searchmetrics email facebook github gplus instagram linkedin phone rss twitter whatsapp youtube arrow-right chevron-up chevron-down chevron-left chevron-right clock close menu search
65446544
Marcus Tober
Marcus Tober 2015/03/03

HTTPS Encryption – What is the impact of TLS/SSL on Rankings?

Unwrapping the Secrets of SEO Time to read: 10 min

Searchmetrics Analysis: https vs httpWe have made a new analysis of HTTP vs. HTTPS and it seems as using a secure connection could be an advantage for webmasters in different perspectives – both from the point of SEO and to user-trust-signal it conveys. In August 2014, Google announced the secure connection to be an official ranking signal. Our recent analysis now shows positive effects for the first time: Websites without a secure connection could gain a few percentage points in SEO Visibility when migrating to HTTPS-protocol.

The unmistakable statement from Google concerning secure connection was a surprise and not only for me. It’s very rare they state an aspect to be an official ranking signal. In the beginning, Google takes the encryption as a lightweight signal, they said, which affects just around 1% of worldwide search queries. But in the future, they may change.

Google has been doing a lot of work to increase security in the web in the recent past. I don’t want to talk about the kind of reasons Google may also have despite their altruistic argument of web security. I prefer to draw conclusions from the data we analyzed.

Just after the announcement from Google, we already had a look at our data and analyzed whether there are any measurable effects between rankings, HTTP and HTTPS. But in August 2014 we had to deny the question if webmasters could gain a boost in SEO Visibility when migrating to HTTPS. The fluctuations in visibility couldn’t be considered as significant.

Background: What is TLS/SSL & HTTPS?

The common protocol that provides a secure connection when accessing a website is TLS (Transport Layer Security), the previous versions are also known as SSL (Secure Sockets Layer). It is important to understand that you don’t encrypt a website with TLS/SSL, but you encrypt the connection. A TLS/SSL certificate is used to correspond to a static domain via a session key that encrypts the data flowing between server and client.

In contrast, usual HTTP website traffic is unencrypted. Each server that your traffic flows through on the way to the website’s server can read that data. This is how analytics tools get the keyword query, for example, if a website you visit uses HTTPS, the data is encrypted, so in theory only you and the website you visit can see what you’re doing on that website.

There are several remarkable signs for an encrypted connection in the browser’s URL – „https“ instead of „http“, a green key and the green name of the company:

bank of america ssl

Encryption via HTTPS seems to contribute to SEO Visibility

For analyzing a correlation between encryption and visibility, we looked at the average rankings of HTTP and HTTPS – on a URL basis, directories respectively. Sometimes only certain domain areas can be encrypted and others may not. This analysis is based on URL-rankings for 30.000 keywords we observe continuously since August 2012.

SEO Visibility: HTTPS vs. HTTP-websites

HTTP vs. HTTPS: SEO Visibility
HTTP vs. HTTPS: SEO Visibility

Short explanation of the graphic: The black line represents the difference in standardized, average SEO Visibility of HTTPS- vs HTTP-websites; the shadowed area is the confidence interval of 99%. Since Google has announced the HTTPS to be a ranking signal in August 2014 (red vertical line), the black line tends to climb higher and higher. In other words: The advantage we measured regarding the coherence of SEO Visibility and HTTPS-encryption is now statistically significant.

HTTPS winners: Brands increased their SEO Visibility

Now, let’s take a closer look at domains with HTTPS in different branches. We want to pick out some examples – and their gain in SEO Visibility that might have achieved through encryption.

HTTPS-URLs: Increase of SEO Visibility through encryption

URL SEO Visibility 1/18/15 Increase in
visibility
apple.com/iphone/ 23436 5%
commonsensemedia.org/ 171524 2%
sciencenews.org/article/ 3777 2%
etsy.com/browse/vintage-category/ 3042 2%
spotify.com/ 23904 1%
bandcamp.com/ 221559 1%
microsoft.com/com/ 8535 1%

The apple.com-landing page for iPhone had a SEO Visibility of 23.436 on January, 18th. It can be said that 5% of visibility is probably due to encryption. Also, HTTPS-sites from brands like Spotify or Microsoft increased visibility. These numbers could give you an impression about the possible impact of encryption for SEO Visibility.

Possible influence of other factors

In summary, we can assume a positive correlation between encryption and SEO Visibility regarding our data. Our statistic experts reduced all other influences as far as possible, but we cannot exclude other influencing factors entirely. This is due to the high-complex algorithm of the search engines which includes hundreds of ranking signals, therefore you cannot distillate one factor in total.

