Jun 11, 2022

Get a ranking boost on Google with HTTPS on your website

Comparing a website of a finance company in Adelaide that doesn't use HTTPS with the website by Sanico Software that does use a secure HTTPS connection.
A comparison of an insecure HTTPS website of a finance company based in Adelaide to the Sanico Software website which uses a secure HTTPS connection.

Website Tip #3: You might not know it but using HTTPS (Hypertext Transfer Protocol Secure) on your website is actually a page experience factor Google uses to rank a website. Many people think black magic, voodoo or casting spells helps a website rank better on Google, when in reality Google publishes a wide range of informative documentation to help websites rank better. Many misconceptions exist and people chase unusual tactics to rank better while they miss basic factors such as HTTPS.

What is HTTPS and why use it on a website?

HTTPS is a protocol that provides a safe and encrypted method for a website and its client to communicate with each other securely. With the rise of hacking, data theft and cyber attacks on the internet HTTPS was created as a method to enforce encryption, increase data integrity and authenticate communications between a website and its clients. It is something that every website should be using both to protect themselves, their users and to additionally receive a ranking boost on Google. I won’t explain HTTPS in technical detail but for those interested check out this Wikipedia article which discusses HTTPS in more detail.

Many negative consequences exist for websites that fail to use HTTPS for there communications, such as:

  • Google ranks websites lower that don’t use HTTPS as they want to navigate clients to websites that provide a higher level of security.
  • Hackers perform a man-in-the-middle attack and change the information of the website before it arrives to an end user. For example, they change the price of a product from $10 to $100.
  • Hackers steal personal information as it transits between a website and a client due to a lack of data encryption.
  • Website browsers ban a website that fails to use HTTPS from utilising basic features such as caching, which degrades other ranking factors such as performance.
  • Clients lose trust and integrity in a businesses website as their website browser on their device clearly notifies them if a website fails to use HTTPS with an insecure symbol, as seen in Figure 1.

A screenshot taken in 2022 of a Google Chrome browser with an insecure HTTPS warning for the website of a finance company in Adelaide. Figure 1: A screenshot taken in 2022 of a Google Chrome browser with an insecure HTTPS warning for the website of a finance company in Adelaide. I blanked out the company for privacy reasons.

Many more negative factors exist for a website that fails to use HTTPS but the ones provided help to paint a clear picture of the situation. To use HTTPS helps to lower security concerns of a website.

Businesses want clients to feel safe when they browse their products in a physical store and a website is much the same. For example, say I walk into a local sports store like Rebel Sport in Australia, I want to feel safe as I browse for products to buy. If I walked into the store and it was dark, there were shady characters everywhere and people were screaming hysterically, I probably would look for another sports store to shop in. This example extends to websites, if a website isn’t safe then clients might not want to enter.

Without HTTPS a business provides a lower level of trust, security and safety to those that enter the website, hence why Google gives a ranking boost to websites that do use HTTPS. HTTPS is by no means a silver bullet to fix all security problems but it definitely adds an extra layer of security.

I hear of many malpractices that so called “SEO specialists” use to trick businesses to rank higher on Google in my hometown of Adelaide, South Australia. These malpractices usually do the opposite and rank a website lower, a very sad and bitter hypocrisy. Instead, they miss basic and well known advice such as HTTPS gives a website a ranking boost, as stated by Google in their SEO documentation on Search Central.

I want to pause for a moment and say to anyone reading this article, if someone promises to rank your website on the first page of Google, run away, far far away. Google in their SEO documentation gives this advice themselves and with good reason, no one can guarantee 1st place on Google, not even Google itself.

Many of the people who promise these sorts of things use malpractices that may, in the rarest case, temporarily boost rankings but if caught by Google will lead to significant punishment and possibly complete deranking through a manual action. Google wants to direct users to quality and safe websites, not fraudulent, misleading or unsafe websites.

How can I check if my website is secure?

You can easily check if a website is secure. On nearly all modern website browsers such as Google Chrome, Safari, Firefox and others, a lock will appear to inform a user that the website uses a secure HTTPS connection. In the case that the website fails to use a HTTPS connection a warning symbol, large X or broken lock symbol will appear. See Figure 2 to see the difference between a secure HTTPS connection and an unsecure connection in Google Chrome and Firefox.

Comparing the difference between insecure and secure HTTPS websites in both Google Chrome and Firefox Figure 2: Comparing the difference between insecure and secure HTTPS websites in both Google Chrome and Firefox.

Another way to check if a website fails to use HTTPS is to navigate to the website address in a website browser, click the address bar and see if it says “http” instead of “https”. If you see “https” it mean it’s a secure address, if you see “http” it means it is an insecure address. Figure 3 shows the difference between an insecure and secure website address in the address bar of a Firefox website browser.

Comparing a HTTP website address with a HTTPS website address in a Firefox website browser session. Figure 3: Comparing the difference between an insecure and a secure website address in a Firefox website browser.

Conclusion

Many people might read this article and assume that most websites use HTTPS these days and that this tip is obsolete. This is definitely not true, I literally just sent out a quote to a local finance company in Adelaide this week that fails to use HTTPS and they are far from an edge case.

A main job of mine is to redesign peoples websites in Adelaide and I notice that many websites in Adelaide fail to use HTTPS. Many businesses are unaware of problems like this or if they do know they don’t see the importance, which is probably why they rank lower in Google while businesses that do care or are aware rank higher. It’s the circle of life.

If a website wants to rank higher on Google then getting basic page experience factors such as HTTPS is an excellent start but an even more important reason is to protect clients and provide a safer browsing experience for everyone.