Hi John, does the rating of the SSL certificate impact the ranking boost? For example does a A rating HTTPS SSL certificate give a bigger ranking boost than a B rating SSL certificate? Or as long as the SSL certificate is valid and comes from a good authority (green locker) there is no ranking boost difference on class A, A-, B, C certificates?
At Google, user security has always been a top priority. Over the years, we’ve worked hard to promote a more secure web and to provide a better browsing experience for users. Gmail, Google search, and YouTube have had secure connections for some time, and we also started giving a slight ranking boost to HTTPS URLs in search results last year. Browsing the web should be a private experience between the user and the website, and must not be subject to eavesdropping, man-in-the-middle attacks, or data modification. This is why we’ve been strongly promoting HTTPS everywhere.
As a natural continuation of this, today we’d like to announce that we’re adjusting our indexing system to look for more HTTPS pages. Specifically, we’ll start crawling HTTPS equivalents of HTTP pages, even when the former are not linked to from any page. When two URLs from the same domain appear to have the same content but are served over different protocol schemes, we’ll typically choose to index the HTTPS URL if:
- It doesn’t contain insecure dependencies.
- It isn’t blocked from crawling by robots.txt.
- It doesn’t redirect users to or through an insecure HTTP page.
- It doesn’t have a rel=”canonical” link to the HTTP page.
- It doesn’t contain a noindex robots meta tag.
- It doesn’t have on-host outlinks to HTTP URLs.
- The sitemaps lists the HTTPS URL, or doesn’t list the HTTP version of the URL
- The server has a valid TLS certificate.
Although our systems prefer the HTTPS version by default, you can also make this clearer for other search engines by redirecting your HTTP site to your HTTPS version and by implementing the HSTS header on your server.
We’re excited about taking another step forward in making the web more secure. By showing users HTTPS pages in our search results, we’re hoping to decrease the risk for users to browse a website over an insecure connection and making themselves vulnerable to content injection attacks. As usual, if you have any questions or comments, please let us know in the comments section below or in our webmaster help forums.
Sucuri has lunched an Website Performance Tool.
We extract three key metrics that are critical to the performance of any website: connection time, time to first byte (TTFB) and total load time:
- Connection time: It measures how long it takes for the TCP session to be established to your website. If you are a networking geek, it measures how long it takes for the 3-way handshake to be completed.
- Time To First Byte (TTFB): This is one of the most important numbers to pay attention to, as it tells you how long it takes for the first byte to be received by the browser. This metric is important because as soon as the browser receives the first few bytes, it can start to load the page and display content to the end user.
- Total Load Time: This shows how long it takes for the full page to be loaded.
To give us the visibility we need for these tests, we setup 13 globally distributed testing stations:
- 4 in USA (New York, Atlanta, Dallas and Los Angeles)
- 1 in Canada (Montreal)
- 4 in Europe (Germany, UK, France and Netherlands)
- 2 in Asia (Japan and Singapore)
- 1 in South America (Brazil)
- 1 in Australia