As I already mentioned, a lot of brands with HTTPS-websites increased visibility. That’s why it has to be considered that not only encryption is responsible for visibility increase. Google tends to rank brands higher, especially after some updates in the recent past, for example the Brand/e-Commerce “Update”. We already analyzed the correlation between brands & rankings in our studies; for more information on this topic I would like to refer to our study “Ranking Factors 2014”.

The potential increase for not-encrypted websites

We also studied some examples of not-encrypted URLs and measured the possible increase in visibility by migrating to HTTPS. As a result, we can say that the potential is up to 5 percentage points.

HTTP-URLs: Possible increase of visibility by encryption

URL SEO Visibility 1/18/15 Possible increase
in visibility if HTTPS
store.sony.com/

46231

5%
cheapoair.com/

21646

5%
theguardian.com/

1162977

1%
allmusic.com/

625755

1%
food.com/

345654

1%
expedia-aarp.com/

6244

1%
ebay.com/

2602631

0,5%

Since the Google-announcement regarding HTTPS as a ranking signal, we can state that encrypted websites could gain in visibility, if they have already a bit of visibility. A growth of a few percentage points in visibility is possible, but not guaranteed.

While the implementation of TLS/SSL cannot guarantee an increase in visibility, the gain in user-trust is obvious. Because of the green name & key in the brower’s URL-bar, the encryption is a signal of trust for users. Possible effects of this trust-boost can be a decrease in bounce rate, whereas the conversion rate could rise. And the better the user signals, the more positive the effects in Google rankings.

Encryption is technically demanding

However, several webmasters reported a loss in rankings and traffic after migrating to HTTPS. This could be a reason for many to avoid the efforts of encrypting their own web project.

It has to be noticed that implementing HTTPS is associated with a lot of work – as an example, just take the clean redirection of every URL. That’s why Google announced to give webmasters sufficient time for migrating their site to a secure connection.

Conclusion: Secure connection should be considered

  • In August 2014, Google announced that HTTPS-encryption would be a ranking signal for websites. At first, it was declared as lightweight signal, but Google also said, in future times they “may decide to strengthen it”. Official reason is the web security.
  • Now we noticed a statistically significant difference in SEO Visibility between HTTPS- and HTTP-websites.
  • The bigger & more visible the web project, the more likely there will be an increase in SEO Visibility by a few percentage points having secure connections. The positive effect isn’t guaranteed.
  • A migration to HTTPS-encryption could be relevant especially for transactional branches and / or brands. Despite a possible increase of SEO Visibility, it is a signal of user trust – and therefore for search engines as well. The green HTTPS-elements in the browser’s URL-bar can increase trust & conversion rates and decrease bounce rates.
  • After migration, some webmasters reported a decrease in rankings and traffic. The implementation is technically demanding and should be done with care. This is why Google gave webmasters time for migrating to a secure protocol.
Tagged:

Related articles

Marcus Tober

Marcus Tober

My name is Marcus Tober and I’m the founder of Searchmetrics. Because we really love to analyze all kinds of online data, we can give you more insights than any other company in SEO, SEM and Social Media. It’s not a job, it’s passion.

35 thoughts on “HTTPS Encryption – What is the impact of TLS/SSL on Rankings?

  • Tom 2015/03/03 at 9:12 pm

    Did u do some research of the sitespeed issue with ssl?

  • Nick Wilsdon 2015/03/04 at 5:58 pm

    Interesting research Marcus. I can definitely see HTTPs being the standard within 18 months, especially with initiatives such as Let’s Encrypt launching mid-2015 (free SSL certificates backed by consortium including Mozilla and Cisco).

    Google will definitely reward HTTPs, it’s an obvious carrot to push webmasters towards the encrypted web however my only concern is the potential downside on site-speed, as we know that is also a ranking factor but more importantly a factor in bounce-rate and conversion. Each third-party element is dependant on the speed of that SSL handshake, with average performance across CA’s varying significantly. I included a chart on average OCSP response time by CA in this post – http://nickwilsdon.com/free-ssl-certificates-will-change-internet/

    So in short – how do you feel about the positive impact of HTTPs against the potential negative impact of reduced site performance? Maybe it’s still to early to make a call on the overall benefit of HTTPs?

