You may already be aware that Google sent enormous waves around the SEO world yesterday with their announcement that HTTPS is to be considered a ranking signal:
There’s a lot of speculation on the impact and significance of this, so rather than you having to wade through the details, here’s my take on the matter.
Don’t panic.
There is nothing that has to be done immediately. No-one is going to be penalised for not having SSL.
The current impact is minimal.
In Google’s words “For now it’s only a very lightweight signal—affecting fewer than 1% of global queries, and carrying less weight than other signals such as high-quality content—while we give webmasters time to switch to HTTPS. But over time, we may decide to strengthen it, because we’d like to encourage all website owners to switch from HTTP to HTTPS to keep everyone safe on the web.“
Google have also said that they will provide detailed best practices over the coming weeks. I’ll let you know when they are published. For now they give this advice:
– Decide the kind of certificate you need: single, multi-domain, or wildcard certificate
– Use 2048-bit key certificates
– Use relative URLs for resources that reside on the same secure domain
– Use protocol relative URLs for all other domains
– Check out our Site move article for more guidelines on how to change your website’s address
– Don’t block your HTTPS site from crawling using robots.txt
– Allow indexing of your pages by search engines where possible. Avoid the noindex robots meta tag
There’s also some useful advice here.
The bottom line is that it will probably be a good idea to make the move over to HTTPS at some point, but there’s no need to drop everything and start implementing this today.
In the interest of learning more on the practicalities that are involved, we’re currently in the process of moving our own website over to SSL. Watch this space.
In the meantime if you have any questions on this, please don’t hesitate to send them my way.
PS: Don’t you love the fact that Google’s blog post isn’t on a secure server?