search-engine-marketing

Posted on
August 8th, 2014

Google’s reward to secure websites – HTTPS encryption for better ranking

Google is now encouraging all webmasters to implement HTTPS encryption across whole websites, in order to reduce or prevent hacking.

HTTPS stands for Hypertext Transfer Protocol Secure and means that anything sent through this protocol is considered to be secure. The protocol provides an extra layer of protection and help to prevent hacking attempts on a website.

The change in stance follows the ‘Heartbleed’ security bug which was discovered in April 2014 by Neel Mehta – one of Google’s own security team.  Heartbleed provided a back-door for hackers to exploit the HTTPS element of a website to gain access to private information about the website’s users.

An emergency team at Google was assembled to fix the bug and in March 2014, it was announced that Heartbleed had been removed. However the scope of the breach and the damage that it caused called for stronger security measures across the internet.

David Drummond, Google’s chief legal officer, has previously said the US needed to change its approach to intelligence to restore trust in the internet.

As the largest search engine in the world, Google announced that it would now be encrypting their search engine as well as their Gmail platform by default, providing them a way to test out HTTPS’s potential on their own products before rolling it out fully across their network.

In the past few months, Google has been testing out a new algorithm which will give secure HTTPS sites a boost in the SERPs.  With positive results, Google have decided to roll this change out across their whole network.  This means that sites which provide a HTTPS connection to their users will have an advantage on the search engine to those who do not.

Whilst this is not currently a major ranking signal, (affecting approximately 1% of search queries) Google have indicated HTTPs security will have increased importance over the next few years.

Some webmasters have shunned this move as being a way to create more revenue for online giants.  Some have even been sceptical of the actual need for full SSL encryption across a whole web site, or even the internet.

Google are rolling out the change slowly, allowing time for webmasters to switch over to HTTPS.

< Back to Blog