![]() |
Credit: Annette Shaff/Shutterstock |
Need another reason to improve your website's security? If you have yet to use a secure HTTPS connection for your website, customers may soon have a harder time finding your business online.
In an effort to make the Web a safer place and to ensure that websites accessed from Google don't put visitors at risk, Google recently announced that it will now start using a website's security to determine its ranking on search results. In addition to preventing and fixing security breaches, this change will require businesses to start using a secure, encrypted HTTPS, or Transport Security Layer (TLS), connection on their websites.
The search giant is a big proponent of online security, and advocates for an "HTTPS everywhere" movement across the Web. All of its services — from search to Gmail and Google Drive — automatically use HTTPS to establish a secure connection between users and Google's platforms. This is a move the company hopes other websites will emulate.
HTTPS-based search rankings have been in the works for the past few months in Google's test labs. Although the change will currently only affect less than 1 percent of global searches (high-quality content still trumps all other factors), the company states that it is just giving webmasters an opportunity to switch to HTTPS. In the future, using security as part of search algorithms to determine rankings may play a larger role. Business websites are increasingly adopting HTTPS, and following their lead may give your business an edge when that time comes.
To improve your website's security, Google recommends the following action plan:
- Figure out which type of security certificate your website needs (single, multi-domain or wildcard).
- Use 2048-bit key certificates.
- Allow Google to index and crawl HTTPS sites using robots.txt.
- Differentiate between relative URLs for secure domains and protocol relative URLs for other domains.
- If you're changing your website's address, consult Google's site move best practices.
- Check out Google's webmaster cybersecurity guide
Already using HTTPS? Google suggests testing your website. First, test its security level and configuration with the Qualys Lab tool, and then performance with IsTLSFastYet.com.
For additional support, businesses can post questions at Google's Webmaster Help Forums. Google will also soon publish a security best practices guide to help webmasters understand and adapt to the security algorithm change.
No comments:
Post a Comment