Need Help? Talk to Our Experts
In 2014, Google called for “HTTPS everywhere.”
Fast forward 7 years. What has happened since then, and what does HTTPS mean for page experience? Find out why HTTPS is preferred over HTTP and how to check your URLs for HTTP status below.
In This Article:
HTTP protocol transfers data from a web server to a browser, thus allowing the user to view a given web page. This protocol was used for most early websites.
Regardless of the nature of your site’s content, keeping user data confidential and secure through HTTP encryption is a key component of protecting users (and in turn, the reputation of your site). The only problem with HTTP protocol is that the information transferred between server and browser is not encrypted. As a result, this data runs the risk of getting stolen by a hacker.
HTTPS, on the other hand, uses a variety of security layers to mitigate the risk of compromising information and is now a crucial aspect of page experience. HTTPS, or Hypertext Transfer Protocol Secure, encrypts text like credit card information or login credentials into random characters that can only be deciphered by the user or website.
HTTPS first used SSL (Secure Sockets Layer) protocol, which was then followed by Transport Layer Security (TLS) protocol in 1999. Transport Layer Security Protocol protects user data through the following three methods:
HTTPS protocol has a significant impact on page experience, so much so that it’s included in Google’s five signals of page experience:
Now that HTTPS protocol has been added as a page experience signal, this means that now more than ever, HTTPS has a substantial impact on the Google algorithm and on a website’s performance in SERPs.
In order to achieve “Good page experience” status in Google Search, a page must have HTTPS encryption.
Google will look at the ratio of HTTP URLs to HTTPS to determine this status. Should your website have too many HTTP URLs, the HTTPS section will appear as “Failing.” Additionally, you will be alerted with a warning banner on your site, so you won’t be kept guessing as to the status of your site.
To enable HTTPS on your site, you will need to acquire a security certificate from a trustworthy certificate authority (CA). Publicly trusted certificate authorities are regularly audited to ensure that they are a legitimate validation service and that their certificate issuance procedures are sound.
Currently, Google does not list the exact number of sites on your website that have HTTPS vs HTTP protocol (it can only show the ratio). If you’re looking to switch over your URLs to HTTPs, you can identify which URLs are HTTP vs HTTPS by either creating a domain property or a URL-prefix property.
A domain property includes all subdomains (m., www., blog., etc.) and protocols (http, https, ftp).
If you can’t add a domain property, you can also create a URL-prefix property for your HTTP address. A URL-prefix property only includes URLs with the specified prefix (including HTTP/HTTPS protocol).
If you’re concerned that the same page has both HTTP and HTTPS versions appearing in search, there’s an easy way to check. Simply examine the URL in question with Google’s URL Inspection Tool. The tool will provide insight into whether or not the URL is appearing in search (and why not).
If you discover that both the HTTP and HTTPS versions of a URL are indexed, be sure to implement a 301 redirect from the HTTP version to the HTTPS URL to avoid duplicate content and avoid negatively impacting your site’s SEO.
For more ways to improve your website’s health, check out these resources:
KEEP LEARNING SEO
Refund Policy|Terms & Condition|Blog|Sitemap