Last Updated on January 17, 2020 by Christopher G Mendla
Are you sure that your WordPress site is set to force https? I was surprised to see Adsense warning me that my sites were not on https. I’ve had my four sites on https/ssl for over 2 years now. I did some simple tests and Adsense was correct My sites were NOT redirecting http to https. Fortunately there is a simple way to fix this.
The Problem
I thought I had properly implemented HTTPS. Everything seemed to indicated that the certificates were set up properly. When I worked with the site I always saw the happy little padlock which indicates that the site is using https.
For example, if I went to www.chrismendlatech.com, I would see the following in the address bar.
If I clicked on an article, that article would also show a padlock.
“https://chrismendlatech.com/2019/10/logitech-k480-bluetooth-keyboard/”
BUT, if I entered a link in the address bar with an http prefix such as
“http://www.chrismendlatech.com/2019/10/logitech-k480-bluetooth-keyboard/” I found that it did NOT force https. It showed an http version.
Clicking on the globe showed that the page was definitely rendered via http, not https.
Well, that was certainly not good for a number of reasons.
- Adsense might eventually ban http sites.
- Adsense might throttle ads to http sites.
- There could be a problem with any secure forms.
- Google and other search engines might apply a penalty for duplicate content
- You could get a search engine penalty for having a non https site.
In other words, this is not a good situation.
There are a number of ways people might access your site with an http link, especially for older posts:
- Another site linked to your site before you were using https. That would mean that their link would be http. Very few sites, if any, would go through their links to look for possible changes.
- People may have bookmarked your site before it was https.
- Some people might just be in the habit of typing http://site.com. That would probably be a very small population.
The solution to force https on WordPress Sites.
WARNING WARNING WARNING – Back up your site prior to implementing the redirection plugin or changing your .htaccess file.
Also thoroughly test your site after forcing https regardless of how you do it.
The solution turned out to be surprisingly simple in my case. I use the Redirection plugin on all of my sites. If you haven’t installed it, install it through your plugins page. Then go to the Redirection settings by “TOOLS – REDIRECTION” Look for the OPTIONS tab and click that
Scroll down until you see “FORCE HTTPS”. Check the box and save the configuration
Testing if http requests are forced to https.
Note that if you are using caching such as Cloudflare, you might not see the results immediately. Try going to http versions of links to various posts and pages on your site.
Monitor your traffic to make sure that you aren’t losing visitors or pageviews.
Summary
I was fortunate in looking at my Adsense dashboard and scrolling down to the HTTPS notice/suggestion. Allowing http requests would have a negative impact on traffic, SEO, user experience and earnings.