Google, SSL Search and referrer information

Posted October 20th, 2011 in Miscellaneous Postings

Google have announced that SSL search at www.google.com will now be the default for all users. This post looks at the before and after of what's stored in web server logs to show that you'll still be able to see if visitors came from Google, just not what the search query was.

A good thing or a bad thing?

From a user perspective this probably a good thing as it resolves some potential privacy issues. Someone commenting on a blog post I was reading pointed out that most people probably have no idea that webmasters can tell what search query they typed into Google to find your website, and would most likely be pissed off if they did know.

From a webmaster's point of view, it's not so good because you'll no longer be able see what keywords people used to land on particular pages of your website. If you use Google's Webmaster Tools you'll still be able to see the top 1000 daily search queries and top 1000 daily landing pages for the last 30 days, but not what search queries got visitors to what landing pages.

So what will you see in your logs now?

SSL search has been rolled out for www.google.com but not www.google.co.nz so I was able to do the same query via an SSL enabled version and a non-SSL enabled version.

The query I typed in was [chris hope lamp blog] and the results in the Apache log file were as follows. Note I've obscured my IP address, changing it to 00.00.00.00, and you'll  need to scroll right to see the whole thing.

www.google.co.nz - non SSL

00.00.00.00 - - [20/Oct/2011:09:42:23 +1300] "GET / HTTP/1.1" 200 12700 "http://www.google.co.nz/url?sa=t&source=web&cd=1&sqi=2&ved=0CBoQFjAA&url=http%3A%2F%2Fwww.electrictoolbox.com%2F&rct=j&q=chris%20hope%20lamp%20blog&ei=KzafTs_RLo-WmQWk9bSzDg&usg=AFQjCNEH3YJ4-Xpe8IVK_LqXHtg7ITP5ZQ" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_2) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/14.0.835.202 Safari/535.1"

www.google.com - SSL

00.00.00.00 - - [20/Oct/2011:09:45:27 +1300] "GET / HTTP/1.1" 200 12700 "http://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&ved=0CBkQFjAA&url=http%3A%2F%2Fwww.electrictoolbox.com%2F&ei=4zafTouSHO3SmAXV1-WyDg&usg=AFQjCNEH3YJ4-Xpe8IVK_LqXHtg7ITP5ZQ" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_2) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/14.0.835.202 Safari/535.1"

In the non-SSL version we can see the keywords are in there, along with some other tracking stuff but in the SSL version there are no keywords, just the tracking stuff.

In both cases, the referrer is from an http address so even though the search is served through SSL, the click through to the website is not. So it would appear to be Google choosing not to send the data, rather than it being SSL preventing the referrer information being sent.

The only good thing is that at least we as webmasters can still see where the visitors are coming from, if not the actual search term.

References and other useful blog posts

• Google's announcement at The Google Webmaster Central Blog
• Google moves to secure searches, alienates SEO jockeys at Ars Technica
• Outcry From SEOs As Google Hide Keyword Info at David Nayor's blog
• Google Whores Out Users With False Privacy Claims at SEO Book