many webmasters are quick to jump at this even though they handle no secure sessions nor store/transport sensitive data. Despite what Google claims is best or most accepted, I continue to develop based on my visitors and customer needs. Which includes, but are not limited to: applying HTTPS only when needed. I'd be surprised to know how many jump off of a bridge, because Google suggested it may help your website rankings...
Josh Rubin
01/21/2015 04:29 pm
I don't see why you would really go and revert back to non-https if you had it up and running. If you're a decent webmaster, securing your site isn't too difficult (even with plugins, etc running) and if there's any section on your site where people enter their personal information, it's beneficial to have it encrypted upon transmission. Always protect your customers' information. I made the switch because I don't want to be caught playing catch-up when Google puts even more weight into a site being secure. Not seeing rankings is not the reason to switch back - you should always put your users' security first - rank improvement is a secondary benefit.
Mark
01/21/2015 06:05 pm
Webmasters are so hungry for any advantage they can get. Google's extreme favoritism for big brands, coupled with their constant stream of bad/non-applicable advice and ridiculous rules has created this mania where most people don't even know how to explain their own profession anymore, but this is what Google wants.
Ben Sibley
01/21/2015 08:13 pm
There are many reasons to implement HTTPS on your site, and SEO should probably be the last on the list. If you switched for Google and you're already switching back, you need to ask yourself if you're responding or simply reacting. As for HTTPS being slow, that will change as SPDY is picked up by more hosts/browsers.
Chuck Reynolds
01/21/2015 11:57 pm
I switched some sites to https, not for google/seo, but because, at this point, there's no real reason not to. If you switched to https because you thought you'd get some kind of boost in rank? well you're either not paying attention; are super new; or you're insanely gullible. Reasons 3 & 4 above are dumb; easily solved; minor technical problems.
Michael Martinez
01/22/2015 12:05 am
If people are not logging into your site there is no need to use HTTPS to deliver your content.
Marcus
01/22/2015 01:28 am
I think some of Google's motivation lies in wanting to stop snooping eyes from censoring content (ie - China, etc). So from that perspective, having any and all content sites HTTPS would help limit how much countries like China could filter and block content... They would have to block everything if we all used HTTPS.... or let everything through... =)
Mona Tanwar
01/22/2015 03:04 am
I agree with the fact that their is no change in the ranking but does it has any effect on the domain authority of the website ??
Ngan Son
01/22/2015 04:56 am
It seem no change when try to use HTTPS
Vivekanand Selvaraj
01/22/2015 05:36 am
Why don't they think about this reason before switching from HTTP to HTTPs. Now the Webmasters thinking about switching back from HTTPS to HTTP and they given some consolation reasons. Its seems like a funny game. Google didn't gave any proper announcement about this SSL certification.
stormwriter
01/22/2015 12:30 pm
Its taken 3 months for my site to recover back 75% traffic after google dropped us 3 pages back after https change over. It is now starting to place higher than all competitors in my long keyword pages and local pages.
Peter Driessen
01/22/2015 01:10 pm
If webmasters move to https just for improving their ranking, then they clearly didn't get it why they should move to https...
Patti Paz
01/22/2015 01:42 pm
AND, the merry-go-round just continues to go round and round, kinda like a chicken with its head cut off. But, isn't that what we have come to expect out of google??
Anthony Lavall
01/22/2015 02:18 pm
I was really hoping to find someone who would mention SPDY and HTTP 2.0! There are a number of hurdles to overcome but sitewide SHA-2 SSL certificates and HTTP 2.0 will be the future of the web, helping improve speed and security issues for a better digital experience. No-one should be switching back. HTTPS is another positive tick box for SEO and ranking gains (like all things in SEO) will take time as the industry as whole has to progress. Webmasters that are one step ahead will eventually see the benefits.
Anteela
01/22/2015 03:55 pm
I think points 1,2 and 4 are valid, however: "browsers block http images, http iframes, any kind of non-https resource included in my websites." That's his own fault. Switching to HTTPS means more than just installing an SSL certificate. You have to make other changes to make sure the resources are secure. We've made the adjustments to move to HTTPS on our sites. The process was mostly painless and unless it hurts having an SSL, I don't see the point of switching back. Haven't noticed much SEO benefit, but there's always hope.
