Recently, Google announced the rollout of the HTTPS Report feature in the Google Search Console. Let’s get to know what is HTTPS report and how to check it in your Google Search Console account. Also, I will discuss the most common errors that cause URLs to not serve over HTTPS.
We all know how important an HTTPS protocol is for a website. It is a must practice for every webmaster to make sure the website and all its URLs are serving over HTTPS protocol. But, even after migrating the website from HTTP to HTTPS, we, sometimes, miss some URLs. And it is quite difficult to check all the URLs one by one, especially for a content-loaded website. To help webmasters get rid of this problem, Google launched the HTTPS Report.
How to Check HTTPS Report of Your Website in Google Search Console?
HTTPS Report is a new feature of Google Search Console that will help webmasters to know which indexed URLs of the website are serving over HTTPS and HTTP. And it will also tell all the errors why the URL is not served over HTTPS.
HTTPS Report will show you a graph of Non-HTTPS URLs and HTTPS URLs. And below this graph, you will also get to see all the errors.
To check the HTTPS Report of your website, Login to your Google Search Console account, choose your website property, scroll down the left menu to the Experience section, and click on the HTTPS option. Here, you will see the HTTPS Report of your website added to the Google Search Console.
Due to any reason, if you are not able to see the HTTP option in the Experience section, you can directly go to the HTTPS Report with this link. Make sure to log in to your Google Search Console account and choose the website property.
The Errors Behind Why URLs Are Not Serving Over HTTPS
For every non-HTTPS URL, the HTTPS report will show you reasons why pages are not serving over HTTPS. The report even indicates the exact issue or error with the pages that are not serving over HTTPS. Now, I will discuss some of the common errors that lead to HTTP URLs instead of HTTPS URLs.
1. HTTP Marked with Canonical Tag
This error occurs when you mistakenly mark the HTTP version of your URL with a canonical tag instead of marking the HTTPS version as canonical. When you have both versions (HTTP and HTTPS) of your URL indexed in Google, it’s important to mark the HTTPS version as canonical. This tag indicates to Google that this is the most appropriate version of the indexed URL and only the URL marked with a canonical tag should be crawled and indexed.
How To Fix?
There are two ways to fix this error. Either you can redirect the URL from HTTP to HTTPS or add the canonical tag with the HTTPS version of the URL. There are some methods to specify a canonical page explained by Google. See, if you have similar pages, then it is better to redirect them to the most appropriate versions of those pages.
2. Invalid SSL Certificate
SSL (Security Socket Layer) certificate is an important part of HTTPS. If any website has an SSL certificate, only then it will serve on an HTTPS certificate because the SSL certificate ensures Data encryption between the browser and web server.
Although maximum websites have the SSL certificate, sometimes they get an error. Because of this error in the SSL certificate, Google removes the HTTPS certificate from the website. There might be various reasons for an invalid SSL certificate error such as the certificate being expired, having an unauthorized certificate, etc.
How To Fix?
Almost all web hosting companies provide free SSL certificates with their hosting plans. So, if you are facing any type of error related to your SSL certificate, contact your hosting company. Either your web host will renew the expired certificate or install a new SSL certificate.
3. Sitemap Points To HTTP
If you have uploaded a Sitemap to Google Search Console in which many HTTP URLs are marked as canonical, then it could be the reason for HTTP URLs being indexed in Google.
How To Fix?
If you are facing this kind of error in your HTTPS report, you need to remove the canonical tag from HTTP URLs and apply it to HTTPS URLs, or you can just redirect the URLs from HTTP to HTTPS. Once done, generate a new sitemap and resubmit the sitemap to Google Search Console.
4. HTTPS to HTTP Redirection
Sometimes it also happens, an HTTPS URL is redirected mistakenly to its HTTP version. If any such redirection is working on any URL of your website, it will show as an error in the HTTPS report.
How To Fix?
To solve this issue, you have to remove the redirect. You can remove redirects on WordPress in two ways. If you have redirected using the plugin, then you can remove the redirects from that plugin.
The second way to remove the redirect is the .htaccess file. Actually, it’s the .htaccess file that handles the redirects. If any wrong redirect is working on your website, you can either remove it from the .htaccess file or overwrite the correct one.
But remember one thing, it is too risky to do edits in the .htaccess file. If you make a mistake, you can lose access to your website. So, it is better to contact your hosting provider to do it for you.
5. HTTPS URL Blocked in Robots.txt
In case you don’t know, Robots.txt is a type of text file that indicates Google to crawl or not crawl the page. Although this is a useful tool for webmasters, it can leave some negative results as well.
If by mistake any URL of the website is blocked in the robots.txt file, Google might deindex it. And if there are two versions (HTTPS and HTTP) of that URL available and the HTTPS version is blocked in robots.txt, it might index only the HTTP version of that URL. This might cause that HTTP URL to show in HTTPS report errors.
How To Fix?
Here, you have to make changes in your robots.txt file and remove the blocked URL from there. There are many methods for editing the robots.txt file. If you are using an SEO plugin like All in One SEO and Rank Math SEO, your task can be easier as they allow you to edit the robots.txt.
Otherwise, you can download the website’s robots.txt file through the FTP, remove the URL from there, and then upload the robots.txt file again. If you are not good at these things, you should get help from your web host to remove the blocked URL from the robots.txt file. Most web hosts get this task done in just a few seconds.
6. HTTPS Not Evaluated
A website has an HTTPS certificate, but because of some reasons, Google cannot evaluate it. User errors (4**), Server errors (5**), Google mistakenly recognizing HTTP URLs instead of HTTPS, countless errors on the website, side-wide errors, not crawled URLs, etc could be reasons for this.
How To Fix?
- To reduce user error, you should not delete more pages or posts, redirect broken links, use user error-killing plugins, etc.
- To resolve the server error, you should contact your hosting company.
- If Google recognizes the HTTP URL instead of HTTPS, then properly set HTTP to HTTPS redirect or add a canonical tag to your HTTPS page.
- To deal with site-wide errors, your website’s errors like No SSL Certificate, Post SSL Certificate, Mixed Content, etc. Identify and resolve them ASAP.
In the end, after resolving all these errors from your side, validate the fix on Google Search Console. So that Google can recheck these errors and put the HTTPS with URLs.
Google has rolled out this new HTTPS report after the announcement, which will continue for the next few months. It can be proved as one of the best tools for webmasters and a great addition to the Google Search Console.
Through the HTTPS report, webmasters will find errors related to the performance and security of their website, so that they will improve further.