  • summon agus 2015/03/05 at 11:15 am

    how i can analys that isuess as matrix?

  • Sonia Pitt 2015/03/10 at 5:25 pm

    I have read many a blog posts where webmasters are claiming that they have lost a significant amount of organic traffics after they migrated their sites to https, even they said that they followed each and every details like 301, canonical etc after doing the change.

    I believe currently https has very less impacts on overall organic traffic increase but a slow site can have a very negative impact on site’s ranking, user experience and conversions. So it will be better to see how Google use this security signal on their algorithm and ranking.

  • Kimberly Esparza 2015/03/22 at 6:21 am

    Of course, this increase in visibility will be negated when all websites change over to https since google is spearheading an initiative to provide free ssl certificates to webmasters.

  • Oziti 2015/03/31 at 5:08 am

    This is a great article but there are a plenty of things that you can invest into before migrating to the secure protocol. https is important but as you’ve said, it’s not a heavyweight factor at the moment. I have also seen the ‘cheap’ certificates that are not recognized / trusted by the browsers. Such certificates can mean a loss of business instead of a gain in traffic.

  • Andy Kuiper 2015/04/15 at 7:19 pm

    free ssl certs from google? I’m on a wait and see mission re this 🙂

  • Hans Ophuels 2015/04/15 at 9:34 pm

    I dont’t think that public content has to be delivered by https. Why ?
    Their is an other aspect which is not mentioned. HTTPS needs more processor power on both sides the server and the client to encrypt and decrypt the data. It would be interesting how much electrical energy is spend for this. And in the age of avoiding useless power consumation, we schould take care about this.

  • PS Web Design 2015/04/16 at 8:59 am

    Wow really interesting article Marcus it’s great to be able to be able to see some figures emerging from this.

    As we’ve seen Google are trying to make a big attempt to crack down on malware and spam issues with sites – the fact that they are going to now notify webmasters of issues in Google Analytics as well as Webmaster Tools suggests this. So it comes as no surprise that Google will reward website with HTTPS.

    Nick raises an interesting point about the site load speed and how potentially this could slow down website load speeds. However, I think one of the most important factors that we might be slightly overlooking here is that we are focusing on the direct effect on the website and not on the user. What I mean by this is that even if this does slow down the site speed, a user might be more inclined to wait for the page to load if they recognise this as a sign that the website is doing everything it can to keep the visitors best interests at heart. And with more and more sites being launched on a daily basis especially e-commerce stores, it will only be a matter of time before these minor subtleties become a major influence in the consumer buying cycle.

  • John 2015/04/20 at 10:51 pm

    I wonder the great fuss around mobile algo and last year’s https mania do really matter amid serp hijackings and prolonged panda and/or algo updates. Many webmasters look forward to results and they do not come easy these days with negative seo, spam and serp hijacking. Https may be meant for trust (of visitors) but I see a lot of websites going https though they should not as they do not take visitors data in any form. They just put faith into what google suggests.

  • Nadine 2015/09/22 at 12:56 am

    I am wondering if we need to switch to SSL or HTTPS (if they are the same exact thing?) for our company page. Some people say (like this article) that HTTPS will be more liked by Google for ranking, however, if SSL slows down the site, then Google wouldn’t like it anyways. We have a WordPress site, no online store but looking into adding the security for Google SEO rank factors if it helps.

    Question 1: Not sure if there is a difference between buying an SSL through our hosting company or making our WordPress site HTTPS via other “protocols” that bypass buying an SSL if that exists??

    Question 2: Can someone please tell me your thoughts on speed with making your site SSL (or https) versus having it be secure and Google liking it more which makes it rank higher? Which is more important? I would assume both but seems that you can’t have both since being secure will slow down your site?? So what do you do??

    THANK YOU!

  • Daniel 2015/09/24 at 10:07 am

    Hi Nadine, thanks for your question. Without knowing more about your site, I’m afraid, I can’t say much more than: it depends. Good to know that your are not an online store, because if so, or if any transfer of customer or sensitive data happens on your site, it would be a big argument to use a secure connection. Please keep in mind: Google said they consider https a light ranking signal. But, since there are several hundred factors woven into Google’s algorithm, there are many other. Furthermore, implementing HTTPS is associated with a lot of work and can cause some problems. So consider https: yes. But don’t make your number one priority if your site does not deal with sensitive data. The page speed aspect is another issue. When you add a service causing more processes to your site, it gets slower. And yes, you need to acquire a certifacte and make sure it is included in the trusted root certificates of many popular browsers. If not, it may cause warning messages shown to your users (which will make most of them leave probably).