Jim Thornton
01/22/2015 06:18 pm
some issues with cdn images and adding redirects to pull images makes that point viable though. switching to https can mean having to shop new CDNs
StevenLockey
01/23/2015 11:34 am
Seeing a very small improvement in one of our sites we switched to https. It was an e-commerce site, so there where other good reasons other than rankings to switch, but the rankings increase was what persuaded the client to pay for it ;) Most main keywords were unaffected (we are pretty much #1 for the main short-tail keywords anyway), but the more localised searches and longer term queries that we don't rank quite as well on seemed to have improved. Of course it could of been something else that changed that improved the rankings, its always hard to tell :)
Steven Broschart
01/26/2015 09:59 am
We recently launched a traffic calculator to get aware of the additional traffic caused by the https-protocol (german): http://optimizingexperts.de/ploetzlich-weltweit-ssl-was-waere-wenn-1448/
StevenLockey
01/27/2015 02:39 pm
User privacy?
Michael Martinez
01/27/2015 04:20 pm
There is NO "user privacy" if you are just visiting a Website. Your visit is recorded by your ISP and by the Web server. HTTPS doesn't have anything to do with that.
StevenLockey
01/27/2015 05:10 pm
The URL is. Under https everything else is encrypted, so anything you do on the site can't be monitored other than by the receiving server, blocking man in the middle attacks e.t.c.
Michael Martinez
01/27/2015 09:30 pm
You really don't understand what you're talking about. The ISP can track your every movement because the envelopes for the packets are not encrypted. And the server decrypts the packets and records the requested URL in its log files. There is absolutely no such thing as "user privacy" in a Web connection. All that is protected is the data IN TRANSMISSION. Man-in-the-Middle attacks still occur all the time. Google, Apple, and other big users of HTTPS were hit by MitM attacks last year. Rogue proxies, compromised routers, and just fake Websites can be used to trick millions of people into making bad connections. HTTPS is a sieve trying to hold water. The encryption may work beautifully but it doesn't encrypt nearly as much as you need it to in order to truly create "user privacy".
StevenLockey
01/28/2015 09:32 am
Uh huh. You do realise that under https its all encrypted, including the URL? You'd expose the domain you are requesting during the DNS lookup, but otherwise, everything you are sending is hitting your ISP encrypted. I don't think you understand that the data is encrypted before your ISP gets it? Assuming SSL hasn't been hacked, then basically its near impossible to get any meaningful data from an SSL connection beyond the IP its connecting to. The only data in the wrappers are the IP address you are connecting to and transmission information like package size, package sequence order e.t.c. Nothing actually useful to a hacker. HTTPS protects against Rogue proxies as well, since if they try to pretend they are the dodgy site using the same URL then the browser will flag a warning. Same for phishing sites. Not much you can do if the user goes to a completely different URL. If people just don't notice there is a dodgy site or get Malware, yes its not going to do much but your argument is kinda like: Well the river floods anyway, so its a waste of time building flood defences. HTTPS may not be the cure all, but its a useful protective measure and it also gives more people more peace of mind when browsing the site to see it is secure.
Michael Martinez
01/28/2015 03:33 pm
What I realize is that you're focusing on what you think you know and not paying attention to what I am telling you. HTTPS encryption is ephemeral. It lasts for microseconds. And the data about your packets (the envelopes) is NOT encrypted. Furthermore, rogue proxies have been used to execute MitM attacks against HTTPS "protected" Websites. Millions of Google and Apple users (among other companies' users) learned that the hard way in 2014. You really need to go read up on these well-documented search breaches to understand that HTTPS is not accomplishing much toward defending "user privacy". So just leave off with the pointless details. Until you get the big picture you and your users are at a significant disadvantage when it comes to securing Website data.
StevenLockey
01/28/2015 03:38 pm
Its you who isn't paying attention I'm afraid. I already addressed your points. The only non-encrypted information is the one that doesn't have value. The wrapper doesn't have any useful content. The only way a false proxy could breach the SSL encryption is if it actually has a valid SSL certificate for the domain. Otherwise it can't decrpyt the information. That fact it isn't perfect, doesn't mean it isn't useful and prevents 99% of the easily interceptable information from been taken without extreme special measures. No it won't help if you've got a team of CIA/NSA trying to track you, they can find ways around it, but it makes most people not worth the effort to track.
