Hacked: Hacking Finance

Google Will Begin Indexing HTTPS/Encrypted Pages by Default


Samburaj Das

Samburaj Das

Samburaj is the contributing editor at Hacked and keeps tabs on science, technology and cyber security.


ChronoPay Looks to Kickstart Bitcoin Adoption in Russia 29th May, 2017

Alleged FBI Hacker Lauri Love Ordered to US Extradition by UK Home Secretary 15th November, 2016


Google Will Begin Indexing HTTPS/Encrypted Pages by Default

Posted on .
This article was posted on Thursday, 20:47, UTC.

Google has announced today that it is adjusting its all-important indexing system to favor HTTPS pages over the HTTP versions of the same page. The tweak is more than certain to encourage web administrators and website runners to embrace HTTPS by default for their websites.

// -- Discuss and ask questions in our community on Workplace. Don't have an account? Send Jonas Borchgrevink an email -- //

Google figures among the companies that has long been a proponent for encryption and better user security.

In 2008, Google provided Gmail users the option to always use HTTPS. In 2010, Google followed up its earlier offering by switching over to HTTPS by default for Gmail along with its encrypted search offering that could be switched on by Google search users. 2011 saw Google enable forward secrecy, a secure protocol wherein the compromise of long-term communication keys does not compromise past session keys. Again, by default. Google also pledged to make its search function more secure in the same year.

Last year, Google blatantly put out a blog post to claim that the search giant was favoring HTTPS URLs by helping them with a ranking boost. An excerpt from the post read:

// -- Become a yearly Platinum Member and save 69 USD and get access to our secret group on Workplace. Click here to change your current membership -- //

[We do this] because we’d like to encourage all website owners to switch from HTTP to HTTPS to keep everyone safe on the web.

HTTPS Indexing, by Default

In an announcement made today, Zineb Ait Bahajji, a member of Google’s Security and Indexing teams has revealed that Google’s webpage indexing system will be adjusted to look for more HTTPS pages. She added:

Specifically, we’ll start crawling HTTPS equivalents of HTTP pages, even when the former are not linked to, from any page.

In essence, when a HTTP URL and a HTTPS URL appear from the same domain with the same content, the HTTPS URL gets picked over the HTTP URL. This will occur when:

  • The URL does not contain insecure dependencies.
  • The URL is not blocked from crawling by robots.txt.
  • The URL does not redirect users to or through an insecure HTTP page.
  • The URL does not have a rel=”canonical” link to the HTTP page.
  • The URL does not contain a noindex robots meta tag.
  • The URL doesn’t have on-host outlinks to HTTP URLs.
  • The sitemaps of the website lists the HTTPS URL. Alternatively, if the HTTP version of the URL isn’t listed on the sitemaps.
  • The web server contains a valid TLS certificate.

Google also recommends website owners to start redirecting their HTTP site to the HTTPS versions of the website, as well as implementing the HSTS header on their servers.

Featured image from Shutterstock.

Important: Never invest money you can't afford to lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here.

Feedback or Requests?

Receive New Posts on Email:

Samburaj Das

Samburaj Das

Samburaj is the contributing editor at Hacked and keeps tabs on science, technology and cyber security.

There are no comments.

View Comments (0) ...
Logging onto a terminal in 2015, it's easy to forget…