SSL Google won’t be sending you queries

In a fairly unexpected report, Google have announced that SSL will be enabled for a number of users by default. Along with GMail, secured by default last year, and Twitter and Facebook providing secure versions as an option, Google will be introducing secure searches to users over the coming weeks.

Google have provided a secure search at https://encrypted.google.com/ for a while, more information on it is provided in their help, but it ensures that no third-party can see your searches.

It also means that webmasters will not receive the query that the user has searched for. This was done by parsing the referer* in the HTTP request. For example, url= was the url clicked on, the q= represented the query, and cd= as the position the link was in. An example script, in PHP, can be found on this site; but could apply on any landing page in any language.

This is a major blow to webmaster who use this data to analyse keywords; and it will break those sites that automatically generate content based on your search query. This was often used for analysis – but also for link farms and advertising sites for gathering keyword information and misleading users. This hopefully will reduce some of the link farms that use this technique; but some webmasters do use this to highlight search terms on the landing page.

So what does this mean? Webmasters will still know users came from Google, but not any of the information about the search. Users who encrypt their search will not be passing on their keyword terms via the HTTP header.

You can however, receive a list of the top 1,000 search queries through Google Webmaster Tools, and presumably will still continue to receive keyword and other information from Google Analytics.

The official announcement can be found on the Official Google Blog.

* referer is spelt here with one ‘R’ as defined in the HTTP spec.