Guide: How The Google HTTPS Ranking Signal Affects Your Site

Webmaster News

How Will The Google HTTPS Ranking Signal Affect My Website?

The official announcement from Google of their newest addition to their ranking signals came just a few weeks ago, meaning that pages featuring secure encryption may obtain a boost to their ranking. As soon as folks heard “Google HTTPS ranking signal,” everyone assumed the worst.
https
For the moment Google have stated that it's only a “lightweight signal”, so it is of lower importance than a range of other quality signals. Google have, however, admitted that throughout time it may become of elevated importance.
The news of the Google HTTPS ranking signal shook up the entire SEO industry, promoting a whole range of dramatically opposing opinions from across the web. And to give you a better understanding of whether HTTPs will be a good solution for your site, we've come up with this full guide that will lay out:
What exactly HTTPS is, Why Google chose to implement it, Pros and cons of making the switch Whether it's going to improve rankings or not
Let's dive straight in to the guide now.

What exactly is HTTPS?

It's a secure method for information to be exchanged across the internet, using a range of means to take care of the data that's transferred.
Typically with a HTTP protocol, web servers and browsers will exchange any data through plain text, meaning that it's very easy for people to snoop on the information that's being transmitted. Any attacker could intercept, see and then make use of the data.
If you're sending something through the secure, HTTPS version, your information will be covered by three main things:

  1. Encryption – where the data that's exchanged is encrypted to prevent eavesdroppers.
  2. Authentication – a method of protecting against man-in-the-middle attacks. Proves to the users of your site that they're actually connecting to the site they originally intended to.
  3. Data integrity – there's no way to corrupt or otherwise modify data while it's being transferred, without giving yourself away and being detected

Why did Google do it?

The above methods are used by HTTPS to make certain that personal data, such as login details and card information, can be sent without the risk of a third party getting hold of it. SSL technology is utilized by HTTPS, so you've got to acquire an SSL certificate and have it installed on the server. Unfortunately, getting an SSL certificate usually involves a payment.
There's a couple of main concerns that Google have hoped to address with HTTPS. One of them is that you can't protect your users' cookies and session ID's without it. Even if you've got partial HTTPS protection, the data can be intercepted and utilized for impersonating the user.
Another is that users can accidentally enter their login credentials or credit card information to another site. Criminals have a wide open opportunity when a landing page isn't protected by HTTPS, seeing as they're able to intercept the unsecured pages and drive your users' toward a fake submission form.

Pros and Cons of making the switch to HTTPS

Pros:

  • Security is dramatically improved, seeing as HTTPS protects users from all kinds of unauthorized tampering and eavesdropping.
  • It's possible to use this form of site security as a way to be Payment Card Industry Data Security Standard, or PCI DSS, compliant.
  • There's reputation bonuses from having HTTPS' padlock icon in the corner of the screen. It's symbolic of trust, reinforcing a good image of your brand.
  • It'll quite likely increase conversions, seeing as internet users in general are becoming more aware of online fraud, refusing to purchase items from sellers that aren't encrypting their data.
  • Ranking benefits can ensue, even if the Google HTTPS ranking signal is just small at the moment.

Cons:

  • AdSense revenue might fall, because a HTTPS site requires that every piece of content on the page, as well as the advertisements, must be compliant with SSL.
  • You're not allowed to leave external content from somewhere that isn't HTTPS-enabled, otherwise it'll just result in an error message being shown.
  • Some WordPress plugins and other external apps won't support the HTTPS version of your site.
  • You'll lose the majority of the social signals you've acquired – after you've switched.
  • You might encounter issues with redirects if you haven't got much experience with server configuration. This is because the process behind redirecting content to HTTPS is rather complicated.
  • Encryption and decryption of information demands more server processing power, so your site might slow down as a result.
  • You'll require a dedicated IP address, seeing as every SSL certificate needs an individual, private IP address.
  • Cost – an SSL certificate will require a payment that's renewed.

Will SSL improve my rankings?

  • Since the beginning of HTTPS' announcement, there's been an abundance of fear spreading throughout the internet. That's because website owners are worried that not having an SSL certificate will now decrease your site's Google ranking. Plenty of website owners have panicked, switching their site to HTTPS without the adequate understanding and research.
  • It's worth bearing in mind that at the moment, HTTPS is only deemed a “lightweight signal” by Google – so it may only provide your site with a minuscule rank advantage. When you consider that it's one of around another two hundred SEO signals, it's not something that's worth worrying about too much.
  • If making the transition to HTTPS is something that's important or simple for your business, then by all means switch over.
  • On the other hand, there's a lot of difficulty involved for smaller sites with less manpower. It's probably not worth the burden for such websites, seeing as there's a range of much more effective SEO practices that can be employed instead.
  • However, if you're operating a site that takes transactions then it's definitely worth switching. It's become an industry standard to feature this kind of protection as a bare minimum. Your customers want to feel protected, and if they don't, they might just go somewhere else instead. As well as this, it's a good idea for any site that collects the personal information of their users to use this form of security. It is good practice and will help significantly in gaining the trust of your site's visitors.

Hopefully this article has enlightened and educated you a little with regards to this new announcement from Google. You should now be able to make a better, more grounded decision over whether to make the switch or not.