Encrypted Websites Will Now Get A Boost In Google Search Rankings

SMS Text
Encrypted Websites Will Now Get A Boost In Google Search Rankings

Google wants to make the Internet a safer place and has worked hard to improve their own security over the years. Today Google announced they’re taking their dedication to security a step further by making HTTPS a ranking signal.

Google has been running tests over the past few months using encrypted connections as a ranking signal. After seeing positive results, Google will be using HTTPS as a ranking signal going forward.

Google says that, for now anyway, this is a “very lightweight” signal that will affect fewer than 1% of global queries. While Google gives time for webmasters to move over to HTTPS, HTTPS as a ranking signal will carry less weight than other signals such as high-quality content.

Eventually, Google may decide to make HTTPS a stronger ranking signal as a way to encourage all website owners to switch from HTTP to HTTPS “to keep everyone safe on the web.”

In order to make TLS adoption easier, Google will be publishing a best practices guide in the next dew weeks. For now, here are some best practices:

  • Decide the kind of certificate you need: single, multi-domain, or wildcard certificate
  • Use 2048-bit key certificates
  • Use relative URLs for resources that reside on the same secure domain
  • Use protocol relative URLs for all other domains
  • Check out our Site move article for more guidelines on how to change your website’s address
  • Don’t block your HTTPS site from crawling using robots.txt
  • Allow indexing of your pages by search engines where possible. Avoid the noindex robots meta tag.

If your website is already serving on HTTPS, you can test its security level and configuration with the Qualys Lab tool

What’s your take on this change? Will you be jumping to move your site over to HTTPS, or do you think there’s nothing to get too concerned about for now? I’m interested to hear your thoughts in the comments section.


Matt Southern
Matt Southern has been the lead news writer at Search Engine Journal since 2013. His passion for helping people in all aspects of online marketing... Read Full Bio
Matt Southern
Subscribe to SEJ!
Get our weekly newsletter from SEJ's Founder Loren Baker about the latest news in the industry!
  • Zak Venturo

    Been anticipating this honestly. I am curious about how it pans out as I own a small landscaping company and I only currently secure the payment gateway. I am wondering if the boost will take into account a single page like this and what it means to the entire site, or if it will mean the entire site is better off with fully going SSL for every page, even if there is nothing going on with the other pages to secure technically. I will put my wager on securing every page.

    • chris faron

      Hey Zak I think we are talking about the whole site because Google wants all data communication (via your browser) to be encrypted

  • Lucie Caron

    Thanks Matt. I would like to know if in the way to write the texts for the web site google mention news recommandations. If it is possible can you tell me the way to write in the right way for google ? Many thanks . I am rewriting my web site. L.C.

  • chris faron

    why do you advise against using the noindex robots meta tag?

  • Brad Krupkin

    I certainly will not be adopting the https protocol anytime soon. Nothing on my blog requires protection. I dont have any forms for anyone to fill out. I dont have any comments enabled on my blog posts or pages. I do not have any transactional pages on my site at all.

    So, if the only reason to apply a SSL is for the sake of rank, then that goes against everything Google preaches about developing content and a website with the user in mind, not the search engines.

    I can appreciate Google wanting to be proactive in helping to nudge certain developers into employing better security standards, but penalizing sites where it does not make ANY sense to encrypt, just doesn’t seem like a good plan. if my content is good and my users are happy and secure to the levels necessary based on their interactions with my site elements, then that should be what Google values more.

  • ameen

    Does this concern ecommerce sites more than regular sites or all type of websites?

  • Callum liddell

    I would imagine their algorithm would take into account weather the ssl is on a site that would require protection for its users. I doubt a blog site would be penalised for not having ssl if there were no comment functions or purchase options…

  • Sierra Prescott

    I don’t see the point of a regular content site with SSL, especially when the boost is very “lightweight”. However if you’re running ecommerce sites then I think it’s a must-have.

    • Michael

      But SSL connection is becoming headache for me, it is reducing my site load speed from 2s to 10s! And in fact speed is much more important factor google and for our customers than SSL connection.

      • Sierra Prescott

        Wow. If you site speed decreased that much then I think you have a serious problem with your server, I don’t see any different with my website. You need to re-config your server or using some sorts of caching plugin for your site.

  • Avinash Bikumalla

    As far as I know, https and http are different websites (atleast in analytics). What happens to the backlinks that we created for http website. Usually, all the backlinks will point http://www.abc.com/xyz (as anchor link), instead of https://www.abc.com/xyz. Does this mean that all previous backlinks will lose their value?

    Should we start creating backlinks using https in anchor links?

    • Callum

      you can do a redirect for your new link paths i don’t think they will lose their value. I would start using https backlinks if you have ssl as it looks better and you can never go wrong with absolute urls. Just my opinion.

  • Ty Whalin

    My current take on it right now – is that it’s not that significant for results at the moment. May be in the the near future for business owners. At the moment it would seem it is just in the works and could become a minimal factor in the future. I would not worry about it to much at the moment. But you can bet the issuer’s of SSL Certificates are all for it, since they will be the ones to gain the profit from the changes. The only real concern I would have at the moment is the fact of the indexing of the site. Because currently sites can’t not be index if they are required login/signin pages.

  • Akash

    thanx matt but if any blog is hosted on blogspot than how i can i move http to https