Image Image Image Image Image

Scroll to Top

To Top




No Comments

In Blog

By Phil Murphy

Google now using HTTPS as a ranking factor

On 20, Aug 2014 | No Comments | In Blog, SEO | By Phil Murphy

Google is constantly creating new updates for their search algorithm and protocols, and one of the main shifts over the past few years has been towards secure search. One of the most notable updates is their mid-2013 update to the Penguin algorithm, where Google introduced secure Google search as part of the HTTPS Everywhere plan. HTTPS or Hypertext Transport Protocol Secure, is a security protocol that protects users by encrypting data sent to and from servers.

Essentially, after the update, anyone searching via Google is automatically using the site through an HTTPS connection. The impact affected both searches and website owners, because it changes how we see analytics in that secure search doesn’t allow us to see data such as the keywords that brought users to the search, which is better for the user but worse for the site.

Google’s HTTPS Everywhere is essentially their idea for ensuring that people browsing the web through Google go from secure search to secure websites, which is why they are now encouraging webmasters to use HTTPS rather than HTTP. To help ensure that webmasters use secure protocols, Google is now using HTTPS as part of their ranking algorithm, so it’s affecting SEO as well.

What is HTTPS
HTTPS is an alternative to HTTP and the S stands for security. You can make your domain into a ‘secure’ domain by purchasing an SSL certificate, which is available through a couple of different venues, and in different options such as single domain or multi-domain, as well as with multiple types of encryption. Most HTTPS certificates either use RSA cryptology for encryption or a random bit code with the host site using an RSA cryptograph on their servers. 2048-bit encryption is the standard web security and the best option until something stronger comes out.

Why Use HTTPS?
While not having an HTTPS currently affects your SEO, it also affects how users see you in search. For example, not having the security certificate means that users might get a warning when they visit your site. Google has been issuing notifications to webmasters without an HTTPS certificate for several months, explaining that search users might soon get a warning if your site is not secure. While not having a security certificate is not necessarily a bad thing if you just have a blog or a non-business page, most users do not realise that it doesn’t affect them until you use cookies or other information sharing technology. That means you could actually lose traffic by not having a security certificate.

In addition, HTTPS is now affecting your Google’s search algorithm, although it is not a top-ranking factor. According to Google’s Webmaster Trends Analysts, HTTPS is now affecting as much as 1 per cent of searches, which seems like a small number, but with the volume of Google’s daily searches holding at around 3.5 billion per day, that’s still a large number of affected searches. In addition, Google suggests that HTTPS may become a more important signal later.

Having a secure website means that all of the data processed on your website is encrypted, which is better for both you and for your customers. If you are selling anything, it is actually crucial to have a security certificate to protect your users credit card and bank account numbers. HTTPS both encrypts and authenticates data, so that it is impossible to intercept or change.

How To Implement HTTPS
If you’re ready to implement HTTPS into your website, there are a couple of things to consider first. For example, there are multiple options and several different types of certifications to consider, as well as several different sources.

• Single HTTPS (for one domain)
• Multi-Domain HTTPS (for multiple domains)
• Wildcard HTTPS (public certification for a secure domain with dynamic subdomains)

Google recommends using 2048-bit encryptions, which is the web standard for SSL security certificates. However, there are other options such as 1024, which you can research and choose from as needed for your site. Google recommended 2048-bit encryption because it is the strongest encryption, which makes it the best option.

You can probably purchase a certificate from your web host, or choose from one of a number of alternatives around the web. Depending on the CA (Certificate Authority) where you choose to purchase your security certificate, implementation will vary, but a high-end CA should help you install it if you aren’t great with tech. It is important to purchase your security certificate from a well-known or quality vendor if you want it to affect your SEO.

If you are already using HTTPS then you’ll want to check two things. First, Google’s new policy expects HTTPS security on your entire domain and on all of your subdomains rather than on traditionally protected pages such as payment pages. If not, then you should adjust your security protocol.

Second, you’ll also want to make sure that your web server supports HTTPS to ensure that you have secure protocols everywhere. You can use the free Qualys Web Tool to test the security of your site. Google also suggests that you avoid using the No.Index tag so that Google’s robots can crawl your HTTPS pages.

While not everyone is happy about having to make yet another adjustment for Google, secure web protocols actually benefit everyone in the form of reducing risks on the web. For example, if secure web were to become the norm, it would reduce identity theft and fraud, which is important, considering there were over 90,000 cases of both in Ireland alone in 2013.

HTTPS certificates are affordable, easy to buy, and easy to set up, which makes the new change a relatively simple one for most webmasters. Essentially, this is one Google update that won’t have you jumping through hoops to comply with.

Submit a Comment