HTTPS

August 6, 2014 Google announced that security and Internet safety is a top priority for Google, including the websites that people access from Google. High quality, unique content and natural links / SEO remains the most important factors in SEO, however, HTTPS is now a factor for some sites, and will be an important SEO factor in the future.

What is HTTPS?

In layman’s terms, a website using HTTPS gives you the little lock symbol in your browser. Data sent from your computer or device is encrypted between you and the website your browser (or app) is communicating with.

Is HTTPS an SEO factor now?

Yes. Google states here that “For now it’s only a very lightweight signal – affecting less than 1% of global queries, and carrying less weight than other signals such as high quality content.”

Will HTTPS be an important SEO factor moving forward?

Yes. The same article also states that, while referring to the SEO signal, “over time, we may decide to strengthen it, because we’d like to encourage all website owners to switch from HTTP to HTTPS to keep everyone safe on the web.” Will they decide to strengthen it? Absolutely.

Do you need HTTPS?

If you have a simple website up that explains that you sell bird houses, is there an immediate security risk from having an HTTP site with no security? No, not really, however, attackers do not necessarily need access to a website at all; they can simply DNS hijack or compromise a public wireless gateway. Combine this with the fact that mobile usage is skyrocketing, and you have a recipe for trouble.

One method of infecting a mobile device is via a man in the middle attack (MIM). In one of these attacks an attacker intercepts web traffic to inject malicious code in to the connection between your mobile device and the website you are visiting. How is this possible? Many apps are vulnerable to attack, especially apps which allow advertising. Programmers and app developers use advertising software development kits (SDKs) to make money from displaying apps in devices. If you would like a much more in depth explanation of HTTP vulnerabilities read this article which explains security risks affecting billions of Android app downloads.

Why HTTPS Will Become an Important SEO Factor

If you have read the above two paragraphs it becomes clear that currently, HTTPS is currently a very small ranking factor, and will become more important as time goes on. If mobile device exploits become more commonplace I can see Google and other search engines placing HTTPS sites ahead of non-HTTPS sites quicker by making it a more important ranking factor. I see this as more of a not IF but WHEN.

How do you convert your site to HTTPS?

For most sites I am going to recommend a 301 redirect. This avoids duplicate content issues, and sends all of your stuff from HTTP://yourstuff.com to HTTPS://yourstuff.com. This is of course after you have purchased an SSL certificate and properly configured it with your web host. Here we use Rackspace Cloud Sites web hosting and we do have the SSL package; for a complete list of supported SSL certificates just visit our page on web hosting.

Other HTTPS concerns:

It is important to note that in Google’s article referenced above they recommend 2048-bit key SSL certificates. Google actually started using 2048-bit keys back in 2013. There are a few concerns webmasters should be aware of when making the HTTPS leap:

  • Site speed is a ranking factor. SSL handshake latency is going to slow down your initial connection before web content is displayed. Precious milliseconds will slip away. Encryption is CPU intensive. If you’re hosting your site on an overcrowded server with an underpowered load balancer, expect problems. Switching to TLS or HTTPS now will make your site slower than the competitions. I would at least be prepared to switch in 2015 – 2016, and time will tell. You do not want to wait too long to switch.
  • HTTPS Optimization is going to be a “thing”. Good SEOs will learn and understand caching, pings, SSL latency, TCP connect times, handshakes, SYN packet ACKs, HTTP keep-alive, and all that fun stuff.

What action should you take?

The future of the web is HTTPS. Be prepared to switch to HTTPS, or better yet, make the move sooner rather than later. Do not expect to suddenly rank higher than your competition- that isn’t going to happen because of your switch, but future algorithm tweaks could push HTTP sites down in search results. Understand the direction things are heading- safe, mobile friendly, content rich sites are going to outperform the competition. If you need help staying ahead of the curve and getting exposure in search contact us.

Len
2 Comments
  1. The recent changes to Google algorithm led to a rush for turning websites to HTTPS. However, its not for everyone. Find out more by going here: http://www.cloudways.com/blog/why-to-use-https/

  2. You should switch to HTTPS as soon as possible. I set up multiple SSL certificates for my websites using these instructions.

Leave a Reply