On the 6th of August, Google announced on their Webmaster Central Blog that as of this month, having an SSL certificate (effectively encrypting your URLs and adding the HTTPS protocol to them (rather than the standard HTTP) will be a ranking factor.
It’s a very minor factor right now. In fact, Google estimates that it will effect only 1% of searches. But they’re also planning on making it stronger over time.
Well, Google has always said that they’re focused on security. They’ve been pushing for “HTTPS Everywhere” for some time now, and they say that they’ve had positive results in their tests.
From one point of view, I can see where they’re going with this. An SSL certificate requires an investment in your site. There’s the annual fee, there’s setting it up, there’s configuring your site to use it. It tells Google that your site is not going to disappear overnight. It provides another form of identity that can be used as one (of the many) factors that helps Google determine whether a site is trustworthy or not.
Of course, if you’re using any sort of ecommerce functionality, and collecting data (like patyment details) from people online, then you have to use a secure transfer protocol.
If you’re not though, I personally don’t see too muchj benefit, beyond that confirmation of identity that Google is so focused on these days. (For valid reasons I will admit.)
Luckily, right now this is a very minor factor. If your site has plenty of strong, positive factors, whether or not you have HTTPS shouldn’t really matter right now.
Of course there is probably going to be a mad scramble as people demand to have their sites converted because Google has said it’s a ranking factor, but right now, you’d do better making sure that all your other onsite (and off-site) signals are up to scratch.
However, Google has said that they may decide to strengthen this factor over time. If they do, it might be important one day to implement HTTPS, and you’ll need to remember this:
If you have a site at http://www.example.com, and you convert it to https://www.example.com, you effectively have two versions of a page. An HTTP version, and an HTTPS version. This can easily create duplicate content issues for example.
If you do implement an SSL certificate on your site, remember that it will also require redirecting all of your existing pages to the secure version of those pages. You also might want to set up canonical tags pointing to the secure version of each page. (Oh, and you might lose thinks like pre-existing shares or likes or +1’s.)
What Should You Do?
Right now, nothing. At a 1% affect rate, this isn’t something to start worrying about, especially if you have bigger SEO problems on your site. The time, effort and money spent on implementing HTTPS will be better spent (right now) on working on stronger ranking signals. If it ever becomes a really important ranking signal, then it might be worth it.
But until it does, there are more important things to focus on for your SEO.