HTTPS Secure Websites Help Trust and Search Engine Rankings

httpsecure

Back in 2013, Google quietly moved to secure search, passing less keyword referral data to website owners. Now, Google is officially recommending that website owners move their websites from http to https, making their websites secure. If Google can trust your site more, know that it is secure and you’re the one who posted content on it, then your site could rank higher. Google is “starting to use HTTPS as a ranking signal.”

Because of Google’s official stance on https and their calling for “for HTTPS everywhere on the web”, starting today, we are recommending that our clients begin moving their websites from http to https. We realize that this, in many circumstances, is a big undertaking, will have an additional cost, and will take some time to complete. However, over the long run, will be beneficial not just because it could increase your website’s search engine rankings.

move-site-http-https-450width

Even if you do not sell products and services directly on your website, your website should be secure and use https rather than http. John Mueller, from Google, had this to say about why all websites should use https, even if you’re not selling products on your site:

Some webmasters say they have “just a content site”, like a blog, and that doesn’t need to be secured. That misses out two immediate benefits you get as a site owner:

1. Data integrity: only by serving securely can you guarantee that someone is not altering how your content is received by your users. How many times have you accessed a site on an open network or from a hotel and got unexpected ads? This is a very visible manifestation of the issue, but it can be much more subtle.

2. Authentication: How can users trust that the site is really the one it says it is? Imagine you’re a content site that gives financial or medical advice. If I operated such a site, I’d really want to tell my readers that the advice they’re reading is genuinely mine and not someone else pretending to be me.

On top of these, your users get obvious (and not-so-obvious) benefits. Myself and fellow Googler and HNer Ilya Grigorik did a talk at Google I/O a few weeks ago that talks about these and a lot more in great detail: Google I/O 2014 – HTTPS Everywhere

Even though your website is merely a “content website”, the trust that is given when your website is valuable. While Google has been using Google Authorship to convey some trust factors, overall I believe that we all should secure our websites; and Google, like a lot of us, want to see more trusted, secure websites. It’s just better for the entire web community as a whole to have secure websites.

I can personally tell you that as someone who has worked a lot to clean up link profiles of websites, I see quite a few hacked websites with links embedded by someone other than the site owner. By making your website secure and using https, it will be that more difficult for someone to hack into your website.

geotrust-certificate-https

The Cost of a Secure Website
The cost of a secure certificate for your website can cost as little as $89.95 for two years. Dotster is currently offering secure certificates through Geotrust for $89.95 for two years. Godaddy offers certificates for $69.95 per year. I realize that this isn’t very cheap, but if you have an online business, then it’s imperative that you protect it–so moving your entire website to https from http is a good move. Now we have another reason to make this move, which is the potential for better search engine rankings in Google.

How much would it cost you if your website wasn’t secure and it got hacked or your website visitors started seeing rogue ads on your website? It could cost you business, and your site would be trusted less.

Google is offering a new support web page that explain site security and gives you the best practices when setting up HTTPS. In some cases, you may need to move to another web server, one that supports HSTS: “Use a web server that supports HTTP Strict Transport Security (HSTS) and make sure it’s enabled.

This mechanism tells the browser to automatically request pages using HTTPS even when the user enters http in the browser location bar. It also tells Google to serve secure URLs in the search results. All this minimizes the risk of serving unsecured content to your users.”

Bill Hartzer is Globe Runner’s Senior SEO Strategist. Follow him on Google Plus.