Update: HTTPS as a ranking signal
When Google announced that the use of HTTPS encryption is now a ranking signal, the most obvious question that was on the minds of digital marketers was how this would affect rankings. Would the change from HTTP to HTTPS improve a sites organic search performance?
Google had emphasized that this ranking signal was (at the time) a “very lightweight signal” that would affect less than 1% of global search queries, and carry less weight than more influential signals such as high quality content. Google cited the growing need for security between web users and domain servers and the growing trend of more and more sites choosing the encryption security of using SSL certificates.
Since the announcement two studies have been produced to analyze the impact of HTTPS/SSL on Google Search rankings to see just how “lightweight” the signal has proven to be.
A study by Searchmetrics was published 3 weeks after the August 8, 2014 announcement. Using their metric of “SEO Visibility” they analyzed the rankings of “hundreds of thousands of keywords” and found no evidence of significant ranking improvements for HTTPS/SSL sites. Their conclusions were that either the ranking factor had not been rolled out at the time of the post and/or the ranking factor affects such a small portion of searches that their data could not identify the change.
The second study was conducted by seoClarity. Based upon 50,000 keyword searches and 218,000 domains, seoClarity assessed HTTPS/SSL URLs that were ranking before and after Google’s announcement (June – September 2014). While noticing an increased occurrence of HTTPS/SSL URLs appearing in rankings, the study found a marginal ranking change (less than 0.01% change in ranking) for HTTPS/SSL URLs.
Based upon the results of these two studies and our own observations with clients who have made the change, the impact of HTTPS/SSL encryption remains to be a “lightweight signal” that does not have an identifiable impact on website rankings in organic search.
However, this is not quite reason enough to dismiss the urgency of encrypting your site content. As we previously stated, if your website deals with sensitive content, such as user generated content, or is an e-commerce platform then the switch to HTTPS/SSL should be considered. HTTPS/SSL should already be implemented on security sensitive pages such as a log in page, form submissions, and transaction pages. Therefore, the switch to going fully secure with HTTPS/SSL is not entirely complicated.
Another caveat to this discussion is the effect on referrer data in analytics platforms. When an HTTPS/SSL encryption is used on a website it cannot pass the secured data to a non-secured website. This means that sites without HTTPS/SSL encryption lose the data that would be tracked as referral traffic when visitors enter sites from an HTTPS URL.
Put simply, traffic passing from HTTPS to HTTP would be considered Direct traffic because the secured information cannot pass on to an unsecure page. The potential loss of referral traffic data is greater as HTTPS/SSL adoption becomes more common place with webmasters.
What this means for you
While we have not seen any ranking improvements by simply adopting HTTPS/SSL encryption for sites, it still bears consideration in the case where-in HTTPS is already in place for portions of a website (i.e. e-commerce websites and user submitted content) and where retaining referral traffic data is important for analytics tracking.
For more information on HTTPS review the following resources from Google:
Review Google’s best practices for setting up HTTPS:https://support.google.com/webmasters/answer/6073543
If you have been a hacked site that has had a security breach you may want to review Google’s Webmaster help: https://www.google.com/webmasters/hacked/
How to adapt to HTTPS as a ranking signal
It is important to consider you website and business needs when deciding to adapt to HTTPS/SSL encryption. Review the following list of questions:
- Does your website already have an SSL certificate for some of your pages?
- Does your site use any of the following features: e-commerce, user login in, form submissions, etc.?
- Has your site been hacked in the past? Is your site at any apparent risk of security hacks?
- Have you noticed any unusual spikes in Direct Traffic visits in your analytics platform?
If you answer “yes” to any of these questions, consider making the change to encrypted HTTPS/SSL security. Don’t expect to see ranking boosts in the near future, but you will benefit from the added security to your website and potential improvement to your referral data in analytics.
Below is our list of our previously posted action items that will help in your move to HTTPS/SSL encryption. There are a number of very important considerations to keep in mind when choosing the proper SSL certificate and implementing it on your site. But don’t forget that this is not just a security change to your site; it is a URL change to your site which means it is also important to follow a redirection plan that retains your SEO value when you make the switch.
Action Items for Site Owners
- Review Google’s best practices for moving a site with a URL change: https://support.google.com/webmasters/answer/6033049
- Review Google’s best practices for setting up HTTPS:https://support.google.com/webmasters/answer/6073543
- Plan out your course of action for switching to HTTPS. Consider best practices such as:
- Decide the kind of certificate you need: single, multi-domain, or wildcard certificate
- Use 2048-bit key certificates
- Don’t block your HTTPS site from crawling using robots.txt
- Allow indexing of your pages by search engines where possible. Avoid the noindex robots meta tag.
- Verify your HTTPS site in Google Webmaster Tools as a separate site
- If you are already set up as HTTPS, test the security level and configuration with theQualys Lab tool