{ "version" : "https://jsonfeed.org/version/1", "content" : "news", "type" : "single", "title" : "Why Switching to HTTPS Will Make Your Analytics Better |Digital.gov", "description": "Why Switching to HTTPS Will Make Your Analytics Better", "home_page_url" : "/preview/gsa/digitalgov.gov/snyk-fix-08ac0319715b31f28b1a7897cd249f39/","feed_url" : "/preview/gsa/digitalgov.gov/snyk-fix-08ac0319715b31f28b1a7897cd249f39/2016/06/06/why-switching-to-https-will-make-your-analytics-better/index.json","item" : [ {"title" :"Why Switching to HTTPS Will Make Your Analytics Better","summary" : "Federal agencies are required to make all federal websites accessible through a secure, HTTPS-only connection by the end of the 2016 calendar year. What you might not have known is that the switch to HTTPS will improve your ability to track which sites are directing web traffic to yours. Recently, a federal colleague reached out","date" : "2016-06-06T11:00:14-04:00","date_modified" : "2024-07-10T08:44:18-04:00","authors" : {"tlowden" : "Tim Lowden"},"topics" : { "analytics" : "Analytics", "product-and-project-management" : "Product and project management", "security" : "Security" },"branch" : "snyk-fix-08ac0319715b31f28b1a7897cd249f39", "filename" :"2016-06-06-why-switching-to-https-will-make-your-analytics-better.md", "filepath" :"news/2016/06/2016-06-06-why-switching-to-https-will-make-your-analytics-better.md", "filepathURL" :"https://github.com/GSA/digitalgov.gov/blob/snyk-fix-08ac0319715b31f28b1a7897cd249f39/content/news/2016/06/2016-06-06-why-switching-to-https-will-make-your-analytics-better.md", "editpathURL" :"https://github.com/GSA/digitalgov.gov/edit/snyk-fix-08ac0319715b31f28b1a7897cd249f39/content/news/2016/06/2016-06-06-why-switching-to-https-will-make-your-analytics-better.md","slug" : "why-switching-to-https-will-make-your-analytics-better","url" : "/preview/gsa/digitalgov.gov/snyk-fix-08ac0319715b31f28b1a7897cd249f39/2016/06/06/why-switching-to-https-will-make-your-analytics-better/","content" :"\u003cp\u003eFederal agencies are required to make all federal websites accessible through a \u003ca href=\"https://https.cio.gov/\" target=\"_blank\"\u003esecure, HTTPS-only connection\u003c/a\u003e by the end of the 2016 calendar year. What you might not have known is that the switch to HTTPS will improve your ability to track which sites are directing web traffic to yours. \u003cdiv class=\"image\"\u003e\n \u003cimg\n src=\"https://s3.amazonaws.com/digitalgov/_legacy-img/2016/06/600-x-425-Https-internet-security-concept-doguhakan-iStock-Thinkstock-497418668.jpg\"\n alt=\"Https internet security concept\"/\u003e\u003c/div\u003e\n\n\u003c/p\u003e\n\u003cp\u003eRecently, a federal colleague reached out to a \u003ca href=\"/preview/gsa/digitalgov.gov/snyk-fix-08ac0319715b31f28b1a7897cd249f39/communities/\"\u003edigital community\u003c/a\u003e about a huge jump in referrals from \u003ca href=\"https://wikipedia.org\" target=\"_blank\"\u003eWikipedia.org\u003c/a\u003e to a federal site in late February. In addition to the sheer volume, the referrals were attributed to one page (\u003ca href=\"http://en.wikipedia.org\" target=\"_blank\"\u003een.wikipedia.org\u003c/a\u003e) only, and not from any other, more specific pages. The huge amount of sudden referral traffic and the lack of specificity of the referring pages were mysteries she was hoping to solve.\u003c/p\u003e\n\u003cp\u003eLuckily, a bunch of helpful community members were able to quickly assess the problem. The crux of the issue: \u003cstrong\u003eWhen a visitor travels from an HTTPS site to an HTTP site via a link, the referrer is stripped, and Google Analytics reports the traffic as “direct”. But, a journey from an HTTPS site to another HTTPS site WILL carry the referral data.\u003c/strong\u003e I wrote previously about the \u003ca href=\"/preview/gsa/digitalgov.gov/snyk-fix-08ac0319715b31f28b1a7897cd249f39/2015/04/07/why-your-social-traffic-looks-low-in-analytics-tools/\"\u003eloss of referrer when using certain link-shorteners\u003c/a\u003e, and both the link shortener and the HTTP referral issues contribute to what is generally referred to as “dark traffic.” In essence, “dark traffic” are visits for which the origin can’t be determined, and Google Analytics funnels all its dark traffic into the “direct” category of acquisition.