Google has announced that websites with HTTPS/SSL protection will now have their ranks boosted in the search results, because of changes in their search algorithm. Even though the protection won’t be as important as other SEO components used in the calculation of a website’s Google Rank, the change raised various questions, as webmasters are on both ends, regarding the change.
The Reaction to the Minor Change in Google’s Search Ranking
While keeping user’s data safe is important, webmasters argue that the HTTPS/SSL protection should not be a part of Google’s search algorithm for websites that do not keep any user’s data on their servers an example of this will be a one man blog.
Moreover, even though the protection currently gives websites a minor ranking boost, Google has officially stated that they “may decide to strengthen” the signal, which HTTPS/SSL gives the search engine’s algorithm. The reasoning behind this decision is that they want to “encourage all website owners to switch from HTTP to HTTPS to keep everyone safe on the web.”
While some webmasters have raised the question of whether or not this is a strategy to create a craze for a purchase of an unnecessary certificate, the benefits of the HTTPS/SSL protection protocols are various.
What are the benefits of HTTPS/SSL?
Even if you have a website or a blog, that does not require or save any user’s data, you still need to be secured. If you have an HTTPS/SSL certificate you may be sure that you have full data integrity and authentication. This means that you will have the guarantee that nobody is altering how your content is received by some of your users. Moreover, if your website is focused around financial or medical advice, for example, it would be helpful for you if people trust you.
“We’re also working to make the Internet safer more broadly… We hope to see more Websites using HTTPS in the future.”
– Google Online Security Blog
Another question raised by webmasters was about Google’s purposing of the decision. As they might strengthen the ranking signal to encourage the use of such protection protocols and certificates, webmasters wonder if this contradicts their stance that previously encouraged webmasters to engineer for their users, rather than Google.
Do website owners who already have SSL need to do anything?
Currently the ranking boost is only applied to the pages that have SSL on them. Thus if you are a webmaster you might want to consider filtering all your URLs and files included go over HTTPS, thus making your whole domain name SSL protected. This means that you will need to take the time and test everything in your website to make sure that the HTTPS certificate doesn’t show any errors on the end of your users.
What’s Google’s Advice?
If you currently don’t have SSL/HTTPs protection, Google has advice to help you out. They’ve stated that a webmaster should:
- Use 2048-bit key certificates
- Use URLs that are protocol relative for all other domains
- Decide on the type of certificate they need: single, multi-domain or wildcard certificate.
- Learn how to change their website’s address the proper way
- Allow the indexing of their pages in the search engine where it is possible and avoid the noindex robots meta tag
Some major questions have already been answered?
Q: Will Google treat the http and https versions of a domain as SEPARATE PROPERTIES.
A: That’s not quite accurate. It’s on a per-URL basis, not properties. Webmaster Tools asks you to verify the different _sites_ (HTTP/HTTPS, www/non-www) separately because they can be very different. And yes I’ve personally seen a few cases – one somewhat strange example bluntly chides their users when they visit the HTTP site and tells them to visit the site again as HTTPS.
Q: Does this mean we have to verify at least 4 websites in webmasters tools from now on ? www. non-www, http & https ?
A) Change “at least” to “at most” assuming it’s all the same domain :). But yes, if you want to track the data for those versions separately, verifying them is a good thing to do.
Q: Does this means that even if you 301 every http page to https when you transition, all of your current rankings and pagerank will be irrelevant.
A) That’s not true. If you correctly redirect and do other details correctly (no mixed content, no inconsistent rel=canonical links, and everything else mentioned in the I/O video I referenced), then our algos will consolidate the indexing properties onto the HTTPS URLs. This is just another example of correctly setting up canonicalization.
Q: What about sites that already serve HTTP & HTTPS but use HTTP as canonical URL – should we think about switching?
A) We use the canonical URLs that are indexed, so if you’re serving it on both, but selecting HTTP as the canonical, then we wouldn’t see that as being indexed using HTTPS. This is across all websearches, globally.
Q: Does the quality of the certificate influence the ranking factor?
A) the type of certificate doesn’t play a role at the moment. AFAIK new certificates have 2048 bit or more keys anyway. If you have something with a shorter key, I’d recommend replacing that regardless of this. You don’t need an EV certificate for this.
There remain many questions unanswered like what does this change mean for google news sites? how does this affect pagerank will it transferred and what percentage of it will be lost when you 301 redirect to https versiosn? and there is the case of incoming links loosing some link juice due to the redirects. Hopefully with time we will be able to get definite answers to many more questions and I will continue to update the post as more answers get surfaced from google
What do you think about this change? Do you believe that going SSL/HTTPs should be a part of Google’s Search Algorithm? Let us know in the comments below!