Google just told us a secret.
Google keeps its ranking algorithm secret. It’s trying to make it harder for search engine optimizers to game the system. That’s a good thing for those of us who rely on Google as our search engine of choice.
Sometimes, however, Google comes right out and reveals some part of the secret.
That’s what it did on Wednesday.
Google told us something important about how it ranks sites. It revealed it is now using “HTTPS as a ranking signal.”
That means Google’s going to factor the security of your website into its ranking system. If your site is using HTTPS (Hypertext Transfer Protocol Secure), then you’ll get a boost in the rankings.
Google is starting off slow with this signal and using it to influence results in a fairly minor way. However, Google has indicated that it will become more significant with time.
It’s now important for you to secure your site.
Q & A
Here are answers to some common questions:
What’s HTTPS?
You’ll note the little lock in the browser address bar here on Divorce Discourse. That lock reveals that this site is using HTTPS, which provides secure communication over a network.
In a nutshell, using HTTPS gives the browser a way to confirm that the content is coming from the domain it says it is. An insecure site makes it possible for hackers to send data to your computer that looks like it’s coming from a particular domain but that is actually coming from somewhere else. Using HTTPS prevents this from happening.
How do you set up HTTPS on your site?
This is best left to your hosting tech support provider. It can purchase a security certificate and will ask you a few questions (business name, state of incorporation, etc.). It can then force the site to use SSL using a few different methods: some perform this on the server level (best) by telling the web hosting software to do it, while others can do it on the page level itself.
Is it different on each type of site?
Yes, each type of server and each type of software require particular configuration. You’ll need to consult with your provider. As an illustration, here are the instructions provided by WordPress. You’ll also find some good info on HTTPS from Yoast. He provides basics for getting started with SSL on WordPress sites along with more in-depth server info.
Is this difficult?
The biggest problem you’ll encounter after your host is forcing HTTPS is that you’ll sometimes get the broken lock icon or warning icon in the URL bar. This is usually caused by certain resources not being served over the secure layer. For a big WordPress site, some plugins, image files, CSS files, etc. can cause this problem. You can use a tool like Why No Padlock? to figure out which files aren’t being served securely and determine what plugins need to be upgraded or replaced.
It’s time to upgrade the security of your site. It’ll help you with Google now and even more down the road, plus it’ll make the world a safer place for computing.