Security has always been a top priority for Google. Over the years, the company has invested a lot in ensuring that their services use industry leading security such as strong HTTPS encryption by default. This means that anyone using Google’s services like Search, Google Drive and Gmail automatically have a secure connection to Google’s servers. But beyond their products, Google’s ultimate aim is to make the internet a safer place for users, especially those using its search engine. On august 8th, 2014, Google announced that they will be using website security as a ranking signal. This means that websites that use HTTPS/SSL encryption are going to ranker higher in Google’s search engine. The signal is quite weak at the moment – affecting less than 1% of global queries – but Google did mention that the signal may be strengthened over time to give noncompliant websites time to switch to HTTPS/SSL security. The change is designed to promote online security by encouraging webmasters to implement SSL/TLS to encrypt website traffic. While most major websites had already implemented HTTPS/SSL following Edward Snowden’s revelations of NSA snooping, the standard practice has been to implement a secure connection only at the websites log in page. Making all web connections HTTPS secure by default is the most effective defence against man in the middle attacks thus protecting surfers’ privacy all the time.
What is HTTPS/SSL?
HTTPS (Hyper Text Transfer Protocol Secure) is the more advanced version of HTTP and is usually implemented on websites to keep ecommerce transactions secure. When a surfer visits a websites via HTTPS, the site uses a digital SSL (Secure Sockets Layer) certificate to create a secure connection between the server and the browser. Websites with valid SSL certificate can be easily identified if the address begins with https:// as opposed to http://. Moreover, web browsers such as Firefox and chrome always display a padlock icon to indicate that the site being visited has been secured in this manner. Up until Google’s announcement, HTTPS/SSL encryption had been used by just over ten percent of all websites.
What are the SEO implications of switching to HTTPS?
Having been rolled out recently as a ranking signal, its effect is still incredibly small, and has only had an impact on less than 1% of global search queries. As it stands, running your website via HTTPS is not going to push you to the top of Google’s search results for your keywords; there are literally hundreds of other things you should be doing that would yield better results in terms of improvements in search rankings. But industry experts expect HTTPS to grow in importance over the coming years, which means that it would stand you in good stead to prepare for the inevitable mass shift to HTTPS by preparing the migration early.
What if I already have HTTPS/SSL?
Most ecommerce websites already have HTTPS/SSL encryption enabled in their checkout and login pages to protect user privacy and secure online transactions. But it is important to note that any ranking boost from HHTPS/SSL only applies to SSL enabled web pages. To reap maximum benefits, you need to make your entire domain name, all the files, and URLs SSL secure. The pages then have to be tested to ensure that users don’t get any SSL certificate errors. All videos, images and third party content have to be adapted to ensure that the page doesn’t give a security warning when accessed from a remote browser. In fact, Google recommends using the Qualys Lab tool to test SSL pages and certificates.
What are the negatives?
Done right, there are no downsides that we can absolutely confirm in regards to switching from HTTPS to SSL. While many webmasters have previously expressed concern over the lower load speed of HTTPS sites VS https, the issue has been mostly negated by Google’s work on SPDY. Furthermore, Google Webmaster Tools has been improved to support HTTPS reporting. But to get best results, it is strongly recommended to seek advice from an experienced SEO consultant or developed before making the switch from HTTP to HTTPS.
We recommend playing a wait-see-approach to implementing SSL on your site. If you are not selling products through e-commerce on your website, we would not recommend changing your website to SSL yet. Ask yourself this “When was the last time that Google said something would give you a rankings boost? Even slight?” We can’t remember one. Now this could be viewed as total conspiracy stuff, but what if Google were to set their algorithm to have a higher quality standard for sites with SSL and your site was right on the threshold for quality before going to SSL? Could this mean that your site may give a signal to Google that you are doing SEO on your site and your site ends up penalized? We don’t really know at this point. This is the main reasons why we are going to be patient and test this on a few test sites before we start recommending this to any of our clients at Coronation Internet Marketing.