\u003c/p\u003e\n\u003cp\u003eIn this particular case, there was one more wrinkle in the story. Wikipedia had actually \u003ca href=\"http://blog.wikimedia.org/2015/06/12/securing-wikimedia-sites-with-https/\" target=\"_blank\"\u003emoved from HTTP to HTTPS\u003c/a\u003e in June 2015. At that point, almost all of the referral data from \u003ca href=\"http://wikipedia.org\" target=\"_blank\"\u003ewikipedia.org\u003c/a\u003e to HTTP sites disappeared. But in February 2016, Wikipedia implemented something called a “\u003ca href=\"https://w3c.github.io/webappsec-referrer-policy/\" target=\"_blank\"\u003ereferrer policy\u003c/a\u003e” that allowed them to set a blanket referral source for all outbound traffic, even to HTTP sites. They chose to set the referrer as the Wikipedia domain (with a language signifier), rather than the specific page that linked to a different site. So actual referrals that had for months been tracked as “direct” all of the sudden appeared as referrals again, but now with a single source of \u003ca href=\"http://en.wikipedia.org\" target=\"_blank\"\u003een.wikipedia.org\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://s3.amazonaws.com/digitalgov/_legacy-img/2016/06/Screen-Shot-2016-06-01-at-11.42.41-AM.png\"\u003e\u003cdiv class=\"image\"\u003e\n \u003cimg\n src=\"https://s3.amazonaws.com/digitalgov/_legacy-img/2016/06/600-x-105-Screen-Shot-2016-06-01-at-11.42.41-AM.jpg\"\n alt=\"A screenshot of referrals from wikipedia.org to an agency’s websites. After almost flatlining in June 2015 when Wikipedia moved to HTTPS, they reappeared in February 2016 due to Wikipedia’s newly set referrer policy.\"/\u003e\u003c/div\u003e\n\n\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eUnfortunately, it is not yet common practice across the web for HTTPS sites to take advantage of the referrer policy like Wikipedia did. That means if your site is still HTTP, a potentially very large percentage of referral traffic to your site is getting lost in the “direct” visits pool. And since the referral policy is controlled by the site referring traffic to yours, there’s nothing in your control to remedy the problem.\u003c/p\u003e\n\u003cp\u003eExcept, of course, migrating to HTTPS.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eTim Lowden is the Acting Program Manager for the \u003ca href=\"https://digital.gov/guides/dap/\"\u003eDigital Analytics Program\u003c/a\u003e (DAP). For more information about DAP or to become a DAP participating agency, please \u003ca href=\"mailto:dap@support.digitalgov.gov\"\u003econtact DAP via email\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eWondering if your agency has made the switch to HTTPS? Check out \u003ca href=\"https://pulse.cio.gov/\"\u003ePulse\u003c/a\u003e—\u003ca href=\"/preview/gsa/digitalgov.gov/snyk-fix-08ac0319715b31f28b1a7897cd249f39/2015/06/03/taking-the-pulse-of-the-federal-governments-web-presence/\"\u003ea lightweight dashboard that monitors the health of the federal government’s web presence\u003c/a\u003e by \u003ca href=\"https://pulse.cio.gov/analytics/domains/\"\u003emeasuring analytics\u003c/a\u003e (federal executive branch domains participating in DAP) and \u003ca href=\"https://pulse.cio.gov/https/domains/\"\u003eHTTPS deployment\u003c/a\u003e (all federal domains). For more information, watch \u003ca href=\"/preview/gsa/digitalgov.gov/snyk-fix-08ac0319715b31f28b1a7897cd249f39/digitalgov-university/\"\u003eDigitalGov University\u003c/a\u003e (DGU) webinars, \u003ca href=\"https://www.youtube.com/watch?v=d2GmcPYWm5k\"\u003eAn Introduction to HTTPS (Beginner)\u003c/a\u003e and \u003ca href=\"https://www.youtube.com/watch?v=rnM2qAfEG-M\"\u003eAn Introduction to HTTPS Part II: Implementing HTTPS\u003c/a\u003e, or \u003ca href=\"/preview/gsa/digitalgov.gov/snyk-fix-08ac0319715b31f28b1a7897cd249f39/topics/security/\"\u003eread DigitalGov’s recent posts on HTTPS\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n"} ] }