This also makes sense as there have definitely been instances where sites switch to HTTPS, but don’t implement correct redirects, so Google could still serve the older grandfathered HTTP URLs. While Google is still recommending redirecting HTTP URLs to HTTPS ones, this change will mean that once Google discovers the secure pages, it will use those over the non-secure ones in certain circumstances.
When there are two seemingly identical pages found by Google, one HTTPS and one HTTP, Google will now typically show the HTTPS URLs in these circumstances:
- It doesn’t contain insecure dependencies.
- It isn’t blocked from crawling by robots.txt.
- It doesn’t redirect users to or through an insecure HTTP page.
- It doesn’t have a rel=”canonical” link to the HTTP page.
- It doesn’t contain a noindex robots meta tag.
- It doesn’t have on-host outlinks to HTTP URLs.
- The sitemaps lists the HTTPS URL, or doesn’t list the HTTP version of the URL
- The server has a valid TLS certificate.
The addition of the insecure dependencies is a significant one, as this is often where websites run into problems, usually by displaying non-secure elements such as advertising or some social media share buttons, often without realizing it is an issue.
Google has really been pushing for secure sites over the past couple of years, particularly with their ranking boost for HTTPS, something they plan to make stronger in the future. So it isn’t surprising to see Google make these changes to prioritize HTTPS, especially for those webmasters who might not make the switch to HTTPS as seamless as possible.
Latest posts by Jennifer Slegg (see all)
- Google AdWords Truncating Headlines for Some Ads - July 22, 2016
- Google: How to Temporarily Remove Pages Varies by Length - July 22, 2016
- Google Flights Testing Thumbnail Ads in Search - July 20, 2016
- Google Voice Searches 30 Times More Likely to be Action Queries - July 19, 2016
- Google Looking for Sites to Review for Next Site Clinic - July 18, 2016