June 19

What is HTTPS?

Last year we posted that Google was going to start giving a slight boost to sites served over HTTPS. Many people already jumped on the bandwagon and secured their website’s connections. But what exactly is HTTPS, and what does it mean for your website?

Encryption through TLS/SSL

TLS (Transport Layer Security) and SSL (Secure Socket Layer) are two protocols that enable a secure connection to your website. That means that, when a user visits your website, the connection between their computer and your website is secured. This helps prevent anybody else from intercepting the data that is sent by the customer to your website. For this reason, SSL has been the standard for any website that is collecting personal data, such as credit cards or social security numbers.

Wait, I thought we were talking about HTTPS?

HTTPS is simply the protocol that shows you are trying to load the website through a secure connection. The actual process of encrypting this data happens through the TLS or SSL certificate. You can try to visit any website through https by typing “https” in your address bar, but if they don’t have an SSL encrypting the data, you will either get an error or a warning page from your browser.


Peace of Mind for Users

In recent years, many companies have opted to secure their website’s connections with an SSL even though they are not collecting any personal data from their customers. Why? Customers are beginning to recognize the padlock on their browser as an indication that the website is “safe”. While this may or may not be true, customer’s peace of mind can be invaluable for building brand integrity. If customers ever feel unsafe or uncomfortable while using your website, they will often go back and find another site they feel more safe interacting with.


At this point, HTTPS is still a very lightweight signal that will award a boost to only about 1% of queries, but they have also indicated that this may increase in the future. There are a multitude of other signals that Google looks for that are opportunities for significant boosts other than HTTPS. And don’t fall into the trap to think having an SSL on your website means it is secure. Remember, the SSL only encrypts the connection between your website and the end user. Your website will still need to have its own security protocols in place.