Google search rankings are a crucial metric for any business that wants to be seen online. Now, after a stream of security breaches over the past few years, the company is using that incredible influence it wields on the web to make it a bit safer for all, tying its search rankings to sites' use of HTTPS encryption.

According to a blog post from Google webmaster trends analysts Zineb Ait Bahajji and Gary Illyes, they've been been running trials over the past few months to test the use of secure, encrypted connections as a signal in search ranking algorithms, and Google is already rewarding sites that use HTTPS with a slightly higher ranking in searches. But while this is currently only a very lightweight signal, carrying less weight than other signals such as high-quality content, Google may decide to strengthen it over time.

Although the post notes websites will have time to switch to HTTPS, there was no indication of a timeline for the move. Notably, most ad servers still don't use HTTPS and even AdSense only uses it partially, which leaves publishers and other ad-supported business at a crossroads for the time being.

Google says in the coming weeks it will publish detailed best practices to make TLS adoption easier and avoid common mistakes. In the meantime, the company listed seven basic tips to get webmaster started:

  • Decide the kind of certificate you need: single, multi-domain, or wildcard certificate
  • Use 2048-bit key certificates
  • Use relative URLs for resources that reside on the same secure domain
  • Use protocol relative URLs for all other domains
  • Check out our Site move article for more guidelines on how to change your website's address
  • Don't block your HTTPS site from crawling using robots.txt
  • Allow indexing of your pages by search engines where possible. Avoid the noindex robots meta tag