Michael Martinez
01/28/2015 05:57 pm
You really did not address my points. You obviously don't understand the limitations of the technology or what hackers actually do to circumvent it. There is no such thing as "user privacy" on the Internet. There probably never will be. Everything you do is tracked by your ISP and by the Websites you visit AND by the advertisers whose code runs on those Websites AND by any analytics companies whose code is on those sites AND by anyone who purchases that data from your ISP, the Websites you visit, and/or the advertisers. It doesn't matter how good the encryption on the transmission is.
StevenLockey
01/29/2015 09:33 am
Yes I did, you are either just not understanding or deliberately ignoring it. 1> ISPs can ONLY get the IP of the site you are looking up, that is all the https protocol exposes to them because its all it needs to expose. IF you didn't have the name in your local DNS cache, they might also be able to get the domain as well, but that is all the information they have other than amount of data sent to that IP. 2> ISPs at least in the UK aren't allowed to sell user or usage data. However they wouldn't even have this data to use is the site is https. 3> The only tracking which will work with https is the tracking at the user end. Yes there is nothing https will do about that, but if you don't trust the website you are actually looking at, well, yes nothing will help you..... No-one ever claimed it would. 4> Most analytics data doesn't contain any personal information.Most modern browsers have an incognito mode to make sure of that. Did I say it was perfect and gave you absolute privacy? Nope, you'd need to use a VPN/proxy for that to disguise your IP and the IP of the sites you visited for that, of course even then the VPN/proxy will have a record. However to even begin to claim it doesn't provide improved security and privacy compared to http is pretty ignorant, either wilfully so or otherwise and not at all correct.
Michael Martinez
01/29/2015 02:49 pm
"ISPs can ONLY get the IP of the site you are looking up" Now you're starting to get a clue, but you're still not seeing the big picture. The ISPs know where you are going, and therefore you have no "privacy" in terms of hiding what you're looking at from THEIR end. But you have MUCH to learn about how passive tracking works. You are incredibly ignorant in these matters and really have no business debating privacy issues. Until you are better informed I suggest you just let it go.
StevenLockey
01/29/2015 04:19 pm
I know exactly how they work, I use them regularly. So you've admitted your statement at the start was nonsense then and that https does improve user privacy..... Under http both the ISP and any server in the middle and the destination can track every page you visit. Using https, only the server you are connecting to can tell what pages you are looking at, servers in the middle and your ISP can only tell the IP address, NOT which page you are viewing, when you are viewing it e.t.c. Thats a massive amount of privacy improvement. Nothing you can do can ever prevent the client server from knowing which page you are viewing, simply because if it doesn't know that, it wouldn't be able to send your computer the page...... I don't think you understand the different between the IP and URL. A url will tell you exactly what page you are looking at. A IP only tells them what server you are connecting to. It could be any page on any site on that server. It could be a server you are using as a proxy and are actually looking at a completely different site. They won't be able to tell. Thats the point and thats pretty much the definition of privacy. Passive tracking isn't even relevant to the discussion, it sounds like you are just bringing that up to try and obfuscate the fact you are completely wrong.
Michael Martinez
01/29/2015 11:39 pm
Okay, you have now proven you're an idiot as well as ignorant. You can stop humiliating yourself now because I am no mood to continue shooting fish in a barrel. That would just be inhumane.
StevenLockey
01/30/2015 09:13 am
Really. Then please show how basically been immune to man in the middle attacks, including from your ISP isn't an improvement in privacy.... Which you can't, hence why you've resorted to insults. All of any information you upload or download is encrypted on your computer and only decrypted on the site holding the SSL cert. That is a VAST privacy improvement over sending the data over the web unencrypted no matter what you say.
David Kley
01/30/2015 04:46 pm
I agree with the idea, but when people have sooooo many other issues with their SEO, did they really expect this to be a game-changer for their rankings? Get serious people. Most of the time, having a secure site is not the reason you don't rank, its a combination of poor titles, meta, keyword choices, page layouts, lack of conversion factors, slow page load time/slow server, poor content, no updated content, no sitemap, wrong urls or redirects, poorly handled redirects, etc and the list goes on.
Michael Martinez
01/30/2015 05:53 pm
Give it up.
StevenLockey
02/04/2015 04:58 pm
Admitting you are wrong? Or too stubborn to do that even when proven wrong.
Michael Martinez
02/04/2015 05:03 pm
Dude, you are really lost in a conversation that is above you.
