Is HTTPS a Ranking Factor in Google?

Is HTTPS a Ranking Factor?When you visit a website, you are opening a channel between your computer and a web server somewhere for the exchange of information. This connection may or may not be secure, and a connection that isn’t secure can mean the information being exchanged is being viewed by a third party.

The difference in a secure connection and one that isn’t involves encryption. You’ll see the difference immediately in the address bar at the top of your browser: HTTP or HTTPS.

https in url bar of browser

The Difference Between HTTP and HTTPS

HTTP is an acronym for HyperText Transfer Protocol, which is the protocol that allows you to communicate with websites. HTTPS stands for HyperText Transfer Protocol Secure, meaning that the information exchanged between you and a website is encrypted – protecting information such as credit card numbers, passwords, social security numbers, and other personal information.

When you think about it, why wouldn’t you want a site to use HTTPS?

How HTTPS Improves Your Ranking in Google

Google has long used HTTPS for their own properties, such as Search, Gmail, and Google Drive, to provide users a connection that is secure by default. But it’s not enough just to use HTTPS for their own services; Google also wants to make sure that the websites people access from their services are secure.

Last year, Google began testing sites for HTTPS, using it as a signal in search ranking algorithms. Encouraged by the results of these tests, Google has begun to use HTTPS as a ranking signal. This ranking factor is decidedly lightweight right now – Google states that it accounts for fewer than 1% of global queries and it carries less weight than other signals such as high-quality content – but is likely to gain importance as time goes on. Switching from HTTP to HTTPS makes the web safer for everyone, and a safer web is something that Google is actively encouraging.

HTTPS as a Google Ranking Factor

The factors that Google considers are in some cases a mystery, so when they make a statement about something they consider important, webmasters need to pay attention. Establishing a safer web for everyone is one of Google’s goals, and adopting HTTPS for websites is one way to accomplish this goal. Google is holding off on making security a larger part of the ranking signals it uses in order to give webmasters time to switch their sites from HTTP to HTTPS. As a starting point, they offer these tips:

  • Decide the kind of certificate you need: single, multi-domain, or wildcard certificate
  • Use 2048-bit key certificates
  • Use protocol relative URLs for all other domains
  • Don’t block your HTTPS site from crawling using robots.txt
  • Allow indexing of your pages by search engines where possible. Avoid the noindex robots meta tag.
  • Review Google’s site move article for more guidelines on how to change your website’s address

If your website already uses HTTPS, you can test its security and configuration with the Qualys lab tool.

A more secure web browsing experience benefits everyone, and Google has seen fit to call attention to the use of secure protocol in the exchange of information between a user and a website. By making HTTPS a ranking signal, Google is firmly establishing security as an increasingly important factor in search rankings. If your website isn’t using HTTPS, make it a priority – while Google hasn’t stated exactly when security will become a larger consideration in ranking, this is one area in which you will want to be ahead of the curve.

In fact, we too believe in this philosophy and has been completely HTTPS since early 2014.