Optimal SSL Solution?
-
I am in the process of moving all of my client's websites to HTTPS. I have a client with an SSL certificate through GoDaddy for an e-commerce site, and my host WP Engine offers them for $50/year each. This has been fine, but now I am trying to move about a dozen sites over and I'm just trying to figure out the best, most ideal way possible to do this. I could just go through WP Engine and pay them for the certificates, but after doing research on different SSL providers, I've totally confused myself. I have seen a wide range of prices for certificates, but I can't tell if it's just BS or there is actual value. I'm talking about a $10 certificate vs a $250 certificate through Symantec.
Aside from that, I have found a few different types of certificates: single domain certificates, wild-card certificates for subdomains, and a multi-domain certificate. I would love to buy one multi-domain certificate that covers all of my websites - but I'm not sure what the pros and cons are of doing this, specifically in regards to SEO. Can anyone explain what the pros and cons are for these in my specific situation?
I'd love to hear any recommendations for my situation, and if there is something else I am missing that is important, please share!
-
By the way, I buy my certificates here: https://www.namecheap.com/
In my opinion from a visitor perspective, to move in and out of ssl during a visit is bad; they would notice something is changing and average visitor wouldn't understand. So I would go for a 100% https. If you google about it you will find a lot of testimonial saying moving everything from http to https didn't have much impact in terms of performance. In my opinion the bad name of https is all coming from ages ago when protocols and hardware were not very good at managing it.
-
I probably had at least 5 more phone calls with people about SSL yesterday after I posted here. Ends up WP Engine overestimated the time, and they think it'll add less than half a second which I can deal with. I also learned that the certificate won't really affect speed.
I decided to allow my clients to choose which route they want to go with, a $50 SV from GeoTrust, a $300 EV from GeoTrust, or a $1000 EV from Symantec. I explained to them the main difference between the $300 vs $1000 option is really just the name, and how visitors trust the brands.
My next dilemma is whether or not to go 100% HTTPS. I am leaning towards it - I just don't know if it's overkill or not. I'm assuming 100% is the long-term ideal route. If, for example, I have an e-mail opt-in in the footer or sidebar of all my pages, I guess it'd be best to secure all of the pages then. I'm assuming the only negative is a possible reduction in load time?
Thanks a lot for the awesome responses. I really feel like I'm getting a much clearer picture of this whole situation.
-
How much you pay for the certificate has nothing to do with performance.
Google doesn't want your website to load under .25 seconds, they never gave a specific number above which they penalize or below which they prize. The general consensus is a TTFB (time to first byte) below 1s is ok, below .5s is great.
Keepalive is standard for browsers and servers these days, page load under https will be affected only by the initial handshake.
I never used wpengine, I have no idea how https is going to impact a website hosted on their platform, they should know if they have other customers who moved.
In my experience with the websites I moved from http to https the performance didn't degrade at all, both TTFB and full page load stayed the same, TTFB under .4s and page load below 5s; but no one of these websites were using either WP or shared hosting.
-
Thank you very much for that response, and for the links. I just finished reading through that Moz article in it's entirety. Between that and your response, I agree that the EV sounds like the ideal certificate to go with. Now here are my new questions:
Now I want to get an EV Certificate and I want to go 100% HTTPS site-wide, as these seem to be the most ideal combination, especially long-term for SEO. I just finished a long phone call with WP Engine regarding this situation. While they resell RapidSSL Certificates, they do not offer EVs. I can still buy one from someone else and bring it over though. When I told him I want to go 100% HTTPS, they told me they can help me but it will add an increased load time because the site needs to make the handshake everytime a page loads. Right now my site loads at .1 seconds (WP Engine rocks!) and I don't really care if it doubles with 100% HTTPS. However, he told me it will add 1-2 seconds. That sounds like a lot to me. We went back and forth on this alot, but he stuck to it that generally it will add 1-2 seconds.
I noticed that Symantec sells $1500/yr SSL Certificates. The higher up you go in the tiers, the faster the speed, at least they claim. In this case, does this mean if I want my site to still load at .1 seconds with 100% HTTPS I have to pay $1500/yr? If so, that leads me to this question: how is it possible that Google wants your site to load under .25 seconds, yet they want your site to be 100% HTTPS? I mean, if I have to pay $1500, it is what it is, and that will definitely separate the big boys from everyone else - and my clients might be fine with that. But something else is leading me to believe that something in this overall equation is not right - I must be missing something or have something wrong here.
-
10$ vs 250$, the only differences are the brand selling them and their customer service, the brand theoretically affect conversions, if you believe your visitors are going to check the certificate authority and trust one more than another, I don't and I wouldn't go for the more expensive.
