8月7日,谷歌宣布,为鼓励网站开发者在保护网页信息上付出更多努力,谷歌搜索引擎排名新算法会提升安装了SSL证书(又叫“https证书”)的网页的搜索权重。
这表示在谷歌搜索新算法下,经过“HTTPS”(超文本传输安全协议)处理的网页——为网页增加 SSL 安全证书——的权重会得到提升,而继续采用“HTTP”(超文本传输协议)的网页的权重会相对降低。
SSL(Secure Sockets Layer 安全套接层),及其继任者传输层安全(Transport Layer Security,TLS)是为网络通信提供安全及数据完整性的一种安全协议。TLS与SSL在传输层对网络连接进行加密。
SSL证书一般由 WoSign 等 CA 机构颁发,网站在安装 SSL 证书之后可以以“https”的方式访问网页。https 意味着这是一个安全连接。
目前在国内可以通过SSL数字证书申请网( buy.wosign.com )来申请免费测试 SSL 证书(又叫 https 证书)。
超文本传输安全协议是超文本传输协议和SSL/TLS的组合,两者的区别在于 https 提供加密通讯及对网络服务器身份的鉴定。
同时谷歌也在声明中表示,网页是否安装 SSL 证书经过加密处理只是谷歌搜索新算法在确定网页权重高低时参考的一个因素,与网页内容质量高低相比,网页是否经过加密处理对权重影响低。
谷歌称,这项更改只会影响全球不到1%的搜索请求。
英文参考:
Webmaster level: all
Security is a top priority for Google. We invest a lot in making sure that our services use industry-leading security, like strong HTTPS encryption by default. That means that people using Search, Gmail and Google Drive, for example, automatically have a secure connection to Google.
Beyond our own stuff, we’re also working to make the Internet safer more broadly. A big part of that is making sure that websites people access from Google are secure. For instance, we have created resources to help webmasters prevent and fix security breaches on their sites.
We want to go even further. At Google I/O a few months ago, we called for “HTTPS everywhere” on the web.
We’ve also seen more and more webmasters adopting HTTPS (also known as HTTP over TLS, or Transport Layer Security), on their website, which is encouraging.
For these reasons, over the past few months we’ve been running tests taking into account whether sites use secure, encrypted connections as a signal in our search ranking algorithms. We‘ve seen positive results, so we‘re starting to use HTTPS as a ranking signal. For now it‘s only a very lightweight signal — affecting fewer than 1% of global queries, and carrying less weight than other signals such as high-quality content — while we give webmasters time to switch to HTTPS. But over time, we may decide to strengthen it, because we’d like to encourage all website owners to switch from HTTP to HTTPS to keep everyone safe on the web.
Lock
In the coming weeks, we’ll publish detailed best practices (we’ll add a link to it from here) to make TLS adoption easier, and to avoid common mistakes. Here are some basic tips to get started:
Decide the kind of certificate you need: single, multi-domain, or wildcard certificate
Use 2048-bit key certificates
Use relative URLs for resources that reside on the same secure domain
Use protocol relative URLs for all other domains
Check out our Site move article for more guidelines on how to change your website’s address
Don’t block your HTTPS site from crawling using robots.txt
Allow indexing of your pages by search engines where possible. Avoid the noindex robots meta tag.
If your website is already serving on HTTPS, you can test its security level and configuration with the Qualys Lab tool. If you are concerned about TLS and your site’s performance, have a look at Is TLS fast yet?. And of course, if you have any questions or concerns, please feel free to post in our Webmaster Help Forums.
We hope to see more websites using HTTPS in the future. Let’s all make the web more secure!
Posted by Zineb Ait Bahajji and Gary Illyes, Webmaster Trends Analysts