When visiting a website and you notice that it has the prefix ‘https’ as opposed to ‘http’, of if your browser’s address bar displays a padlock symbol, you are accessing a website that is using an SSL certificate. SSL certificates have long been used by websites processing sensitive information to encrypt the connections between themselves and their visitor’s computers. In light of the widespread web surveillance that has been revealed by Edward Snowden, we have seen widespread uptake in the use of SSL certificates as a way of encrypting all connections and to protect end-users further from potential cyber criminals. Webmasters will soon have another reason for the general use of SSL certificates on their websites however, as Google is looking to update its algorithms in order to give preference in search results to websites that are using a HTTPS connection as opposed to an HTTP connection.
Google notes that the importance of HTTPS in a website’s overall ranking is fairly low at this moment in time, but as the focus on security is ever-increasing the search giant hasn’t ruled out increasing the relevancy of it in relation to security fears. With security fears being at the very forefront of the public’s imagination, I wouldn’t be surprised if we saw the other major search engines such as Bing and Yahoo following suit; the goal of search engine algorithms is to deliver results that are valid and relevant, so to put users’ security fears to rest it only makes sense that they embrace promoting sites that rely on SSL certificates. As an aid for webmasters, Google has recommended the following tips:
- Be sure to choose the correct certificate for your needs – single, multi-domain, or wildcard
- Use 2048-bit key certificates – the strongest offered by most providers
- Use protocol relevant URLs for all other domains
- Let your HTTPS website be crawled by the search engines and don’t block it in robots.txt
- Try and prevent use of the ‘noindex’ robots meta tag
While there may be SEO benefits related to installing an SSL certificate for general use, there can be some drawbacks for webmasters of using SSL certificates. Firstly, depending on the strength of the certificate required to protect your website, the cost of implementing it can vary greatly; there are low cost single domain certificates that can provide a very basic level of protection, right up to expensive ‘wildcard’ certificates that can be used under any subdomain of a particular domain. Secondly, SSL certificates can put an additional load on the server with each request that is serviced; the server has to put in the additional work needed to encrypt all the data before it is sent to the client computer, and so this is going to require extra CPU power.
by Joshua Hold