Switched To HTTPS- Any SEO value to keeping CSP

Forum Moderators: Robert Charlton & goodroi

Message Too Old, No Replies

Switched To HTTPS- Any SEO value to keeping CSP

Pjman

1:59 pm on Oct 3, 2017 (gmt 0)

I converted my 2 big sites to HTTPS about 10 days ago. So far super positive results. Maybe a 10% bump up. Doubt that the HTTPS conversion was a primary factor in the bump up, but I was worried rankings would tank and that is not so.

As part of the conversion I instituted a CSP (Content Security Policy) for both sites. I used a third-party service that catches all reports of HTTPS errors. Over the last 10 days I completely fixed any errors reported. Once you have those errors fixed, is there any reason to keep the CSP?

I'm of the school of "Any unnecessary thing you make a user's browser do, hurts the user experience.".

aristotle

4:31 pm on Oct 3, 2017 (gmt 0)

Maybe a 10% bump up

Is that for total traffic or google-only traffic?

Pjman

11:20 pm on Oct 3, 2017 (gmt 0)

10% bump on Search traffic referrals. Google up 12% on switching to HTTPS, noticed it about 3-days after and has stayed steady at that.

keyplyr

11:29 pm on Oct 3, 2017 (gmt 0)

Good work Pjman.

Yes, using a CSP protects you from cross-site exploits and remote script injection. A CSP is probably the single most important security measure you can use in defense of you web properties.

Definitely keep that header in place. It works in conjunction with HTTPS.

I also see traffic increases across almost all sites I've recently switched to HTTPS, especially after the recent update.

aristotle

12:49 am on Oct 4, 2017 (gmt 0)

10% bump on Search traffic referrals. Google up 12% on switching to HTTPS

That's probably just a reporting change. The newest browsers don't provide some referal information to http sites, and as a result it's reported as "direct" traffic even though it actually came from google. But when you switch to https, it's reported correctly as coming from google.

Pjman

11:46 am on Oct 4, 2017 (gmt 0)

@keyplyr Thanks for the heads up. I'll keep it, less work for me anyway.

@aristotle I would normally agree with you about it's just a reporting difference if I was just tracking via Google Analytics, but I am seeing an 8-10% increase in ad fires and actual network traffic that I monitor via my hosting console.

aristotle

3:56 pm on Oct 4, 2017 (gmt 0)

Pjman -- What about total traffic from all sources? Has it changed?

For example, if some of the traffic that was previously reported as "direct" before the switch to https is now reported as google and bing traffic, then one category should go down by about the same amount as the other goes up. Although traffic from backlinks on other https sites will also no longer be reported as "direct", so this could also have an effect.

So the total traffic from all sources might be the best measure.

Pjman

4:21 pm on Oct 4, 2017 (gmt 0)

@aristotle

Great point!

I'll have to dig deeper before I high-five myself.

aristotle

7:04 pm on Oct 4, 2017 (gmt 0)

Pjman -- I'm pretty sure that Google Search Console is the most accurate source of information on referals from google search. It gets its information from internal google databases of search activity. There's actually a lot of useful information about search terms, average search position, impressions, etc. The only problem is that it lags a few days behind. Also, it won't tell you anything about non-google traffic.