StevenLockey
02/05/2015 09:19 am
You want to actually give a reason or is this now sheer desperation on your part? Your statement was pure BS and you've provided nothing to back it up.
Michael Martinez
02/05/2015 03:50 pm
Just reread the above discussion and then go find someone else to troll.
StevenLockey
02/05/2015 04:11 pm
Strange how you are the one throwing insults and refusing to explain why you think I'm wrong but you think I'm the one trolling. Sounds to me like if anyone is trolling, then its you. Shall I point out the wrong things you've said above just to prove you are talking BS? "The ISP can track your every movement because the envelopes for the packets are not encrypted. And the server decrypts the packets and records the requested URL in its log files." The URL isn't recorded in the wrapper, only the IP address is. Hence the ISP can't know what site you are looking at, only what server (which can host multiple sites or just be a proxy e.t.c.) "Man-in-the-Middle attacks still occur all the time. Google, Apple, and other big users of HTTPS were hit by MitM attacks last year." Other than the known and now fixed with the older TLS protocols, there have been no known MitM attacks working successfully. All the attacks last year were targeting http traffic, not https traffic. "Rogue proxies, compromised routers, and just fake Websites can be used to trick millions of people into making bad connections." Rogue proxies don't do anything against HTTPS, at worst they can cause your connection to not work at all but nothing more. Same with compromised routers as all the data is encrypted before it hits them. All they get is a destination IP address, a package number, a MAC number and a few other transmission details + the encrypted data which they can't do much with. Fake websites (phishing) are completely unrelated to http/https, but even then https is slightly safer as if they go to the https version of the fake site, it should throw a certification error or the user at least has a better chance to notice that the site doesn't have the normal HTTPS symbol in their browser. "Everything you do is tracked by your ISP" Not when using HTTPS as explained above. They only know what server you accessed, not what site on the server or what pages on the those sites, not what files you download e.t.c. So I would strongly suggest you actually learn how TCP/IP, TLS and HTTPS work before telling other people they don't know because its quite clear you are lacking a lot of understanding on the subject. Anybody who has actually worked in networking will know this. Clearly you don't.
Michael Martinez
02/05/2015 06:22 pm
Just stop. You have nothing interesting or helpful to say in this conversation.
StevenLockey
02/06/2015 09:17 am
Coming from you, that is saying something... Try not to spread too much more false information.
Michael Martinez
02/06/2015 04:26 pm
Seriously, just go find some other place to be a troll.
StevenLockey
02/06/2015 04:28 pm
Troll spreading false information calls me a troll. Amusing.
Michael Martinez
02/06/2015 04:45 pm
You obviously want the last word. Take it.
Nicolas Guerinet
02/27/2015 12:44 pm
It is easier to switch back to http because all the people already linked to the http version of your website, not the https version of your website. Nevertheless, don't forget to add in htaccess the redirect code to redirect https to http.
Vici0usX
05/17/2016 03:36 pm
You're also forgetting that most people who monetize with advertisements, not every network using https which limits some options. Unfortunate but a common issue I have.
Run99
08/03/2016 05:57 am
THANK YOU for the info. You said you can solve #3? Because I'm considering switching back to http for that very reason. We have an information site and decided to put all commerce on a separate site. Is there a way to pull in iframe embedded videos from http source to my https website??
Run99
08/03/2016 06:01 am
Hi Chuck. You said #3 is easily solved? Because I'm considering switching back to http for that very reason. We have an information site and decided to put all commerce on a separate site. Is there a way to pull in iframe embedded videos from http source to my https website? It seemed like you had some great ideas in this area
Cam
12/05/2016 08:06 pm
This is what my site is going through. We were always on the first page for local search. We switched to https and now we have dropped 2 pages back. I hope we can bounce back.
Aaa
01/25/2017 10:32 pm
After switching from http to https, we lost ranking completely! Many programmers just install a certificate to your website, but they have not clue about SEO matter. After many attempts also playing with www version, we definitely migrate our website back to http.
BobbyMBernstein
02/24/2017 01:23 pm
did you migrate back to http? How did it go? I'm looking to do the same thing.
Aaa
02/24/2017 10:54 pm
I hired programmer. Also you will need check everything ON PAGE SEO, all redirections and doubled pages. All you will need redirect 301 each page to http. I recovered my ranking.
Aaa
02/24/2017 10:55 pm
Try use some premium SEO tools, I have Raven. It will show you all problems you will need to fix.