Page Experience Update: HTTPS

In 2014, Google called for “HTTPS everywhere.”

Fast forward 7 years. What has happened since then, and what does HTTPS mean for page experience? Find out why HTTPS is preferred over HTTP and how to check your URLs for HTTP status below.

In This Article:


HTTP protocol transfers data from a web server to a browser, thus allowing the user to view a given web page. This protocol was used for most early websites. 

Regardless of the nature of your site’s content, keeping user data confidential and secure through HTTP encryption is a key component of protecting users (and in turn, the reputation of your site). The only problem with HTTP protocol is that the information transferred between server and browser is not encrypted. As a result, this data runs the risk of getting stolen by a hacker. 

HTTPS, on the other hand, uses a variety of security layers to mitigate the risk of compromising information and is now a crucial aspect of page experience. HTTPS, or Hypertext Transfer Protocol Secure, encrypts text like credit card information or login credentials into random characters that can only be deciphered by the user or website. 

How HTTPS Protects Data

HTTPS first used SSL (Secure Sockets Layer) protocol, which was then followed by Transport Layer Security (TLS) protocol in 1999. Transport Layer Security Protocol protects user data through the following three methods: 

  1. Encryption creates an encrypted connection between the server and browser, allowing for information to be transferred safely. Any data exchanged through online activity (such as queries, cookies, and website content) is kept private. Keep in mind, however, that information like IP addresses, session duration, and domain names can still be accessed. 
  2. Authentication prevents man-in-the-middle attacks, a type of cyberattack in which a hacker intercepts communication between two parties. The attacker may relay or even alter communication between both parties.
  3. Data integrity detects any instances in which data is altered or manipulated.

HTTP vs HTTPS Performance Difference 

HTTPS protocol has a significant impact on page experience, so much so that it’s included in Google’s five signals of page experience

  1. Core Web Vitals
  2. Mobile-Friendliness
  3. Safe Browsing
  4. HTTPS
  5. Intrusive Interstitials Guidelines

Now that HTTPS protocol has been added as a page experience signal, this means that now more than ever, HTTPS has a substantial impact on the Google algorithm and on a website’s performance in SERPs.  

In order to achieve “Good page experience” status in Google Search, a page must have HTTPS encryption.

Google will look at the ratio of HTTP URLs to HTTPS to determine this status. Should your website have too many HTTP URLs, the HTTPS section will appear as “Failing.” Additionally, you will be alerted with a warning banner on your site, so you won’t be kept guessing as to the status of your site. 

How to Enable HTTPS 

To enable HTTPS on your site, you will need to acquire a security certificate from a trustworthy certificate authority (CA). Publicly trusted certificate authorities are regularly audited to ensure that they are a legitimate validation service and that their certificate issuance procedures are sound. 

Currently, Google does not list the exact number of sites on your website that have HTTPS vs HTTP protocol (it can only show the ratio). If you’re looking to switch over your URLs to HTTPs, you can identify which URLs are HTTP vs HTTPS by either creating a domain property or a URL-prefix property

Create a Domain Property 

A domain property includes all subdomains (m., www., blog., etc.) and protocols (http, https, ftp). 

  1. Create a Domain Property. 
  2. Open the Performance Report for Search in Google Search Console. 
  3. Filter URLs starting with “http://”. 
  4. This will generate the first 1,000 HTTP URLs that appear on Google. 

Create a URL-Prefix Property

If you can’t add a domain property, you can also create a URL-prefix property for your HTTP address. A URL-prefix property only includes URLs with the specified prefix (including HTTP/HTTPS protocol). 

  1. Create a URL-prefix property for your HTTP address.
  2. Open the Performance Report for Search. 
  3. View the first 1,000 HTTP URLs that appear in Google Search Results. 

Inspect HTTPS URLs

If you’re concerned that the same page has both HTTP and HTTPS versions appearing in search, there’s an easy way to check. Simply examine the URL in question with Google’s URL Inspection Tool. The tool will provide insight into whether or not the URL is appearing in search (and why not). 

If you discover that both the HTTP and HTTPS versions of a URL are indexed, be sure to implement a 301 redirect from the HTTP version to the HTTPS URL to avoid duplicate content and avoid negatively impacting your site’s SEO.

For more ways to improve your website’s health, check out these resources: 


Sign up for our newsletter for more SEO and Page Experience posts like this delivered straight to your inbox! 


We love helping marketers like you.

Sign up for our newsletter to receive updates and more: