3 Ways to Improve Site Security, Usability & Searchability

Back to SEO Blog
Key Points
  • Site security, usability, and searchability are sometimes difficult to balance, but there are some ways to tackle all three together.
  • HTTPS secures your site while giving users confidence that their data is secure and sending a positive ranking signal.
  • Subdirectories help avoid potential cross-domain attacks while providing easy user navigation and search-engine crawling.
  • Avoiding the use of third-party plugins is more secure, lets users take advantage of more modern web standards, and makes it easier for search engines to read.

When designing a website, there are a lot of different aspects to consider. Some of the most important considerations are:

  • Security – Protecting data and systems from malicious visitors
  • Usability – Making sure users can easily access site features
  • Searchability – Making sure automated crawlers like Google can navigate and “read” the site

Well-crafted websites will effectively implement features that are simultaneously easy to use, secure, and allow search bots to spider their site seamlessly.

Of course, that’s not always easy to do. Sometimes usability and security don’t mesh together so well, or perhaps there are features users like that automated search programs don’t know what to do with.

Nonetheless, there are ways to optimize certain portions of your website for each of these considerations. We’ve come up with three below, but there certainly may be many more.

Use HTTPS

Even though we’ve been able to secure communications between browsers and websites for some time now, there are still a great number of sites out there that pass information “in the clear” for anyone to see. But few people realize that implementing HTTPS helps usability and searchability as well.

Security: The whole point of HTTPS is security, so this aspect fits easily. Projects like Let’s Encrypt are trying to make the process of securing web communications even more accessible than it already is.

Usability: As HTTPS has become more present, awareness of it has also become more conspicuous. Most, if not all, browsers now identify secure websites with a lock icon or some other visible indication of its protected status. This small but important indication can give users assurance that their transactions, personal information, and other data is safe.

Searchability: A little more than a year ago, Google announced that HTTPS is a ranking signal, albeit a small one. As Moz has noted in its most recent search ranking correlations, compiled earlier this year, implementing HTTPS may act as a “tiebreaker” that could give a site just a little extra boost to rank it above competitors.

Set up Subdirectories, not Subdomains

The subdirectory vs. subdomain debate still is one of the biggest arguments in the realm of search optimization. However, arguments for or against one or the other seem to ignore aspects of security and usability. Taking all three into account, the case for subdirectories seems pretty clear.

Security: When it comes to using subdomains, sites can quickly develop security problems by way of cookies. It might be preferable to allow customers who log into the main site to stay logged in when navigating to different subdomains as well; however, allowing cookies across the entire domain can allow hackers to develop cross-domain attacks that aren’t otherwise possible. Also, combined with the HTTPS item above, subdirectories are covered under the main site’s SSL certificate, while subdomains each require their own SSL certificate, which is more costly and complex to manage and more prone to errors.

Usability: Subdomains can make navigation of your site more complex for users, in part because because it opens up questions about where site features are located – such as whether the blog is located at blog.mywebsite.com or at mywebsite.com/blog/. Avoiding the use of subdomains altogether makes things easier for visitors to find. Also, with the cookie problems noted above, navigating between subdomains requires either setting up multiple logins and repetitive preference tracking code or sacrificing security … neither of which is good for users.

Searchability: Despite what Matt Cutts said a few years ago – that subfolders and subdomains are roughly equivalent in Google’s eyes – it’s pretty clear that using subdirectories is the better option from a search perspective. Although search engines can sometimes recognize when subdomain content applies to the main site, empirical evidence shows that moving content from a subdomain to a subdirectory often improves ranking for both main terms and long-tail queries, and that evidence has born out in our own recommendations to clients.

However, I should note that even though subdirectories are usually better than subdomains in these three cases, there still may be legitimate reasons to use subdomains on a website. The most important thing is to be aware of the issues around subdomains, and whenever possible, use a subdirectory structure instead.

Avoid Third-Party Scripts and Plugins

In the dark ages of the web, website owners forced users to install plugins or turn on features with potential security problems in order to use their site. Newer web technologies and scripts tend to be safer and more robust, but there are still a lot of ways that websites could optimize their dynamic content.

Security: From a security perspective, plugins and scripts have long been a mixed blessing. While they provide unprecedented functionality, they are also something of a Pandora’s box that can give hackers access to systems through third-party vulnerabilities. Recognition of security problems in plugins and scripts has led browsers like Google Chrome to stop supporting certain types of plugins. Similarly, third-party scripts can cause security problems, especially if the third party’s site is hacked and the script replaced with malicious code that gets propagated across the web.

Usability: With the advent of HTML5 and dynamic CSS, many features previously provided by proprietary scripts and plugins are now available natively (and more securely) in browsers using open standards. Everything from videos to drop-down menus to animations and image galleries can be incorporated into a website in a more user-friendly way.

Searchability: Another downfall of scripts and plugins is that they are difficult for search engines to understand. Using HTML5 lets Google and others more easily determine the content and structure of interactive content. It may even allow more opportunities to incorporate search optimization, such as by linking transcripts and translations to audio and video.

Conclusion

Of course, there are other ways to improve security, usability and searchability, and there are plenty of other considerations and decisions to be made when designing or redesigning your website. But if you’re looking for ways to improve all three aspects at once, these are a few of the ways you can do so.