1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

SSL for Google?

Discussion in 'Security' started by jrbiz, Jul 19, 2019.

  1. #1
    Hi,

    I have had an ecommerce site with an SSL certificate for many years because I have a shopping cart, etc.

    However, I want to put up a new website that will not be an ecommerce site so should not need an SSL certificate from that perspective. But I have some vague awareness that Google will not show results for a website that does not offer SSL, whether or not it is an ecommerce site? I see most sites, these days, with https in the url and I assume that it is some form of SSL? Is it the same type of expensive SSL certificate that I need to get for my ecommerce site, or is it a lesser, less expensive type of SSL?
    SEMrush
    Sorry, but I know very little about this. Thanks.
     
    Solved! View solution.
    jrbiz, Jul 19, 2019 IP
    SEMrush
  2. #2
    Mainly there are 3 types - domain, organization and extended validated SSLs. Read more here for ex https://www.namecheap.com/security/ssl-certificates/
    All hosts offer free domain validated SSLs - from LetsEncrypt or Comodo/cPanel - for Google they are very ok.
     
    pavv, Jul 19, 2019 IP
  3. jrbiz

    jrbiz Illustrious Member

    Messages:
    4,346
    Likes Received:
    1,640
    Best Answers:
    1
    Trophy Points:
    420
    #3
    Thank you! Very helpful!
     
    jrbiz, Jul 19, 2019 IP
    pavv likes this.
  4. mmerlinn

    mmerlinn Notable Member

    Messages:
    2,239
    Likes Received:
    282
    Best Answers:
    6
    Trophy Points:
    260
    #4
    Google WILL index a non-SSL site, HOWEVER over time keyword ranking WILL drop. NOT directly because of Google though.

    The real problem began a year ago in July when Google Chrome began BLOCKING all non-SSL sites. Since Chrome has over half of the browser market, that means little or no keyword boosting. When the links in the Google index are not followed, slowly but surely the site will drop in the SERPs eventually dropping low enough that no one can find the pages.

    How do I know this? HARD EXPERIENCE. I had no SSL on my site so last July my inquiries FELL OUT OF BED OVERNIGHT. I did not think much of it then as my sales over the last 40 years have ALWAYS tanked in July followed by a terrible August. When inquiries from my site did not pick up in Sep, Oct, Dec, etc I knew SOMETHING was wrong but was UNABLE to find the problem. Finally last May (10-1/2 months after Chrome began shafting me) I found the problem. Took me weeks to get SSL on my site. 24 hours after installing SSL, my inquiries went from 1 to 2 per week to 3 to 5 per DAY. What a RADICAL change!!!

    Why did I have no SSL on my site? First, because my site is an information site, not an eCommerce site. Secondly, Google Console said my site had NO SECURITY issues making me think that SSL was a waste of time.

    Another thing I noticed is that over the last year my average position in the SERPs had dropped from position 7 on the first page to position 9. If I had not put SSL on eventually I would have completely dropped off of the first page. My click throughs had also dropped from 12% to 10%.

    The first thing I did was buy SSL from GoDaddy and install it. DID NOT WORK OUT. I could NOT EVEN ACCESS MY OWN SITE. So, uninstalled it. Then GoDaddy said they could install LetsEncrypt on my site for $175 per year. That is over double what GoDaddy was charging for GoDaddy SSL. GoDaddy would not allow me to install LetsEncrypt myself. After weeks of searching and comparing I finally moved my site off GoDaddy to a host that offered free LetsEncrypt as part of their hosting plan. So far everything is working smoothly and more importantly my sales inquiries AND product sales have increased about 700% since I made the switch. Went from losing money to actually starting to dig myself out of the Google Chrome hole. Google Chrome damn near bankrupted me.

    Basically, for UNDER $200 I got 3 years of hosting, SSL, and everything else that I needed. Getting exactly the same thing from GoDaddy would have cost about $900. Upon renewal in three years my cost will double at my new host, but that is still less than HALF of GoDaddy's cost for the same thing. Too early to tell whether I switched to the right hosting company, but even if I didn't I now have time (and money) to move on if need be.

    One thing I did learn is that not all SSL certificates are equal. I only needed DV, however MOST DV certificates BLOCK ME FROM ACCESSING MY OWN SITE. The ONLY DV certificate that I could find that would not block me from my site was LetsEncrypt. One downside to using LetsEncrypt is that the certificate must be renewed EVERY 90 DAYS. That can be a pain because if it is not renewed, then the site is no longer SSL enabled. Most hosts have a hands off approach to LetsEncrypt, but there are a few that AUTOMATICALLY renew the certificate as part of the hosting plan. My new host does that for me.

    My suggestion is to use LetsEncrypt for DV since it works almost everywhere. If you need EV or OV, you cannot get it from LetsEncrypt. Any other certificate from any other provider will block a significant chunk of visitors, so unless you NEED to go elsewhere, just use LetsEncrypt.

    I also suggest that one use a hosting provider that allows LetsEncrypt, or better yet, AUTOMATICALLY renews the LetsEncrypt certificate for you. Not may do this yet, but as time goes on I suspect even a die-hard like GoDaddy will be forced to offer free automatically renewed LetsEncrypt certificates.

    Bottom line, DON'T buy an expensive certificate unless you need an EV or OV certificate. LetsEncrypt DV certificates do exactly the same thing as other expensive DV certificates, so no point in buying a DV certificate at all.
     
    mmerlinn, Jul 19, 2019 IP
    jrbiz likes this.
  5. JoeSpirit

    JoeSpirit Active Member

    Messages:
    662
    Likes Received:
    105
    Best Answers:
    3
    Trophy Points:
    68
    #5
    I route my sites through Cloudflare to secure them. Chrome doesn't block them but I don't really know enough about SSL at the moment to speak to the various certifications that mmerlinn mentions. The sites do get https:// and the method I use is no cost.
     
    JoeSpirit, Jul 20, 2019 IP
    jrbiz likes this.
  6. Ron Peters

    Ron Peters Peon

    Messages:
    28
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    3
    #6
    As of now Https is one of google's ranking factors. If you want your website to rank high on the SERP stick with SSL.
     
    Ron Peters, Aug 13, 2019 IP
  7. purdue512

    purdue512 Well-Known Member

    Messages:
    858
    Likes Received:
    9
    Best Answers:
    0
    Trophy Points:
    108
    #7
    Great post above. Very thorough... Agreed, you will get indexed WITHOUT https, but it is known to be a ranking factor. It's worth it.
     
    purdue512, Aug 13, 2019 IP