Your Website Security Can Now Affect Google Search Rankings

By Shan Balasuriya Posted Date: 2014-09-09

Your Website Security Can Now Affect Google Search Rankings


Google, the technology and search engine giant, recently revealed in an official blog post that they will be starting to factor in security when determining search rankings for websites. Google will start to give a higher priority for websites that incorporate encryption and such secure websites can hence show up higher in search rankings. This makes https and website encryption another thing to consider when doing search engine optimization on your website. 

In the blog post, two Google webmaster trends analysts wrote “We’re also working to make the Internet safer more broadly. A big part of that is making sure that websites people access from Google are secure”. Google has even set up a specialized research team called ‘Project Zero’, this consist of a team of security researchers who are dedicated to making the internet a safer place.

Google has factored in HTTPS (also known as HTTP over transport layer security) as signal that the search algorithm considers when deciding on page ranks and what search results to show. In the blog post Google does say that they are only considering this as a minor signal within their algorithm and it carries less weight than other determining factors such as quality content. Although this may be the case at present, in the future they may strengthen the impact of having a security certificate and a secure website design overall. 

Google also says they have made the decision to factor in website security as they have seen positive results while testing this in their algorithm. They also state “For now it's only a very lightweight signal—affecting fewer than 1% of global queries”

Below are some of the tips provided for establishing encryption and a security certificate on your website:

  • Decide on the type of certificiate your website needs: single, multi-domain or wildcard.

  • Use 2048-bit key certificates

  • Don't block your HTTPS site from crawling using the robots.txt file.

  • Allow indexing of your pages by search engines where possible.

  • Use relative URLs for resources on the same secure domain, use protocol relative URLs for all the other domains.

The security level and configuration of your website can be checked using the Qualys Lab tool, a link provided by Google on their blog.