  • apentium 2015/10/29 at 11:56 pm

    I was one of those waiting for feedback from community to see if the https is worth the trouble. For me speed and UX is more important as my sites do not require registration or payment that would require such a move. Still, I have seen many sites going for https and it seems that trust is getting more and more important. I saw lots of sites with malformed https showing the browser message about certificates – they all lost me as I did not take the trouble to go through those extra clicks. The future remains to be seen – my guess is that there will be sites that have no choice while others may stick to old less secure protocol. Thanks for sharing this – it proved to be useful to me.

  • Jerome 2015/11/27 at 12:31 am

    I do not really see any point for going https unless customer registration is a must. In that case it is the only way. I heard about websites that faced issues when sending in disavow files as thes did it for the non https version – lots of confusion about real urls to consider (OK – old urls are redirects, new ones can be handled) when auditing backlinks. Plenty of issues with canonical too – and how do you verify webmsater tools for all versions (to be able to communicate with google spam team)?

  • Geekcoder 2015/12/10 at 7:24 pm

    I added an ssl to my website then links some desapeared from results 🙁 and they are not replaced by the https links, maybe thant will change, I hope it.

  • data analytics 2015/12/12 at 8:18 am

    What’s up, every time i used to check web site posts here early in the break of day,
    since i love to gain knowledge of more and more.

  • รับสอนพิเศษ 2015/12/24 at 3:22 pm

    If some one wishes to be updated with newest technologies then he must be go to see
    this site and be up to date everyday.

  • Refugio Kalkbrenner 2016/01/12 at 11:07 pm

    Thanks for the Information. I found your Website on another blog today. This is a good Website. i think i will come back again. Thanks again

  • HikingMike 2016/01/19 at 12:12 am

    I’d be really interested to see an update in the stats for this, now that almost another year has passed. The graph would have much more meaningful information I think. The one above could be somewhat natural fluctuation. But if it shows it continuing upward for another 9 months, then that is definitely something and maybe Google has increased the influence of that ranking signal.

    I’m glad you did the update in the first place, very helpful. I hope the change works out for us. Now another update would be even better.

  • February 2016 Blank Calendar 2016/01/25 at 8:05 am

    What’s up to every body, it’s my first pay a visit of this blog; this
    blog consists of amazing and actually good stuff in favor of readers.

  • February 2016 Blank Calendar 2016/01/27 at 8:39 am

    Superb post however , I was wondering if you could write a litte more on this topic?
    I’d be very thankful if you could elaborate a little bit more.
    Bless you!

  • February 2016 Printable Calendar 2016/01/28 at 10:41 am

    Hi, I think your site might be having browser compatibility issues.
    When I look at your blog in Safari, it looks fine but
    when opening in Internet Explorer, it has some overlapping.
    I just wanted to give you a quick heads up! Other then that, excellent blog!

  • February 2016 Blank Calendar 2016/01/28 at 10:46 am

    Nice response in return of this matter with real
    arguments and explaining all on the topic of that.

  • Lydia 2016/02/07 at 4:38 am

    Wow! In the end I got a website from where I can genuinely obtain valuable
    data regarding my study and knowledge.

  • Judi 2016/02/17 at 5:48 pm

    There’s definately a lot to find out about this
    issue. I really like all of the points you
    have made.

  • Jackie 2016/03/18 at 11:33 pm

    As a matter of fact it seems that may websites are still without ssl and https which means that not everyone is jumping to google’s advice. So is the case with mobile seo so far – lots of sites out there that don’t give a damn to mobile users who are from FaceBook anyway – a useless bunch.

  • Dorris 2016/03/28 at 3:07 pm

    That is a very good tip especially to those fresh to the blogosphere.
    Short but very accurate information… Thank you for sharing
    this one. A must read article!

Write a Comment

Note: If you enter something other than a name here (such as a keyword), or if your entry seems to have been made for commercial or advertising purposes, we reserve the right to delete or edit your comment. So please only post genuine comments here!

Also, please note that, with the submission of your comment, you allow your data to be stored by blog.searchmetrics.com/us/. To enable comments to be reviewed and to prevent abuse, this website stores the name, email address, comment text, and the IP address and timestamp of your comment. The comments can be deleted at any time. Detailed information can be found in our privacy statement.