Google just announced it will boost the ranking of sites that use secure and encrypted connections. This is part of Google's efforts to push "HTTPS everywhere" on the web.
Google described that the Security is a top priority for Google. Invest a lot in making sure that their services use industry-leading security, like strong HTTPS encryption by default. That means that people using Search, Gmail and Drive, for example, automatically have a secure connection to Google.
Also beyond own stuff of Gogle, they are also working to make the Internet safer more broadly. Google want to go even further. At I/O a few months ago, called for "HTTPS everywhere" on the web.
Also seen more and more webmasters adopting HTTPS (also known as HTTP over TLS, or Transport Layer Security), on their website, which is encouraging.
How to go for HTTPS ?
In the coming weeks, Google will publish detailed best practices to make TLS adoption easier, and to avoid common mistakes. Here are some basic tips to get started:
- Decide the kind of certificate you need: single, multi-domain, or wildcard certificate
- Use 2048-bit key certificates
- Use relative URLs for resources that reside on the same secure domain
- Use protocol relative URLs for all other domains
- Check out our Site move article for more guidelines on how to change your website’s address
- Don’t block your HTTPS site from crawling using robots.txt
- Allow indexing of your pages by search engines where possible. Avoid the noindex robots meta tag
If your existing website is already serving on HTTPS, you can test it's security level and configuration with the Qualys Lab tool from Here.
We hope to see more websites using HTTPS in the future. Let's all make the web more secure!