An SEO Guide to Migrating Website from HTTP to HTTPS

Last Updated: Dec 20, 2016 @ 5:21 pm


If you are wondering whether there is an SEO benefit of SSL migration i.e. moving your website from HTTP to HTTPS, then the answer is both yeas and no. Despite Google’s announcement last year that HTTPS encryption is an important factor in Google search engine ranking, there is no dramatic change in search position even if you do move your website from HTTP to HTTPS.

But there are more good reason than bad to switch your website to the secure version of web. Google as well as other major search engines are pushing hard to make web more secure. While offering secure surfing over Internet is one reason to switch to HTTPS there are other reasons as well as to why should be migrating your site – if you haven’t done so already – sooner than later.

An SEO Guide to Migrating Website from HTTP to HTTPS

Being secure is foremost reason and then there is the performance factor as well as SEO ranking. Secure sites also mean you get better referral data in Analytics. As an SEO or digital marketer this is one of the major benefits as the referral data from HTTPS site to HTTP site get lost and are recorded as direct traffic in the Google Analytics.

Many webmasters/SEOs haven’t yet moved to HTTPS mainly because of the confusion, some rumors or just for the heck of it. Who want to get out of their comfort zone? Right!

However with time, HTTPS could become a strong ranking signal in Google. And I am not saying this this was tweeted by none other that Matt Cutts himself:

Hopefully this simple guide on how to move your site from HTTP to HTTPS will change your perception regarding SSL migration. Migrating your site to SSL is not at all complicated if you take care of a few things.

So here’s how to move your site from HTTP to HTTPS

1. As an SEO, first and foremost thing to do when moving your site is to crawl it. The best tool for that is without a doubt Screaming Frog. This is both for comparison purpose as well as to check for redirect chains later.

2. Buy and install an SSL Certificate. Buying SSL today is very much affordable with Comodo Positive SSL certification costing only $14.85 for three years certification. You can purchase the same from SSL Shop. That’s less than 5 dollars an year. For installation detailed guide and tutorial is available on Comodo site for different servers. If you don’t have this technical knowledge just contact your developer or the server guy.

Follow these links for instructions on how to install SSL certificate for Apache, Nginx, Microsoft, WHM/cPanel.

3. Map all URL/hard coded internal links and replace them with HTTPS version link. Many CMS and developers use relative links which is the best practice. Like in a php site, instead of using href=”” it is always wiser to use <a href=”<?php echo C_ROOT_URL; ?>/page1.html”>

If such is the case you can breath easy but still you should search your database for hardcoded URLs and then find and replace with

4. Also check if your canonicals and links in template files have changed or not. Since most of the CMS use relative path it is taken care of but still you need to perform the check. Same with open graph and hreflang tags if you use them.

5. Make sure that all external scripts etc. points to HTTPS version

6. Now comes the redirection part from HTTP to HTTPS. It is a simple command in any web server. If you use Apache, which also happens to be the most widely used, you need to add just this 3 lines of code:

RewriteEngine On

RewriteCond %{HTTPS} off

RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI}

Restart your server and then test if redirects are working properly or not.

7. Check if there are any absolute URLs in your robots.txt file. If there are update them

8. Update old redirects if any which you might have made using CMS or .htaccess

9. Recrawl your site using Screaming Frog

10. Update sitemap and submit both sitemaps (HTTP and HTTPS) to a new property in Google search console

11. Enable HSTS for added security and OCSP stapling that eliminates the need for the client to contact the certificate authority thereby making your site load faster for user. If you have payment gateway on your site, do check if it is working fine after enabling ICSP stapling. In some cases enabling interferes with functioning of the payment gateways.

12. Update your Disavow file – if any – in your new search console account. You sure don’t want to Penguin hit you all over again.

13. Come to think of it. You should create a new Google Search Console Account but for the sake of data retention, just change the http parameter in your Analytics account, Both in PROPERTY and in VIEW

14. Keep check of both Analytics and Search Console for a month at least. Your HTTP version page would be decreasing in Console whereas more will be indexed in HTTPS

15.  Do make sure that you crawl your site with Screaming Frog once in a week to identify 404s or redirect chains.

The tutorial about how you can do that will come next.

If you do follow these steps, I am sure you won’t face any problem. Also in the Google Search Console…previously Webmaster Tools, use the tool Fetch as Google inside Crawl and submit your site to both desktop and Mobile:Smartphone and then click on Request Indexing and then select Crawl this URL and its Direct Links. It will help your site get indexed fast.

Post Migration: Things to Keep in Mind after Moving your Site to HTTPS

It is essential that you check daily for crawl status and errors in Google Search Console. First 15 days are vital after that you can do it on alternate days or twice, thrice a week. Any dramatic increase in crawl error could be a sign that something went wrong when you did the migration.

Use Screaming Frog tool to crawl old URLs to ensure that 301 redirects are working properly at least twice a week.

In the search console, index status as well as sitemap will give you an indication of how Google is treating your website migration. Whereas the number of indexed pages will decrease in for your old site, the number will increase for your new site. Don’t worry even if your pages are not indexed for a few days in Google Index report. You will definitely notice number of pages being crawled and indexed increase within days in sitemap report.

Monitor traffic in both Analytics and Search Console. If there are any dramatic drop in volume it is a red flag. Rinse and repeat step 1, 2 and 3. Also check if sitemap is submitted correctly. Double check if you have submitted the disavow file to the new property if your site was penalized earlier.

Reach out to the webmasters/site owners and get your old link replaced with new in as many cases as you can.

Check ranking of your main keywords. Note their ranking fluctuations if any. Whereas a short term drop is nothing to worry about sharp drop in ranking for long period of time could mean something went wrong. Again check redirects, canonical URLs and sitemaps etc.

Do not remove 301 redirects even if all pages of the old domain are de-indexed. You never know which important backlink you might lose or for that matter valuable visitors who know your name but are using HTTP version or just brand name.

I will expand this post by adding some FAQs and closing thoughts soon. Let me know through comments if you need any troubleshooting or if you have any suggestions. I will also update on how to use Screaming Frog – which I think is vital to your site migration process from HTTP to HTTPS. Till then bear with me. Bouquet and brickbats are most welcome.

Also read recent Google’s guidelines on best practices on http to https migration from SEO point of view.

(Visited 109 times, 1 visits today)

Leave a Reply

Your email address will not be published. Required fields are marked *