A Broken SSL Certificate Will Hurt Your SEO
According to Google’s Gary Illyes, you shouldn’t ignore the HTTPS ranking signal, either.
Back in 2014, Google announced that HTTPS would become a ranking signal. In the five years since that announcement, the consensus seems to be that this signal has become less and less of an actual factor to the point that now it’s just a marketing claim.
Turns out that’s wrong.
According to Google’s Gary Illyes, a Webmaster Trends Analyst, the HTTPS ranking signal, “affects enough queries measurably that I wouldn’t ignore it.”
And it turns out that having a broken or expired SSL/TLS certificate can hurt your SEO, too.
So, today we’re going to discuss what Gary Illyes was talking about, what specifically matters with the HTTPS ranking signal, and why your SSL certificate needs to be trusted and valid for more reasons than just security.
Let’s hash it out.
SEO and the HTTPS Ranking Signal
Search Engine Optimization is a critical component of internet marketing. And when you’re talking about SEO, you’re really talking about ranking on Google. Google’s ubiquity in the Western World makes it the only search engine that’s really worth targeting. And most companies feel if they do it well for Google, it should do fine with the other search engines, too.
Unfortunately, Google is rather opaque about what exactly its ranking algorithms are factoring. That’s why the 2014 announcement about the HTTPS ranking signal was so remarkable.
But over the years, as more and more sites have started to adopt HTTPS most people figured the power of that particular signal was declining. I’ve read a couple of security researchers’ blogs that have called the claim a marketing ploy.
Not the case. Nowadays it’s a tiebreaker. And apparently it still factors in pretty heavily. Yesterday on Twitter Google’s Illyes responded to a question about the HTTPS ranking signal and how often it comes up as a tiebreaker.
But that’s just HTTPS, your SSL certificate – or more specifically its validity – also matters.
Your SSL/TLS Certificate Should Be Valid and Trusted, Too
So that we don’t get accused of misleading anyone, the validity of the SSL certificate doesn’t directly affect the HTTPS ranking:
…the ranking signal itself would be unaffected: you have https in the result, you get the (tiebreaker) boost
A broken cert will affect other things, though.
This is a new wrinkle. I’m not sure I’ve ever seen this confirmed anywhere else before, but it makes perfect sense. Google (and the other search engines, even you, Bing) wants to provide its users with the best possible result. Having a broken SSL certificate endangers the user. That’s why the browsers issue certificate errors that advise their users to turn back.
Historically, the pain associated with a broken certificate came in the form of downtime, lost productivity, lost sales, the social impact it has on your brand. Add your company’s SEO rankings to the list of costs.
How Improving Your Cyber Security Posture Benefits Your Bottom Line
Being proactive about your cybersecurity posture now, may end up saving you a bunch of money later. Don’t find out the hard way.
As Barry Schawrtz, the Executive Editor of Search Engine Roundtable put it:
So there you have it – make sure you have HTTPS and make sure it is valid and working properly for ranking, not just for your user.
As always, feel free to leave any comments or questions below…
5 Ways to Determine if a Website is Fake, Fraudulent, or a Scam – 2018in Hashing Out Cyber Security
How to Fix ‘ERR_SSL_PROTOCOL_ERROR’ on Google Chromein Everything Encryption
Re-Hashed: How to Fix SSL Connection Errors on Android Phonesin Everything Encryption
Cloud Security: 5 Serious Emerging Cloud Computing Threats to Avoidin ssl certificates
This is what happens when your SSL certificate expiresin Everything Encryption
Re-Hashed: Troubleshoot Firefox’s “Performing TLS Handshake” Messagein Hashing Out Cyber Security
Report it Right: AMCA got hacked – Not Quest and LabCorpin Hashing Out Cyber Security
Re-Hashed: How to clear HSTS settings in Chrome and Firefoxin Everything Encryption
Re-Hashed: The Difference Between SHA-1, SHA-2 and SHA-256 Hash Algorithmsin Everything Encryption
The Difference Between Root Certificates and Intermediate Certificatesin Everything Encryption
The difference between Encryption, Hashing and Saltingin Everything Encryption
Re-Hashed: How To Disable Firefox Insecure Password Warningsin Hashing Out Cyber Security
Cipher Suites: Ciphers, Algorithms and Negotiating Security Settingsin Everything Encryption
The Ultimate Hacker Movies List for December 2020in Hashing Out Cyber Security Monthly Digest
Anatomy of a Scam: Work from home for Amazonin Hashing Out Cyber Security
The Top 9 Cyber Security Threats That Will Ruin Your Dayin Hashing Out Cyber Security
How strong is 256-bit Encryption?in Everything Encryption
Re-Hashed: How to Trust Manually Installed Root Certificates in iOS 10.3in Everything Encryption
How to View SSL Certificate Details in Chrome 56in Industry Lowdown
PayPal Phishing Certificates Far More Prevalent Than Previously Thoughtin Industry Lowdown