Making your site more secure is a really good idea for you and your users, so it’s a really good idea to get an SSL certificate anyways. However, not using HTTPS is also causing your website to lose positions in search results. Switching to HTTPS URLs is a relatively simple and straightforward SEO hack to use on your site.
Even if you’ve recently purchased an SSL certificate and migrated to an HTTPS URL, there’s still a chance you’ve got some gaps in security. Even if your domain is hosted on a secure URL, if the page has assets that aren’t Google won’t like that.
The first step is to crawl your website to find all of your URLs, both secure and not. You can use a traditional crawler, like Screaming Frog, that will compile a list of each URL and let you find all the non-HTTPS assets.
Or, use WooRank’s Site Crawl tool to find each instance of HTTPS pages hosting assets on HTTP URLs. These assets include:
- CSS files
After you’ve fixed your HTTPS pages with HTTP assets, you still have a few more things to check:
- Robots.txt: Since Google sees HTTP and HTTPS URLs as separate sites, using non-secure URLs in your robots.txt file means your robots.txt file won’t be as effective.
- Sitemap: Using non-HTTPS URLs in your sitemap could cause Google to crawl and index the unsecure URLs, which is the opposite of what you want.
- Canonical Tags: Using the wrong URL form for your canonical tag pretty much defeats the purpose of the canonical tag. Once you’ve updated your sitemap and robots.txt file, recrawl your website with Site Crawl. All your canonical tags without HTTPS URLs will show up in the Canonical section as canonical mismatches.