This also makes sense as there have definitely been instances where sites switch to HTTPS, but don’t implement correct redirects, so Google could still serve the older grandfathered HTTP URLs. While Google is still recommending redirecting HTTP URLs to HTTPS ones, this change will mean that once Google discovers the secure pages, it will use those over the non-secure ones in certain circumstances.
When there are two seemingly identical pages found by Google, one HTTPS and one HTTP, Google will now typically show the HTTPS URLs in these circumstances:
- It doesn’t contain insecure dependencies.
- It isn’t blocked from crawling by robots.txt.
- It doesn’t redirect users to or through an insecure HTTP page.
- It doesn’t have a rel=”canonical” link to the HTTP page.
- It doesn’t contain a noindex robots meta tag.
- It doesn’t have on-host outlinks to HTTP URLs.
- The sitemaps lists the HTTPS URL, or doesn’t list the HTTP version of the URL
- The server has a valid TLS certificate.
The addition of the insecure dependencies is a significant one, as this is often where websites run into problems, usually by displaying non-secure elements such as advertising or some social media share buttons, often without realizing it is an issue.
Google has really been pushing for secure sites over the past couple of years, particularly with their ranking boost for HTTPS, something they plan to make stronger in the future. So it isn’t surprising to see Google make these changes to prioritize HTTPS, especially for those webmasters who might not make the switch to HTTPS as seamless as possible.
Latest posts by Jennifer Slegg (see all)
- Google Quality Rater Guidelines: The Low Quality 2021 Update - October 19, 2021
- Rethinking Affiliate Sites With Google’s Product Review Update - April 23, 2021
- New Google Quality Rater Guidelines, Update Adds Emphasis on Needs Met - October 16, 2020
- Google Updates Experiment Statistics for Quality Raters - October 6, 2020
- Analyzing “How Google Search Works” Changes from Google - July 8, 2020