Switching your website to HTTPS sounds technical, but the process has become remarkably straightforward. In this transcript, Mark walks through exactly what HTTPS is, why Google gives ranking preference to secure sites, and the two-step method he used to convert LateNightIM.com using CloudFlare and the Really Simple SSL plugin.
What You'll Learn in This Episode
- What HTTPS and SSL mean in plain English
- Why Google rewards HTTPS sites with a ranking boost
- How to use CloudFlare for free SSL certificate provisioning
- How the Really Simple SSL plugin handles internal link migration
- What to update in Google Analytics and Search Console after switching
- Why Penguin 4.0 makes unnatural outbound links riskier than ever
Episode Summary
Mark opens with a listener question from Stephen Cross about embedding video in ConvertKit emails. The answer depends on your goals: if you want subscribers to discover your YouTube channel, send them directly to YouTube. If Vimeo is just video storage and your website is where you want people to spend time, embed the video on your site and link from the email to that page. The key is knowing what outcome you want from each email.
The internet marketing news segment covers Penguin 4.0, which Google confirmed is now a real-time algorithm that runs continuously in the background. Google also announced they would begin paying attention to unnatural outbound links. If your site has excessive do-follow links that look like paid placements, Google may reduce your page authority or issue manual spam penalties. For normal bloggers with a couple of outbound authority links per post, this is nothing to worry about. If you have taken money for links, you need to remove them or mark them as nofollow immediately.
The main segment explains HTTPS. When you visit a site like Amazon, the HTTPS and lock icon in your browser mean the connection between your browser and the server is encrypted using SSL (Secure Socket Layer). No one can eavesdrop on the data being transmitted. Google has stated they give ranking preference to HTTPS sites, so Mark decided to make the switch even though LateNightIM.com does not handle financial transactions directly.
Mark describes two approaches. First, check if your web host supports SSL directly and follow their instructions. Second, the method Mark used: sign up for CloudFlare, which provides a free SSL certificate through their reverse proxy service, and then install the Really Simple SSL plugin for WordPress. CloudFlare handles the certificate side, and the plugin redirects all HTTP requests to HTTPS. The entire process took about 10 minutes with no side effects.
After switching, update your site URL in Google Analytics from HTTP to HTTPS, and add your HTTPS site as a new property in Google Search Console. Mark observed a small bump in search traffic after making the switch, which aligns with what most people who have studied the impact have reported.
Key Takeaways
- HTTPS encrypts the connection between your visitor's browser and your server using SSL
- Google gives ranking preference to HTTPS sites regardless of whether they handle financial data
- CloudFlare provides free SSL certificates through their reverse proxy service
- The Really Simple SSL WordPress plugin handles internal link and resource migration automatically
- After switching, update Google Analytics and add an HTTPS property in Google Search Console
- Penguin 4.0 now penalizes sites with unnatural outbound do-follow links
- Normal bloggers with a few authority outbound links per post have nothing to worry about
What's Changed Since This Episode
Mark recorded this in November 2016 when HTTPS was still optional for many website owners. That is no longer the case.
HTTPS is now a minimum requirement, not a competitive advantage. Every major browser, including Chrome, Firefox, Safari, and Edge, displays a prominent “Not Secure” warning for any site loaded over plain HTTP. Running an HTTP site in 2026 tells visitors and Google that your site is not trustworthy.
Free SSL certificates are now standard. Let's Encrypt has become the default SSL provider for most hosting companies. Nearly every shared hosting plan includes free SSL certificate provisioning with automatic renewal. The CloudFlare workaround Mark describes is no longer necessary in most cases because your host handles SSL directly.
Most web hosts include HTTPS setup as a one-click feature. Companies like SiteGround, Cloudways, Hostinger, and managed WordPress hosts like Kinsta and WP Engine all provide automated SSL certificate installation.
HTTP/2 requires HTTPS. The modern web protocol HTTP/2, which provides significant performance improvements including multiplexing and header compression, only works over HTTPS connections. Switching to HTTPS actually makes your site faster by enabling HTTP/2.
Core Web Vitals benefit from HTTPS connections. Google's Core Web Vitals metrics are confirmed ranking signals, and HTTPS connections combined with HTTP/2 contribute to better scores, particularly Largest Contentful Paint.
The Really Simple SSL plugin Mark mentions is still available and useful for sites that have not yet migrated, though most new WordPress installations are set up with HTTPS from the start.
Resources Mentioned
- Really Simple SSL Plugin — WordPress plugin for HTTPS migration
- CloudFlare — CDN, security, and free SSL provider
- Let's Encrypt — free SSL certificate authority
- Google Search Console — monitor your site in Google search
- Nofollow link attribute — Google documentation
Related Episodes
If you found this episode helpful, you might also enjoy:
- LNIM114 Show Notes — Switching to HTTPS: SEO Guide for Your Website
- LNIM112 — Affiliate Website Hosting: Best Options Explained
- LNIM109 — 14 Critical SEO Tips For Bloggers
Listen and Subscribe
Listen to Late Night Internet Marketing on Apple Podcasts or subscribe at latenightim.com/internet-marketing-podcast/. Have a question for Mark? Call the digital recorder at 214-444-8655 or drop a comment below.
