Thoughts, information and reflections about technology

Are you losing SEO because your WordPress Site is not set to force https?

Are you sure that your WordPress site is set to force https? I was surprised to see Adsense warning me that my sites were not on https. I’ve had my four sites on https/ssl for over 2 years now. I did some simple tests and Adsense was correct My sites were NOT redirecting http to https. Fortunately there is a simple way to fix this. 

 

The Problem

I thought I had properly implemented HTTPS. Everything seemed to indicated that the certificates were set up properly. When I worked with the site I always saw the happy little padlock which indicates that the site is using https.

For example, if I went to www.chrismendlatech.com, I would see the following in the address bar.

Secure site indicator
Secure site indicator

If I clicked on an article, that article would also show a padlock. 

“https://www.chrismendlatech.com/2019/10/logitech-k480-bluetooth-keyboard/”

WordPress article URL showing a secure site indicator
WordPress article URL showing a secure site indicator

BUT, if I entered a link in the address bar with an http prefix such as 
“http://www.chrismendlatech.com/2019/10/logitech-k480-bluetooth-keyboard/” I found that it did NOT force https. It showed an http version. 

 

WordPress article URL showing a NON  secure site indicator
WordPress article URL showing a NON secure site indicator

Clicking on the globe showed that the page was definitely rendered via http, not https. 

 

Non secure site warning in Chrome. This is why you should force https for your WordPress sites.
Non secure site warning in Chrome

Well, that was certainly not good for a number of reasons. 

  1. Adsense might eventually ban http sites.
  2. Adsense might throttle ads to http sites. 
  3. There could be a problem with any secure forms. 
  4. Google and other search engines might apply a penalty for duplicate content
  5. You could get a search engine penalty for having a non https site. 

In other words, this is not a good situation. 

There are a number of ways people might access your site with an http link, especially for older posts:

  • Another site linked to your site before you were using https. That would mean that their link would be http. Very few sites, if any, would go through their links to look for possible changes. 
  • People may have bookmarked your site before it was https. 
  • Some people might just be in the habit of typing http://site.com. That would probably be a very small population. 

The solution to force https on WordPress Sites.

WARNING WARNING WARNING – Back up your site prior to implementing the redirection plugin or changing your .htaccess file.

Also thoroughly test your site after forcing https regardless of how you do it.

The solution turned out to be surprisingly simple in my case. I use the Redirection plugin on all of my sites.  If you haven’t installed it, install it through your plugins page. Then go to the Redirection settings by “TOOLS – REDIRECTION”   Look for the OPTIONS tab and click that 

 

Redirection Plugin Options tab
Redirection Plugin Options tab

Scroll down until you see “FORCE HTTPS”. Check the box and save the configuration

Force https for WordPress option in the Redirection Plugin
Force https for WordPress option in the Redirection Plugin

Testing if http requests are forced to https.

Note that if you are using caching such as Cloudflare, you might not see the results immediately. Try going to http versions of links to various posts and pages on your site. 

Monitor your traffic to make sure that you aren’t losing visitors or pageviews. 

Summary

I was fortunate in looking at my Adsense dashboard and scrolling down to the HTTPS notice/suggestion. Allowing http requests would have a negative impact on traffic, SEO, user experience and earnings.

Similar Posts:

Leave a Reply

Your email address will not be published. Required fields are marked *

Contact me
Archives
Categories
Recent Comments