This week we learned about some potential issues Google is having with crawling HTTPS sites, an important update has been made to Webmaster Tools, and a security flaw was found (and quickly patched) in an industry leading WordPress plugin.
More details on each of these top stories in this week’s SEO news roundup.
Latest SEO News – Week Ending 3/13/2015
WordPress Plugin Scare
This past week a critical security flaw was found in popular WordPress plugin SEO by Yoast. This could have been quite troublesome, if not for the fact that it was immediately resolved thanks to the quick reaction time by Yoast.
The only reason we’re even mentioning it is to clear the air about any confusions that may have been caused if you read any part of the story this past week. When the news initially broke, it was up to each individual site owner to ensure the plugin was updated in order to fix the problem.
However, the issue was found to be so widespread (in the tens of millions of users), that WordPress pushed out a forced automatic update of the SEO by Yoast plugin to all sites that have it installed.
What that means is, you no longer have to do anything because everything has been fixed for you. But this does draw attention to just how important it is to keep WordPress plugins updated for the sake of your site’s security.
If you’d like to ensure that all plugin updates are performed automatically, you can specify that in your settings. Just go to the following menus on the left sidebar: Manage > Plugins & Themes > Auto Updates — then make sure auto updates are turned on.
You’ll also want to make sure that you have an automatic backup solution in place, as that is equally as important! There are many popular backup plugins for WordPress to choose from. Just make sure you use a popular, well-reviewed one.
Tell Google About Your HTTPS URLs
If at any point during your site’s history you migrated from a regular connection (HTTP) to a secure connection (HTTPS), you’re going to have to tell Google where to find all your new HTTPS URLs in order for them to be crawled.
According to Google, over 80% of HTTPS URLs that are eligible for indexing are not being indexed because the search giant isn’t aware of them.
To illustrate how large a problem this is becoming, Google Webmaster Trends Analyst, Garry Illyes, posted on Google+ this past week saying: “please tell search engines about your HTTPS URLs!”
What’s the big deal with HTTPS anyway? In August of last year, Google announced it would grant a slight ranking boost to HTTPS URLs, and since then site owners have been migrating their sites to more secure connections.
The problem is that your HTTP URLs will not redirect to HTTPS until Google is notified about them. Instead, what most site owners are doing is migrating to HTTPS and still using the HTTP URLs in sitemap files, and in the rel=canonical elements. HTTPS URLS have to be used everywhere your HTTP URLs are present so Google knows how to find and index them.
Google Webmaster Tools Shows Blocked Site Resources
Do you know what your site looks like through Googlebot’s eyes? You may think it looks just like it does to anyone else, but Google may be getting an entirely different picture of your site that you didn’t intend.
Google Webmaster Tools will now notify you when it detects blocked resources on your site, and provide you when the necessary steps to fix the problem. If you wanted to manually check when your site looks like to Google, you can always run it through the Fetch and Render tool.
Wrapping It Up
A WordPress security scare reminded us all about the importance of keeping our plugins updated, we were emphatically reminded that HTTPS URLs need to be pointed out to Google, and Webmaster Tools has become even more useful to site owners.
If you had any questions or concerns about this past week’s developments, please let me know in the comments section and I’ll be sure to respond.