It has been almost a month since Google announced that it would begin using HTTPS as a new ranking signal. While the announcement, which was made on August 6, 2014, was long-rumored, it was met with questions as to what affect HTTPS would have on sites. This new factor in rankings is not part of an algorithm update. Unlike Panda or Penguin, it is its own separate signal, which begs the question: how strong is the signal?
SEOs and webmasters are working to balance the logistics of the migration of a site from a regular connection (HTTP) to a secure connection (HTTPS), which can be costly and labor intensive, with the urgency to make the move. For now, it seems as if the changes are minimal, but it is still important to prepare for the possibility that HTTPS will begin to play a larger role in how your site ranks.
What is HTTPS?
HTTP stands for Hypertext Transfer Protocol and is essentially the way websites communicate—the connection through which data is transferred between websites. Most web traffic goes through HTTP connections, which are non-encrypted, and can therefore be read by the server. This is how we are able to glean data on site visitors that help us determine user intent, search queries, and other potentially identifying information.
The “S” in HTTPS stands for “secure”. HTTPS sites use an SSL 0248-bit key certificate to establish a secure connection. SSL—or Secure Sockets Layer—certificates encrypt the connection so that user data cannot be read. It is a means of establishing trustworthiness and protecting the privacy of users. An HTTPS site is a site that uses an SSL certificate to encrypt data from visitors to their site.
Google’s consideration of HTTPS as a ranking signal comes as part of an overall strategy to promote security and user safety across the Internet in general. Earlier this year, Google called for “HTTPS Everywhere”, urging webmasters to consider adding SSL certificates to their sites and alluding to the possibility that HTTPS might become a ranking signal at some point down the road. Google already uses HTTPS encryptions for most of their own services, such as Search, Gmail, and Google Drive, and is now encouraging others to follow suit.
HTTPS: Now or Later?
There has been much debate as to when webmasters should act. The migration from HTTP to HTTPS is an involved and complicated process, as each HTTPS is not site-wide. Each URL must me migrated from HTTP to HTTPS using 301 redirects, and such a large number of redirects can negatively impact rankings. The upside of this, however, is that you can migrate your site in sections—allowing you to prioritize pages and test the effects of the migration.
SSL certificates are also costly, so migrating to HTTPS may be cost prohibitive for smaller businesses. Google has, however, expressed that the rankings boost is minor—for now, at least—and that it is only affecting a very small amount of searches. According to Google:
For now it’s only a very lightweight signal — affecting fewer than 1% of global queries, and carrying less weight than other signals such as high-quality content — while we give webmasters time to switch to HTTPS. But over time, we may decide to strengthen it, because we’d like to encourage all website owners to switch from HTTP to HTTPS to keep everyone safe on the web.
For SEOs, HTTPS should, for now, play a limited role in your overall strategy, and for webmasters, there is time to make the switch. In fact, in the weeks since the announcement, it has come under debate whether or not this new ranking signal has even taken effect. SearchMetrics said they have seen no discernible change in rankings since Google made the announcement—that there is no data to support that HTTPS is even a factor. However, this could be because the ranking signal is so light, or because such a low percentage of global search queries are being affected.
Whether or not the rollout has not taken effect, or its impact is still too minor to be measured, the fact of the matter is the announcement is only a few weeks old, and it will take time before we are able to really measure the data. The important thing is that there is time. There is time to weigh the pros and cons of HTTPS, decide how to go about the transition, and actually implement the migration.