This also makes sense as there have definitely been instances where sites switch to HTTPS, but don’t implement correct redirects, so Google could still serve the older grandfathered HTTP URLs. While Google is still recommending redirecting HTTP URLs to HTTPS ones, this change will mean that once Google discovers the secure pages, it will use those over the non-secure ones in certain circumstances.
When there are two seemingly identical pages found by Google, one HTTPS and one HTTP, Google will now typically show the HTTPS URLs in these circumstances:
- It doesn’t contain insecure dependencies.
- It isn’t blocked from crawling by robots.txt.
- It doesn’t redirect users to or through an insecure HTTP page.
- It doesn’t have a rel=”canonical” link to the HTTP page.
- It doesn’t contain a noindex robots meta tag.
- It doesn’t have on-host outlinks to HTTP URLs.
- The sitemaps lists the HTTPS URL, or doesn’t list the HTTP version of the URL
- The server has a valid TLS certificate.
The addition of the insecure dependencies is a significant one, as this is often where websites run into problems, usually by displaying non-secure elements such as advertising or some social media share buttons, often without realizing it is an issue.
Google has really been pushing for secure sites over the past couple of years, particularly with their ranking boost for HTTPS, something they plan to make stronger in the future. So it isn’t surprising to see Google make these changes to prioritize HTTPS, especially for those webmasters who might not make the switch to HTTPS as seamless as possible.
Latest posts by Jennifer Slegg (see all)
- Google Slows Crawling With 5xx Server Errors - July 13, 2018
- Google: H Tags as a Ranking Factor - July 13, 2018
- Using Redirects Can Impact Google AdWords Quality Score - July 12, 2018
- Bing Testing Feature to Open Search Results in New Tab - July 12, 2018
- Google: Don’t Rely on Google Tag Manager for Structured Data - July 12, 2018