Over the past year or so, Google has been making a push towards a more secure web.
The switched Google.com, Gmail, Youtube, and all of their other web properties over to HTTPS.
If you aren’t familiar with what that looks like, here’s an example:
The green lock icon and the ‘s’ after ‘http’ indicate that this website has an SSL certificate installed on the domain.
SSL Certificates are small data files that digitally bind a cryptographic key to an organization’s details. When installed on a web server, it activates the padlock and the https protocol (over port 443) and allows secure connections from a web server to a browser.
In other words, it creates a private experience between the user and the website, and will prevent eavesdropping, man-in-the-middle attacks, and data modification.
If your website does not offer this level of security, then it leaves itself open for certain vulnerabilities that can affect your website visitors.
If Google sends a person to your website through a Google search and your website ends up infecting that user, then Google has not provided a quality user experience. Therefore, it’s in their best interest to send people to secure websites over insecure websites to keep users safe and coming back to use Google so they can continue to build their user base and make billions off of our advertising dollars.
So, if you were wondering why Google cares about your website security, now you know.
In August of 2014, Google made an official announcement that they would start giving ranking preference to websites with HTTPS over HTTP. At the time, the update only affected a very small portion of websites, but that has grown over time, and will continue to do so.
This past Thursday, Google made a follow-up announcement.
Starting now, Google is adjusting their indexing system to look for mroe HTTPS pages. Specifically, they will start crawling HTTPS equivalents of HTTP pages, even with the HTTPS pags are not linked to from any page.
All of this may sound complicated but it really means 2 things:
- If you are building a new website, it is an absolutely must to build it with HTTPS
- If you have an existing website, you should really start to consider implementing the security certificate on your site
Switching from HTTP to HTTPS is fairly easy, but it’s also easy to make a mistake and mess everything up.
You can’t just install the certificate and call it a day – you must set up proper 301 redirects and make a few other technical modifications to ensure you don’t slip in rankings.
Here is my favorite SSL provider: https://www.cloudflare.com/
But you can also get them from almost any domain registrar or hosting company like GoDaddy, Hostgator, etc.
To read the entire post from Google, click here.