How To Secure Your Site For Google’s HTTPS Algorithm: #SMX New York 2014, Day 3!

Oct 3, 2014 | 1,521 views | by Navneet Kaushal
VN:F [1.9.20_1166]
Rating: 5.0/5 (3 votes cast)

Google had announced the HTTPS ranking rise in August and now speakers at this session will provide information about how to switch your site to HTTPS and get good rankings from Google. The panel of speakers also discussed tools and tests to verify if the site is secure with HTTPS.


  • Barry Schwartz – News Editor, Search Engine Land, RustyBrick (@rustybrick)

Q&A Coordinator:

  • Matt Storms – Independent Consultant, Independent Consultant (@matt_storms)


  • Gary Illyes – Webmaster Trends Analyst, Google (@methode)
  • Raza Zaidi – VP of Product & Technology, Gigaom (@rzaidi)
  • Eric Enge – CEO, Stone Temple Consulting (@stonetemple) (Q&A Speaker)

Gary started the session by talking about how one can move to site security and Google's ideas about secure search. Raza emphasized on how to weigh in on RSS and sites like WordPress with respect to secure search. Eric went on to discuss how secure search is not so different. All three speakers discussed points in the context of Google's higher ranking for HTTPS sites.

Insights from Google Straight Up

Gary shouldered the complete responsibility for the ranking boost of HTTPS sites, saying that one can “blame me for the HTTPS rankings boost.”

He then went on to discuss this new move in the context of respected psychologist and thinker Abraham Maslow who proposed the hierarchy of needs.

Maslow's Hierarchy of Needs

Humans have fundamental needs and Gary cited how Maslow actually made a hierarchy of these needs which comprised self-actualization at its apex:

  • Self Actualization
  • Esteem
  • Love and Belongingness Needs
  • Safety and Security Needs
  • Physiological Needs

What Gary emphasized through the needs hierarchy is the primeval and everlasting need for security. In this context, he indicated that HTTPS websites score over their non-HTTPS counterparts.

Social Media Rewards HTTPS

Gary spoke of how HTTPS sites are rewarded by both Twitter and Facebook. Twitter uses HTTPS for all its users by default as does Facebook, cited Gary.

Why Google Prefers HTTPS

Google questioned and discussed the rankings boost for HTTPS sites in depth, says Gary. He also talked about how as a ranking signal, HTTPS affects less than 1% of all the queries and searches. HTTPS is a lightweight symbol as relevance and top quality content are more vital and stronger signals, he said.

Migration to HTTPS

Gary cited how many companies had moved to the HTTPS/ SSL mode such as:

  • Search Engine Roundtable: HTTPS
  • CloudFare: SSL

HTTPS Must Rise In Numbers

Currently, Gary said less than 10% of discovered URLs were HTTPS and this should hit 100% soon. Gary spoke of how “30% of the queries have at least one HTTPS in the results. I want this to increase.”

Webmasters Vs HTTPS

Gary made a point by point comparison of the common objections to HTTPS by webmasters and what Google and pro HTTPS camps had to say about this. The points he chiefly discussed were:


  • HTTPS slows things down
  • It's not worth the effort
  • It's difficult


When it comes to these objections, Gary had counterpoints for each of them, specifically:

  • Google is concerned about speed. Gary even said “We are obsessed with speed. We care about every single millisecond.” Secure searches are equally high in speed, he asserts.
  • Security is a basic human need and even if you are a blog or a news site, Gary's take is that if humans have a basic need for security, how can you possibly say it’s not worth it? It’s a basic need.
  • For naysayers who feel switching to HTTPS is too tough and complicated, Gary pointed out how someone with a degree in journalism managed to switch the site in just 4 hours and anyone (or their hosting company) can do this.

Google's Moonshot Thinking

Gary asserts that “We need to think big – we need to implement moonshot thinking. We want to brave things and things that no one has dared to do before.”

Brainstorming with Google

Gary asked if a person going to shop online would go through the checkout process on HTTP. He further asks, “Would you give your login credentials to a page that’s not secure? I wouldn’t. A broken certificate means no certificate at all – we might want to start pointing out to our users if they are going to an insecure page, on all browsers, not just Chrome. This is something we’re thinking about.”

Message from John

A message from John came via Gary and it upheld the importance of secure search and HTTPS sites. Specifically, John said “We heard reports that after switching to HTTPS some people’s rankings dropped. We are actively looking into these reports. We don’t see any correlation to migration. HTTPS should be very transparent and not painful at all. For some people it worked brilliantly and I know that for most sites, it has to work because our index will just handle it well.”

For WordPress Users and RSS

WordPress and HTTPS

Raza spoke of how the change can be made to HTTPS for WordPress Users, specifically through the VIPS implementation of HTTPS which uses the SNI or Server Name Indication/SNI.

  • He cautions that this is not supported on Windows XP and older versions of Internet Explorer (IE)
  • Moreover, Raza said warnings will be present to users leading in lost traffic.
  • WordPress can also support HTTP strict Transport Security/HSTS in this context. As this degrades gracefully, there are less chances of traffic loss.

One final point in this context made by Raza is that the WordPress plugin can be used to forward traffic from HTTP (book mark, previous links etc.) to HTTPS.

RSS Readers And HTTPS

Raza mentioned that users who have been historically opting for RSS would have subscribed to the HTP version. He said this would be a problem as the feeds will be broken and the users will have to re-subscribe via manual means to get the feeds.

So, Raza advised placing FAQs in a prominent and distinct position as RSS users can then see this.

HTTPS as a Ranking Factor: Reality Bytes From Stone Temple Consulting

Eric discussed how Stone Temple Consulting changed its own site and tracked URLs while checking the date the HTTPS switched over in terns if Google.

He reiterated that the results emphatically displayed there was no material change as:

Of 12 indexed pages,

  • 6 had improved their rankings,
  • While 1 showed no change,
  • And 5 were actually worse off.

SEO Clarity Study

Data from the SEO Clarity research conducted on HTTPS looked at 218 million sites including the popular GoDaddy. They found that there was no material change either, Eric said.

SSL Certificate By Default

  • Eric also said Digicert have Stone Temple Consulting an extended validation SSL certificate by default which is a massive and more stringent level of validation.
  • The delay in the HTTPS switch was flagged by SSL Guru as a problem.

Eric concluded the session with this parting fact.

How To Secure Your Site For Google’s HTTPS Algorithm: #SMX New York 2014, Day 3!, 5.0 out of 5 based on 3 ratings
1.thumbnail How To Secure Your Site For Google’s HTTPS Algorithm: #SMX New York 2014, Day 3!
Navneet Kaushal is the founder and CEO of PageTraffic, an SEO Agency in India with offices in Chicago, Mumbai and London. A leading search strategist, Navneet helps clients maintain an edge in search engines and the online media. Navneet's expertise has established PageTraffic as one of the most awarded and successful search marketing agencies.
1.thumbnail How To Secure Your Site For Google’s HTTPS Algorithm: #SMX New York 2014, Day 3!
1.thumbnail How To Secure Your Site For Google’s HTTPS Algorithm: #SMX New York 2014, Day 3!