It’s no secret that Google, and other search engines for that matter, prefer to protect their users by favoring a secure web browsing experience. Last year, Google announced that they would give a slight ranking boost to HTTPS URLs in search results. As of today, they’ve made another step towards more security by adjusting their indexing system to look for more HTTPS pages.
“As a natural continuation of this, today we’d like to announce that we’re adjusting our indexing system to look for more HTTPS pages. Specifically, we’ll start crawling HTTPS equivalents of HTTP pages, even when the former are not linked to from any page. When two URLs from the same domain appear to have the same content but are served over different protocol schemes, we’ll typically choose to index the HTTPS URL”
Several conditions were listed for instances when HTTPS would be chosen over HTTP, though sometimes these can get confusing. To make it easier for you, I’ve compiled a short checklist for reviewing your clients’ sites and planning for a more secure web experience, and hopefully better rankings. *Fingers crossed*
- Check redirects from HTTP to HTTPS
- Does every page redirect? Is it just the homepage or current navigation?
- Are they 301s?
- Check internal links
- Do internal links point to HTTP or HTTPS?
- If proper redirects are in place this isn’t an immediate need, but eventually switching the internal links to HTTPS will reduce chance of errors with redirect chains
- Canonicals, Alternates and Open Graph should all use HTTPS URLs as well
- Check that Webmaster Tools for HTTPS versions
- If you’re only tracking the HTTP version, add the secure version as well
- Check XML sitemaps
- are HTTP or HTTPS URLs used in sitemaps? If HTTP, make sure the sitemaps are updated to include the HTTPS version instead
- Check Robots.txt files
- Ensure that HTTPS URLs aren’t blocked for any reason