For a number of months now we have believed that Search Engines will slowly start to prefer HTTPS/ SSL websites and just yesterday Google officially confirmed HTTPS as a ranking signal:

Security is a top priority for Google. We invest a lot in making sure that our services use industry-leading security, like strong HTTPS encryption by default. That means that people using Search, Gmail and Google Drive, for example, automatically have a secure connection to Google.

Beyond our own stuff, we’re also working to make the Internet safer more broadly. A big part of that is making sure that websites people access from Google are secure. For instance, we have created resources to help webmasters prevent and fix security breaches on their sites.

We want to go even further. At Google I/O a few months ago, we called for “HTTPS everywhere” on the web.

We’ve also seen more and more webmasters adopting HTTPS (also known as HTTP over TLS, or Transport Layer Security), on their website, which is encouraging.

For these reasons, over the past few months we’ve been running tests taking into account whether sites use secure, encrypted connections as a signal in our search ranking algorithms. We’ve seen positive results, so we’re starting to use HTTPS as a ranking signal. For now it’s only a very lightweight signal — affecting fewer than 1% of global queries, and carrying less weight than other signals such as high-quality content — while we give webmasters time to switch to HTTPS. But over time, we may decide to strengthen it, because we’d like to encourage all website owners to switch from HTTP to HTTPS to keep everyone safe on the web.

What is HTTPS and SSL?

HTTPS stands for Hypertext Transfer Protocol Secure.

SSL stands for Secure Socket Layer.

TLS stands for Transport Layer Security protocol.

HTTPS is simply a combination of HTTP and SSL. Essentially, as Forbes explains on this topic, HTTPS encrypts the data between your browser (ex. Chrome, Safari, Firefox) and the website. This protects the privacy of anything that you do on the website. The purpose of this is to make it harder to hackers to break into the connection and steal your information.

Is Your Site HTTPS/ SSL?

You can see whether a site is HTTPS or HTTP by looking up in your browser’s search bar and checking for the small “s”.

How to Deal With the New HTTPS Google Ranking Factor

Google promises to publish their “Best Practices” much like they do with other topics such as Quality Content and Site Speed, but for now they have given some basic tips:

  1. Decide the kind of certificate you need: single, multi-domain, or wildcard certificate
  2. Use 2048-bit key certificates
  3. Use relative URLs for resources that reside on the same secure domain
  4. Use protocol relative URLs for all other domains
  5. Check out the Site move article for more guidelines on how to change your website’s address
  6. Don’t block your HTTPS site from crawling using robots.txt
  7. Allow indexing of your pages by search engines where possible. Avoid the noindex robots meta tag.

What Does This New Google Ranking Factor Mean for You?

  • Remember that Google says this is a “lightweight” ranking factor and that there are other more important ranking factors such as quality content.
  • There are rumors that Google may increase the importance of HTTPs in order to further encourage all websites to adopt the secure comms protocol.
  • Consider switching to HTTPS, especially if you are in a competitive market where every small advantage will make a difference.
  • In light of recent stories in the news of billions of logins and passwords being stolen from compromised websites people are becoming more cautious about where they create accounts, give their credit cards and disclose other personal information. By Google making this a “ranking factor” thousands of SEO’s will prompt their clients to implement HTTPS. As Internet users become more accustomed to seeing HTTPS sites they will likely expect this of you as well.

Need a second opinion about moving your site to HTTPS? Give us a call at 1-888-262-6687 today or read more about our HTTPS Everywhere services.