But I would go for the EV certificates, just because the browsers will show the website company name just before the url, and I have the impression that does instill trust. But it's just my opinion and googling around you can find opposite views on the subject.
single domain, wildcard or multi-domain, again from a technical perspective are all the same; multi-domain sounds very attractive but do have few drawbacks, first whenever a user check the certificate only one company name and one domain is listed, for all domains the details will be the same; furthermore (and more important) to use UCC certificates you also need a webserver supporting SNI, not all web servers do, and last but not least you need visitors using browsers supporting SNI (which rules out anyone still using windows XP and anyone with old browser versions)
with regard to SEO, are all the same, it's not the certificate by itself which matters, but to follow the right procedure when moving from non-ssl to ssl: http://moz.com/blog/seo-tips-https-ssl
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
How do you optimize a blog post for SEO after the RankBrain?
Hi Guys Just curious to hear what you guys do to rank blog posts in the top in Google especially onsite, after the RankBrain update? Do you still use SEO tools to optimize this or are the SEO tools outdated for this? If yes which tools do you use to get success with? Cheers John
Algorithm Updates | | igniterman751 -
Different versions of keywords. Which one to optimize?
For some keywords, we have slightly different versions available. For example: people search for 'webhosting', but also for 'web hosting'. Same for 'cloudserver' and 'cloud server'. I used google trends to compare the keywords and find the more popular one. But in different countries, different keywords are searched more often. So we can't really optimize for the BEST version of the keyword, since there is no real BEST version. What would you suggest to do? We could also just develop pages for both keywords, but that could end in duplicated content. Would be an option to use canonicalization then, but this would not really improve ranking for one of the versions. I'm very confused. If anyone has a good idea on how to optimize here, please let me know. Thank you in advance! Best regards
Algorithm Updates | | hosttech_ch
Klemens1 -
What would be the right website hosting solution for a global brand with multiple TLDs?
Hello everyone, we are preparing a global we strategy for our customer, who wants to focus on many local markets. They are present with their products in over 60 countries on all continents and they can cover 7 languages easily. They also own the TLDs in each main country. Our priority is to be not only found in Google, but also in all major local search engines, which are popular in each country. Our main concerns with this strategy are: How do we host the website locally for each country, so local search engines recognize the website as a local website? Also, is it that important? Is cloud hosting the right solution for this? We would have different server locations for each TLD/language. Surrounding countries would at least get a fast connection and download rate, if the server is located nearby. If yes, can you recommend any companies doing cloud hosting? Is it also wise to additionally redirect the user to the local server based on his/her location? Is there a risk of duplicate content or being recognized as a link spamming site (for having links to each other from different domains of the same site, the content will be in different languages, though) just by using this solution? We would, of course, keep the content separated by domain to avoid duplicate content. Any comments and ideas would be highly appreciated. Thanks, Wojtek
Algorithm Updates | | webeeline0 -
New visual search results - what is this and how do we optimize for it?
Hi all, This morning as I am doing some keyword research for a new client, I typed in the phrase and Google returned both the listings as well as a vertical photo bar. I've never seen this before. Is this new? Is it common and I've just missed it? I presume this means we need to really have our photo alt tags 'ducks in a row' but I'm also wondering if this points to an increased importance on visual content? Image attached. Thanks, YINd14d
Algorithm Updates | | EricOliver0 -
Optimizing Main URL with Various Relevant Keywords
Hi, I am new to working with SEO on my website and making attempts to create rich content to allow me to rank above and near competitors of our very niche market for LED microlights. I understand the concept now of on-page optimization. I have found key words that are perfect for optimizing specific products. I am working on structuring my website with enriching content that specific key words will direct organic search traffic to products. However, what techniques do I use to drive traffic to my main domain with a keyword that is relevant to my site but no specific products? For example, the phrase "light show gloves" or "light show" is a keyword relevant to my site in general, so I would like my main URL to show in search results when these phrases are searched. What can I do to optimize my site for such phrases? Do I merely use them in related categories and product content? And if yes, how can I ensure I have optimized my domain fully for various relevant keywords and compare to competitors? Thanks!
Algorithm Updates | | Rofldew0 -
Title Tags and Over Optimization Penalty
In the past, it was always a good thing to put your most important keyword or phrase at the beginning of the Title Tag with the company name at the end. Now according to the over optimization penalty in the Whiteboard Friday video, it seems to be better to be more human and put the company name at the beginning with the keyword or phrase following. Am I understanding this correctly?
Algorithm Updates | | hfranz0 -
HTML5: What changes in tag optimization?
Can anyone shad som light on on page optimization for HTML5? Does google already taking the new section tag in consideration? How about heading? I read somewhere that now Google can digest multiple H1 heading. Is that true and is that recomended? Thanks a lot
Algorithm Updates | | dadaseo0
