In light of recent high-profile Internet vulnerabilities like Heartbleed and Shellshock, the general public is more aware of security threats than ever. If the NSA isn’t logging your communications, malicious hackers are trying to get your banking information. Understanding and implementing secure encryption via SSL and HTTPS has never been more important. For online businesses, making total encryption a priority can actually boost their search rankings in the long run. For better or worse, HTTPS is now officially a piece of the SEO pie.
Google Takes the SSL Initiative
As of August 6th, Google now gives sites a slight boost in their search rankings if they add a 2048-bit SSL certificate. This comes as no surprise to professional SEO gurus since Google’s Matt Cutts mentioned his preference for always-on HTTPS at SMX West in January of 2014. Though it’s not a huge boost and affects a low number of sites at the moment, it’s a harbinger of things to come. Google is starting off with making SSL a “very lightweight signal” and observing the results.
The Ins & Outs of SSL
While the actual math and code underling SSL and HTTPS are a bit complex, the basic theory is actually quite simple. Essentially, HTTPS is just plain, old HTTP encapsulated in Secure Sockets Layer encryption. Unlike HTTP transmission, HTTPS scrambles packets so that they can’t be read by outside parties in transit. Thanks to the magic of public-key cryptography, the connection between a surfer’s PC and a website is secure. An adequate SSL certificate will set you back at least $80 per year.
Embracing SSL for Healthier SEO
Generally speaking, there’s no real advantage to using SSL to protect your whole site if you’re not processing financial transactions. As many have pointed out already, Google’s move is more about politics and PR than improving the quality of search rankings. Of course, full-site encryption can in some cases reduce security breaches. That’s always good for end users. Regardless, making your site use HTTPS rather than HTTP by default is worth it since it demonstrates a commitment to superior user experiences via increased security in the eyes of Google.
Making the Switch to HTTPS
Making the switch to HTTPS isn’t really that difficult. First up, buy a quality certificate from Thawte, Verisign or Digicert and make sure that it’s 2048-bit. Determine which kind of certificate is most appropriate depending on whether you need single, multi-domain or wildcard protection. If you plan on processing financial transactions, Extended Validation is a must. Make sure that you’re not blocking the site’s robots.txt file and avoid using the “noindex” robots meta tag. Consult the Google HTTPS migration guide for more specific details.
Google’s Future SEO Plans
Though Google’s SSL algorithm change currently affects “fewer than 1% of global queries,” it’s a hint at things to come. Google and competing search engines will look closer at behind-the-scenes factors like SSL certificates in the coming year and beyond. They’ve all largely figured out how to accurately index web content and rank it based on relevance thanks to advances in natural language processing and semantic search. As such, “little things” like protecting user privacy will take on greater significance in the battle for SERPs placement.
Lessons to Be Learned
If there’s one major takeaway here, it’s not the fact that installing an SSL certificate can produce a slight SERPs bump. This edge will really only help the big boys at the moment. The real lesson is that it’s always best to go above and beyond the call of duty to serve your audience. Anticipating SEO changes and adapting before they hit will save you time and money in the long run while giving you a jump on the competition.
Find out where to buy a SSL Certificate.