It isn’t often that Google tells us something that will directly affect site rankings. If they do, it’s often because they want to modify our behavior in a certain direction. We saw this tactic from Google when they first began talking about web performance a few years back, and later announced that site speed is in fact a ranking factor.
A similar motivation seems to be in play with their recent announcement that sites that use HTTPS encryption will get a small ranking boost. In fact the rollout of the HTTPS support is eerily similar to the buildup of site speed evangelism at Google, and even shares one of its main actors, Ilya Grigorik. Read the official announcement here.
Why is Google rewarding such sites? Whatever gives users a better and safer user experience after clicking a Google result ultimately benefits Google. It’s clear now, with Google suggesting that over half of all searches will take place on mobile devices by the end of this year, and understanding that one significant market growth area for Google is in regions that don’t yet have broadband internet, that this is a big part of the motivation for speed.
In a similar vein, in a time of increasing identity crimes and privacy challenges, issues likely to continue to grow in the coming Internet Of Things era, people will likely prefer Google Search if they feel they are being served well when they click a result there. Google realizes that having privacy and data protection is an important part of a good user experience.
Google says that for now the boost will be very small, affecting only 1% of all queries, and with less effect than important ranking factors such as links and content quality. But over time they say they may boost its ranking effect as they want to encourage all sites to adopt HTTPS security.
Resolving Some Questions
I think it’s a no-brainer that sites should adopt HTTPS as soon as they can, and we are going to recommend that our clients put this on their development radar. But I had a couple of questions to consider before making up my mind about such a switch.
HTTPS can affect site load speed, and as mentioned, Google has said that sites with slow loading times may get reduced rankings. How is Google resolving this potential dilemma?
Among other things, they’re throwing some serious evangelism at it, and doing so with some really smart people. Ilya Grigorik, who continues to lead a similar charge on the web performance front, has recently been quite visible on the topic of HTTPS performance. (See a few excellent resources listed below.)
The bottom line is that Google seems to say that properly implemented, HTTPS won’t cause a significant performance penalty. I doubt they would promote this so heavily if they felt that it seriously compromised their equally zealous effort to promote web performance.
2. Do you redirect http to https?
Yes, if you can. Put simply, http://www.example.com is different from https://www.example.com, and serving the same content on two different URLs is, of course, duplicate content.
Most of us have seen this problem on one site or another, and we approach the solution as we would with any other duplicate content problem. That is, if a 301 redirect is feasible and practical, we do that.
Alternatively, consider adding a canonical link element pointing from the HTTP version to the https version. Use this Google Webmaster Tools help page to guide you through the process. The wonderfully accessible John Mueller reaffirms this advice in this post, and answers some other questions. Take particular note of his comment about why “content only” sites (with no eCommerce) still benefit from encryption.
Here are some additional resources related to this that you might find useful:
Ilya Grigorik’s detailed discussion of TLS performance tuning
Google’s guidelines for site security
In a Google Webmaster Central Hangout, John Mueller answered some more question about the new ranking factor.
Ilya Grigorik and Pierre Far at Google I/O issuing Google’s call for “HTTPS Everywhere”: