Google has put more of its chips in on keeping the internet a safer place to browse. (This is important stuff for SEO professionals!)

They first began by encouraging site owners to transition to HTTPS/SSL since August 2014. In addition to touting secure sites as a best practice, Google has also said HTTPS-enabled sites will receive a minor ranking boost.

In the last few days, Google has announced that, given the option of identical HTTP and HTTPS pages, they will almost always choose to crawl and index the HTTPS version.

So, what’s with the recent push for HTTPS anyways?


Google’s overall rationale for encouraging HTTPS was twofold.

First, they want to ensure that all Google products – Gmail, Google Drive, and Search, for example – are safe places for users to store and share their private information.

Second, they are trying to promote a more secure internet at large. By incentivizing website owners to switch to HTTPS, they are “hoping to decrease the risk for users to browse a website over an insecure connection and making themselves vulnerable to content injection attacks.”

With the writing on the wall written this big, it’s time to move your site over to HTTPS. But, how? Never fear—BFO has a detailed checklist for you and your web team to follow as you make the transition. We’ve used this for seamless transitions on a number of major retail and technology websites.

Making the Switch to HTTPS/SSL

In transitioning a site from the HTTP protocol to the HTTPS encrypted protocol, there are a number of site changes that need to be made to ensure that the transition does not harm a site’s crawlability and organic search rankings.

Below, we’ve detailed six important changes that should be considered when making the HTTPS transition:


Your site will require a specific certificate to enable HTTPS/SSL data encryption. Google’s John Mueller said he doesn’t care what type of SSL certificate you have, so choose the option that best fits your site.

To test that your SSL certificate is in place, use the DigiCert SSL tool.


Technically, the transition to HTTPS has the ability to increase page load time. Google has gone on record saying that page load time is a factor in the organic search algorithm, as faster-loading sites offer a better user experience than slower sites.

Recent research has shown that the HTTPS transition only increases page load time by approximately 100ms. In all likelihood, page load time increases will not be a major issue. That said, we recommend that site speed is closely monitored during the transition process.

We recommend testing your page load time with and Pingdom.


When a site is transitioned to HTTPS, it is technically a brand new URL; even if all domain, sub-directory, and page names are the same, changing the protocol to HTTPS creates a new, unique URL. Anytime a new URL with identical content is created, measures need to be taken to mitigate any duplicate content risks.

With an HTTPS transition, it is recommend that a 1:1 301 redirect protocol be created to ensure that all HTTP pages are redirected to their appropriate HTTPS version. Additionally, make sure all of your canonical tags now point to the HTTPS version.

This will not only result in a seamless user experience, but it will also tell search engines where the new, appropriate version of the page can be found. Doing so will reduce the likelihood of any HTTP/HTTPS duplicate content issues.


When switching to HTTPS, webmasters need to ensure that the robots.txt and XML sitemap files reside under the same protocol.

For example, if you have switched to HTTPS on your site, correct URLs for the XML sitemap and robots.txt, respectively, would read as such:

Additionally, all URLs in the XML sitemap and robots.txt files should refer to the HTTPS version. Above all else, do not block your HTTPS site in your robots.txt! (Believe us – we’ve seen it happen.)

This should be a very high priority for your HTTPS transition, as these files are critical in ensuring the proper indexation of your site. If this situation is not handled properly, search engines may not index all of your site’s content.


In Google’s recent announcement about HTTPS indexation, they advised sites against having “insecure dependencies.” In other words, all links to web elements on the page should also use HTTPS. This includes images, videos, PDFs, JavaScript, CSS, GZip, and more.


As discussed in previous sections, HTTP and HTTPS versions of a site are treated as two different sites in the eyes of search engines. This applies to indexation, link pathways, file naming, and webmaster tool registration. Tools such as Google and Bing Webmaster Tools can offer tremendous insight into how these major engines ‘see’ your domain, especially on the more technical, indexation-related issues.

To ensure that you still have access to this important information, you will need to create a new profile and validate your new HTTPS site in the Google and/or Bing Webmaster Tools platform. There are a number of ways to do this for each platform; whichever way your webmaster decides to validate the site is fine—just ensure that it is done for the HTTPS version of the site.

Learn more here.

Stay Secure

Google has been pushing the importance of going HTTPS for the last few months. Between announcements of a small bump in organic rankings and a preference in crawling HTTPS over HTTP, the marching orders are clear. Making the HTTPS/SSL transition doesn’t have to be mysterious or difficult, though. Just consider the above details and you’ll have a much easier time making your site secure.

Have more questions about making the switch to HTTPS? Download our guide to Managing and Maximizing SEO Success below.

New Call-to-action

Also published on Medium.