Google Announcement Signals Beginning Of A Mass HTTPS Migration
Published: August 12, 2014
Author: Molly Shotwell
Earlier this year many internet users begrudgingly changed their passwords because of Heartbleed, a security bug that exposed sensitive information from over half a million servers. Just last week, the Internet was abuzz with an anxiety attack caused by the disclosure that 1.2 billion login credentials have been amassed by Russian hackers because web search activities were not properly encrypted.
But my fellow netizens, you all can take some solace in knowing that a mass migration of websites from unsecured HTTP over to HTTPS is about to happen, because Google just announced that it is starting to use HTTPS as a positive SEO ranking signal.
According to Google’s Webmaster Central Blog:
For now it’s only a very lightweight signal … carrying less weight than other signals such as high-quality content—while we give webmasters time to switch to HTTPS. But over time, we may decide to strengthen it, because we’d like to encourage all website owners to switch from HTTP to HTTPS to keep everyone safe on the web. [emphasis added]
It is a rare occurrence that Google officially acknowledges any factor that would affect organic rankings. Brands that are interested in keeping a competitive edge and want to gain better SERP visibility should heed this announcement. Now is the time to discuss and plan with your web development and search marketing team to determine the best procedure to enhance the security of your website. Migrating to a secure protocol will be beneficial to both SEO and the user experience.
If you have not completely encrypted your website, here are some helpful tips from Google to get you and your team started:
-Review your current security level and configuration with the Qualys Lab tool
-Confirm the kind of certificate you need: single, multi-domain, or wildcard certificate
-Use 2048-bit key certificates
-Use relative URLs for resources that reside on the same secure domain
-Use protocol relative URLs for all other domains
-Don’t block your HTTPS site from crawling using robots.txt
-Allow indexing of your pages by search engines where possible — avoid the noindex robots meta
Do you have any concerns or questions about switching over to HTTPS? Please let us know in the comment section below.