SSL/HTTPS

What is HTTPS?

HTTPS appears as the "padlock" icon in your browser address bar. It encrypts the communication channel, ensuring that nobody (like a hacker in a coffee shop or an ISP) can intercept passwords, credit card numbers, or browsing history.

Why it Matters for SEO

1. A Confirmed Ranking Factor

Since 2014, Google has explicitly stated that HTTPS is a lightweight ranking signal. Today, it is virtually a requirement. You will struggle to rank on Page 1 without it.

2. The "Not Secure" Badge of Shame

If you don't have HTTPS, Chrome labels your site "Not Secure" in the address bar. This destroys user trust immediately, causing high bounce rates and zero conversions.

3. Required for Modern Features

Many modern web capabilities (like Geolocation, Service Workers for PWA, and HTTP/2 for speed) require HTTPS to function. You cannot build a modern, fast site on HTTP.

How to Implement

1. Get an SSL Certificate: Most hosts (Vercel, Netlify, SiteGround) provide "Let's Encrypt" certificates for free.
1. Force HTTPS: Ensure all HTTP traffic redirects to HTTPS (via 301 redirect or HSTS header).
1. Fix Mixed Content: Ensure every image, script, and stylesheet on your page loads via https://. If you load an image via http:// on a secure page, the green padlock will disappear.

Common Pitfalls

Mixed Content Errors

The Issue: You have HTTPS enabled, but your logo is hardcoded as http://mysite.com/logo.png.

The Result: The browser blocks the image or shows a security warning.

The Fix: Update all database links and code references to use relative paths (/logo.png) or https://.

Expired Certificates

The Issue: Forgetting to renew your SSL cert.

The Result: Users see a giant red "YOUR CONNECTION IS NOT PRIVATE" warning page. Most users will flee immediately.

The Fix: Use auto-renewing certificates (like Let's Encrypt).