Google announced yesterday that they are now using SSL/HTTPS as a ranking signal in their Google search algorithm. According to Google, as of now it’s only a very lightweight signal — affecting less than 1% of global queries, and carrying less weight than other signals such as high-quality content. But over time, Google might decide to strengthen it, and encourage all website owners to switch from HTTP to HTTPS to keep everyone safe on the web.
Earlier this year, in March, Matt Cutts gave a hint that he’d like HTTPS to be a ranking signal. So, this was likely to be implemented soon.
So, what about sites that already have SSL implemented on their checkout pages? Is that enough?
The answer is, no, you need to still do something more. This ranking boost is applied to only the pages that have SSL on them. Typically, SSL is only on those checkout pages and not on your product pages, content / landing pages, etc. So you need to make your whole domain name, all the URLs, all the files, all the includes, all of it, go over HTTPS.
This obviously will take some time; you need to do rigorous testing, to make sure the HTTPS certificate doesn’t show errors to your users. There can be images, videos, and third-party includes that need to be adapted on the pages to ensure that it doesn’t give the user a security warning.
Are there any negative SEO effects of converting to SSL?
According to Google, if you switch your site over properly, there is no downside. Google has said before there was an SSL boost that there is no ranking change in a negative way for going SSL.
But the key is you need to do it right. Google gave this advice:
- Decide the kind of certificate you need: single, multi-domain, or wildcard certificate
- Use 2048-bit key certificates
- Use relative URLs for resources that reside on the same secure domain
- Use protocol relative URLs for all other domains
- Check out our Site move article for more guidelines on how to change your website’s address
- Don’t block your HTTPS site from crawling using robots.txt
- Allow indexing of your pages by search engines where possible. Avoid the noindex robots meta tag.
Google also recommends you use Qualys Lab tool to test your SSL certificates and pages.
Meanwhile, here are some reactions from the Webmaster Community.
“And a lot of cash for certificate authorities. This’ll be another craze like site speed. It’s manipulation of the webmaster community, and I don’t believe it’s fair to judge every site based on HTTP vs. HTTPS. People will be buying certificates just because it might help a teeny-tiny bit, when in fact their site does not warrant a secure connection.”
“My site is informative only, no login or personal/sensitive information, so why the hell do I need to use SSL?”
“This will add extra costs for certificates and administration, which will hinder small business owners.”
“what about reduced page speed from extra payload?”
John Mueller of Google is answering questions about this on Google+. Google also added a new resource this morning on securing your site.