Google keeps security as its top priority. A lot is invested to ensure that the services use industry-leading security such as by strong HTTPS encryption. The people who use Gmail, Search, and Google Drive, etc. form a secure connection with Google, automatically.
Besides making Google and its things safe, it is also working on a broader level to make the internet safe. A large part of it involves ensuring that the websites that are accessed by people from Google are secure for them. Resources have been created to help webmasters in preventing and fixing the security breaches on their websites. Google aims to go further than this so a few months ago at Google I/O, they called for an ‘HTTPS everywhere’ all over the web.
Many webmasters are now adopting HTTPS (HTTP over Transport Layer Security) on their websites. This is very encouraging.
These are the reasons, due to which tests have been taken. It is to know whether the sites are taking into consideration the sites that use secure and encrypted connections as a signal in the search ranking algorithms. Positive results have been seen due to which Google has started using HTTPS as ranking signals. Nowadays, it is a fairly lightweight signal that affects less than 1% of global queries and carries lesser weight than any other signal like high-quality content while time is being given to webmasters to switch to HTTPS. In the near future, Google is deciding to strengthen it because it would encourage all website owners to switch to HTTPS from HTTP as it will keep them safer on the web.
Tips to get started
In a few weeks, Google will publish a detailed best practice in order to make TLS adoption easy. This will also be done to address common mistakes so that they can be avoided. As this is new so people might be confused about where to start from and where to end. Some basic tips to get started are given below:
- Start by deciding the kind of certificate that you need. It may be a single, multi-domain, or wildcard certificate
- Using 2048-bit key certificates is encouraged
- Using relative URLs for resources that occupy the same secure domain is also encouraged
- Do not block your HTTPS site from crawling by using robots.txt
- Using protocol relative URLs for other domains is important
- Avoid the no index robots Meta tag and allow indexing of your pages by search engines where possible on your website
- Checking out the Site move article for further guidelines on how can the website’s address be changed is advised to get more information
In case your website is already on HTTPS, then you can use the Qualys Lab tool to check its security level and configuration. Look for ‘Is TLS fast yet?’ if you want to know about the TLS and the website’s performance. If there are questions regarding this topic, post them in the Webmaster Help Forums on Google. To make the web secure, all sites should be using HTTPS.