What is HTTPS?
HTTPS stands for “Hypertext Transfer Protocol Secure.” It’s a process which verifies the authenticity of a website and encrypts information as it travels between the website and the user.
Regular old HTTP doesn’t encrypt any information exchanged between a website visitor and that site -- payment info, contact forms, tracking cookies -- it’s all in plain text. Like writing a letter on a postcard, anyone could see that message.
Using HTTPS is like sending your letter inside a sealed envelope -- and writing it in a language that only the person you’re sending the letter to can understand!
What is an SSL certificate?
Your SSL certificate is what tells the browser that your website is using a secure transfer protocol and is the site that it claims to be. You can think of it as a special, personalized seal on that envelope that lets the recipient know the letter is REALLY from you.
In the past, this has been more important for sites like banks, e-commerce sites, etc. that handle sensitive information. Recently, Google has been pushing for this to become the norm for all sites across the web.
Why is HTTPS/SSL important for ad earnings?
Recently, there have been some changes within the ad industry and loading your site over HTTP can affect the quality of ads that your readers see, and how your ads perform.
Google requires that sites load over HTTPS in order the use the SafeFrame feature in their ad technology. SafeFrame adds an array of features to the ads that protect your site and readers from any potential bad ads. If SafeFrame isn’t able to run on your ads, it can cause ad quality and performance issues.
HTTPS is important to keep your ads earning well.
Does AdThrive recommend switching to HTTPS?
Short answer: YES. We think it’s the smart move.
If your site isn’t being served over HTTPS, as of October 2017, Google will begin showing a “NOT SECURE” warning to readers visiting your site using the Google Chrome browser “when users enter text in a form on an HTTP page, and for all HTTP pages in Incognito mode”.
This is part of Google’s push to mark ALL pages served over HTTP as “not secure.” In April 2017, Google started by marking HTTP pages as “not secure” if they contained any password or credit card fields, and announced that they would roll out this second phase in October 2017.
HTTPS is going to be a baseline for sites across the web in the future, so we encourage you to go ahead and start that process now if you’ve been on the fence! There are many affordable and even free options and your host or developer should be able to do the work for you.
However, there are a few issues that can occur when you move your site to HTTPS, so we recommend checking these three things after you’ve made the switch:
- If you’re on Wordpress, make sure your AdThrive plugin is up to date. If you aren’t using the AdThrive plugin or are using a different CMS, ask us to check that you’re using the latest head code.
- Work with your host or developer to make sure there are no mixed content errors. Whynopadlock.com/ is a good resource for making sure that your site is fully on HTTPS.
- Send a quick message to your friendly AdThrive team so we can make sure everything looks good for your ads!
Is moving to HTTPS considered a URL change?
Moving from HTTP to HTTPS does not constitute a URL change with advertisers -- it’s just a simple change to the protocol used to access your domain. Advertisers get to know your site through your root URL, which is this part of your URL here:
How do I make the switch to HTTPS?
We recommend working closely with your host and your developer to set up the SSL certificate for your site, to make sure everything is set up correctly. Any quality host will offer free “Let’s Encrypt” SSL certificates, and most will help with the switch for free. The process involves server work, and doing it manually can be challenging or could even crash your site if something goes wrong.
Premium hosts usually have an automated process for moving to HTTPS -- they either do it for you or walk you through every step.
Budget hosts may be less helpful, requiring you to buy an SSL certificate and then have a developer handle setting it up for your site. This could be a great opportunity to switch to a higher-quality host in the process!
What should I keep in mind when switching to HTTPS?
Watch out for redirect loops
Redirecting the HTTP version of your URL to the HTTPS version is a necessary part of a successful transition. However, if the redirects aren’t done correctly, you can end up with an endless redirect from one version to the other and back, called a redirect loop. This can be avoided by having a reputable host and/or developer do the transition for you.
Fix mixed content errors
Mixed content errors mean some files are still being served over HTTP after the rest of your site has been converted to HTTPS.
Some examples of where we see potential issues include:
- CSS references
- Other ad networks
- Certain recipe plugins
We recommend working with your host or developer to make sure there are no mixed content errors on your site. Whynopadlock.com is a helpful resource for making sure all elements on your site are fully HTTPS.
Update your URL in Google Analytics / Search Console
After switching to HTTPS, you’ll want to update your URL in Google Analytics and Google Search Console. As a side benefit, you should start to be able to see more of the keywords people are using to find your site through Google!