In an effort to promote a more secure web and better reflect relevant search results, Google recently announced that it would now take into consideration website encryption, also known as HTTPS, when ranking sites on their search engine results pages (SERPs).
It’s a move that should wake up web developers who have procrastinated over their implementation of security measures, or site owners who may have wondered if their sites were “important enough” to need encryption.
According to Google, HTTPS will initially be a minor search rank signal, affecting less than 1 percent of all queries around the world. So, that means it won’t immediately have as immediate an impact as other ranking factors—like the quality of content in a web page for instance—as Google wants to give webmasters enough time to switch over to HTTPS.
Still, that doesn’t mean you can drag your feet with your site’s security, as encryption is bound to have a major effect on search ranking, what with Google being a staunch advocate of website security. It’s best to start as early as possible, and with the potential bonus of higher search rankings, there’s no better time than now.
To facilitate the switch to a more secure web, the company is looking to publish a series of guidelines around HTTPS, helping website developers better understand what needs to be done in properly encrypting their websites, as well as how to avoid common mistakes. Google adds that these tips will include best practices on things ranging from the type of certification needed, the proper use of relative URLs for resources under the same secure domain, allowing site indexing, and many more.
Furthermore, Google recommends website developers to test their HTTPS-encrypted websites through the Qualys Lab tool, while further questions on encryption and its relation to search ranking can be sent to Google’s Webmaster Help Forums where the company actively interacts with a larger community of site owners and developers.
Like most Google announcements involving its search ranking algorithms, it has drawn plenty of feedback from website owners and developers, as well as those in the SEO industry. Google’s blog post on the subject has more than 1,500 comments as of this writing. Reactions are mostly in favour of the change, with many seemingly expecting that such a development was going to happen sooner or later. One commenter opined, “So, it’s not often that you’ll get SEO tips directly from Google — but here’s one that I’m proud to be associated with: HTTPS is now being used as a ranking signal.”
Google’s announcement is consistent with its efforts to better secure its own traffic, which included encrypting traffic between its servers. Gmail now uses an encrypted HTTPS connection by default, preventing mail from being snooped when moving between users and Google’s servers.
In a time when paranoia over government cyber spying is at a frenzy, tech companies are scrambling to beef up their own security measures. In November last year, Yahoo! also announced plans to encrypt its own data centre traffic.
At Enform, we’ve long seen encryption and HTTPS as fundamental measures for improving a site’s security, no matter how small it may be. This time around, Google’s efforts only provide another incentive for webmasters to make the switch.