Google To Rank Sites With HTTPS Encryption Higher In Search Results

Google will use encryption as a ranking criteria in an effort to encourage more sites to adopt HTTPS

Websites using HTTPS encryption will be ranked more favourably by Google’s search algorithm as part of a campaign that aims to motivate webmasters to make their sites more secure.

Google uses HTTPS for its search, Gmail and Drive services, but wants others to do the same. It says the increasing number of websites using HTTPS over Transport Layer Security (TLS) is encouraging, but feels that by using encryption as a ranking criteria, more will follow suit.

“Over the past few months we’ve been running tests taking into account whether sites use secure, encrypted connections as a signal in our search ranking algorithms,” say Google’s Zineb Ait Bahajji and Gary Illyes. “We’ve seen positive results, so we’re starting to use HTTPS as a ranking signal.”

Google HTTPS

https top“For now it’s only a very lightweight signal—affecting fewer than 1 percent of global queries, and carrying less weight than other signals such as high-quality content—while we give webmasters time to switch to HTTPS. But over time, we may decide to strengthen it, because we’d like to encourage all website owners to switch from HTTP to HTTPS to keep everyone safe on the web.”

To help websites take the plunge, Google has published some advice. It says webmasters should decide on the kind of certificate they need (single, multi-domain or wildcard), use 2048-bit key certificates, use relative URLs for resources that reside on the same secure domain and protocol relative URLs for all other domains.

It also suggests that the indexing of web pages by search engines should be allowed wherever possible and that HTTPS sites should not be blocked from crawling using robots.txt.

Google has been redirecting users to an HTTPS version of its search engine since 2011 and has used SSL for Gmail since January 2010 after learning Gmail had been hacked in China. All incoming and outgoing Gmail messages are now encrypted using HTTPS connections to better protect users from interception by attackers or spying.

Are you a Google expert? Take our quiz!