Google Index HTTPS Pages First, Before HTTP Pages When Possible
For those that doesn’t know yet, if your WordPress pages work on HTTPS, Google will likely show the HTTPS version over the HTTP version.
At Google, user security has always been a top priority. Over the years, they’ve worked hard to promote a more secure web and to provide a better browsing experience for users. Gmail, Google search, and YouTube have had secure connections for some time, and they also started giving a slight ranking boost to HTTPS URLs in search results since 2014. Browsing the web should be a private experience between the user and the website, and must not be subject to eavesdropping, man-in-the-middle attacks, or data modification. This is why they’ve been strongly promoting HTTPS everywhere.
As a natural continuation of this, they started adjusting their indexing system to look for more HTTPS pages in 2015. Specifically, they’ll start crawling HTTPS equivalents of HTTP pages, even when the former are not linked to from any page. When two URLs from the same domain appear to have the same content but are served over different protocol schemes, they’ll typically choose to index the HTTPS URL if:
- It doesn’t contain insecure dependencies.
- It isn’t blocked from crawling by robots.txt.
- It doesn’t redirect users to or through an insecure HTTP page.
- It doesn’t have a rel=”canonical” link to the HTTP page.
- It doesn’t contain a noindex robots meta tag.
- It doesn’t have on-host outlinks to HTTP URLs.
- The sitemaps lists the HTTPS URL, or doesn’t list the HTTP version of the URL
- The server has a valid TLS certificate.
Although their systems prefer the HTTPS version by default, you can also make this clearer for other search engines by redirecting your HTTP site to your HTTPS version and by implementing the HSTS header on your server.