Oh, boy! Google officially announced HTTPS as a ranking signal. Now, all the SEO busy-bee’s are buzzing around writing blog posts about all the implications of this announcement, so I figured I’d add my thoughts to the mix. The fact of the matter is that – as of today – we don’t have many details. In the next week, I imagine we will find out much more about this announcement and its impending impacts on strategic SEO.
Matt Cutts talked about this at SMX Advanced in Seattle back in June during the You&A session with Danny Sullivan. Of course, at the time HTTPS was not a ranking signal and provided no extra ranking boost. Ironically, he said that the Google algo used to give HTTP sites a boost over HTTPS sites for a while, but that is no longer the case. I found the 2 minutes he talked about HTTP/HTTPS back in June at SMX Advanced in the video from that panel. Watch it here or below (jump ahead to the 34m 40sec):
At the same conference, Google’s Maile Ohye also talked about HTTPS during a different panel. She kept referring to it as TLS, which stands for ‘Transport Layer Security ‘(I had to look that up!). She pretty much said directly that every site should move to HTTPS because that is the way the web is going. Google is going to eventually show preference to sites that are all about integrity, authentication, and encryption. She also gave some specific recommendations, and I took some notes on those:
- Google WMT has support for HTTPS. She mentioned how WMT support for HTTPS was a mess just a few years ago, but now you can specify HTTPS in WMT. (On a side note, the article on SELand talked about monitoring the HTTP->HTTPS migration in WMT).
- Redirect all HTTP to HTTPS, and don’t forget to change all absolute URLs to HTTPS in the code.
- Be sure to update all rel-canonical tags to HTTPS.
- It really sounded like she was encouraging everyone to take the first boat off the HTTP island and head for the promised land of HTTPS.
One thing that nobody is talking about: the trade-off between site speed and site security. Increasing PageSpeed/SiteSpeed and Site Security at the same time can be very difficult challenge, because increased security – such as HTTPS – tends to cause load times to increase. As noted in the article, the HTTPS ranking boost is “affecting fewer than 1% of global queries.” I’m sure that % will rise in the coming months, but I think we are still in a time where site speed is a much more critical ranking factor.
“Sorry folks, HTTPS only. The moose out front shoulda told ya.” – Lasky
From conversations with other SEOs, it has also come up how much users care about pagespeed vs security. What is the perception of the user from a UX perspective? Do they value a site that is secure more than a site that loads faster? It’s an interesting question, and I haven’t heard any UX experts weighing in on that issue. I’m going to take a wild guess and say that it probably depends on the site. If I’m visiting a site to complete an ecommerce transaction, I absolutely care more about the site’s security than its speed. If I’m visiting a blog or news site, security means very little to me, while pagespeed means a lot!
At the end of the day, it’s not time to freak out about not being HTTPS, but it is time to start the conversation. As with most SEO strategies these days, this conversation will need to involve several different teams: Dev, SEO, Marketing, UX, etc… Just be sure to bring up the fact that you want to move your site to HTTPS while keeping pagespeed times consistent.