Over the past few months many websites have completed the transition to HTTPS, including our local news websites. For those that haven’t, tsk tsk, people using Chrome now see an ugly “not secure” message on your site. I wrote about the practicalities of switching to HTTPS last month, so I won’t go into detail again here; just get to it, folks! What I want to tackle today is an oft overlooked consequence of the HTTPS transition for digital advertisers: how a publisher website’s transition to HTTPS may be impacting your ad campaign reporting.

A key element of digital marketing is analysis to insure you’re getting the greatest return on investment for your marketing budget. You need to know how your online ads and content marketing are performing across every channel, and typically you, as a savvy marketer, are not just going to rely on the site you are buying ad space from to report performance. You’re also going to cross reference that with your own analytics. Hopefully you’re using campaign tracking tags in your online advertising, but if not, you may have noticed a massive drop in referrals to your site from sites you advertise or publish on – at least as far as your own Google Analytics reports are concerned.

You Could Be Losing Referrer Data Because of HTTPS

A key data type available through Google Analytics is the referrers report. This report (found under Acquisition > All Traffic > Referrers) shows which sites your traffic is coming from. If you are advertising, or posting guest blog posts, developing backlinks, or other kinds of content marketing activities, you’re probably checking your referrers report to see how much activity your efforts are producing.

The problem is, if your site is not HTTPS, and the site your advertising or posting on switches to HTTPS, all that referrer data goes away.

This is because an HTTPS site will not pass referrer data to an HTTP site.

So instead of showing up in your referral report, all traffic to your HTTP site will get lumped into the “direct” channel grouping and you’ll have no way of knowing which of your digital ads are working or not.

What Can We Do To Make Sure Referrers Get Tracked?

If your site is still HTTP

If your site is still on HTTP and you want to be able to see where your traffic is coming from, your best bet is to switch to HTTPS. This isn’t only about seeing all your traffic, of course, but also about conforming with Google’s best practices, making the web safer, and insuring your customers aren’t met with a “not secure” message when they arrive at your site. While you’re in the process of switching, campaign tracking tags could be a stopgap, but only for links you are controlling directly, such as those in digital display ads.

If you are a publisher who has switched to HTTPS, consider the “meta referrer” tag

If you are a publisher who has switched to HTTPS recently, it may not have even occurred to you that your advertisers might be about to get a big surprise in the Google Analytics reports.

If you want to insure your advertisers who are still on HTTP can see the referral traffic you send them, you can implement the meta referrer tag on your site.

You can read the full W3C spec for this tag here. Basically, it allows the HTTPS page owner to specify how much or little referrer is passed from that page to other sites, regardless of whether they are HTTP or HTTPS.

Now this may not be a choice every publisher makes. Moz.com, the search engine optimization website, has an article in which they state they have set their referrer tag to “origin” which the say would strip out all but the base url and pass that as a referrer. According to the W3C, “The “origin” policy causes the origin of HTTPS referrers to be sent over the network as part of unencrypted HTTP requests.”

However, when I take a look at the Moz source code, I find this:.<meta name=”referrercontent=”unsafe-url“>

Presumably at some point they decided to open up the data flow even further, so that site owners could see the specific pages on the moz.com site referrals were flowing from and not just the domain name.

The “unsafe-url” will pass origins from secure to insecure environments. The W3C recommends that site owners “carefully consider the impact of setting such a policy for potentially sensitive documents.”

For reference, our team is taking what we feel is the safest route for our readers and using the “origin” attribute on our media web sites. We believe this still gives advertisers, marketers and SEO folks the information they need, especially when used in conjunction with UTM tags, without potentially compromising our readers’ browsing privacy.

Get A Free Web Health Checkup For Your Business Site

Just provide your website URL and we’ll send you a free report that shows how the web sees your site, and your brand. From reviews and ratings to website speed and mobile optimization, you’ll find plenty of great information to help improve your business’ online reputation. No commitment, no credit card required.