Migration from HTTP (non-secured) version of the website to HTTPS (secured) version
August 29, 2014
It is expected that the readers of this document have already implemented HTTPS on their websites through installation of a private (dedicated) SSL certificate
Step 0 – please do a before and after speed check to see if SSL implementation affects page load in any way. If it does, then this will need to be addressed. [this topic is outside the scope of this post]
Step 1 – Check Implementation of HTTPS
If it is a small website, run Xenu or other website crawling tool on the website to ensure HTTPS is implemented throughout the website and not just few urls or few sections.
Mixed URLS (HTTP / HTTPS) in interlinking of the website is not beneficial for SEO as even if HTTP versions are 301 redirected to HTTPS version then also, it would lead to too many redirections on the server, which will result into waste of crawler bandwidth of search engines.
If you are working on an extremely large voluminous website with thousands of pages, such as an e-commerce website, instead of checking whole website, restrict your analysis to home page, categories, sub-categories, sub-sub categories and so on.
Generally, if one url at a certain level (category, sub-category, product etc.) from is using HTTPS accurately, we can safely assume that the other urls at that particular level would be using HTTPS correctly.
Also, make sure HTTPS is working fine for Robots.txt and Sitemap URLs and gzipped Sitemap URLs
Step 2 – 301 Redirect HTTP URLs to HTTPS URLs
Once, you are sure that whole website is using HTTPS, redirect 301 all HTTP URLs to their respective HTTPS versions.
This can be implemented by either writing redirect rule in HT ACCESS for Linux based web hosting servers
For Windows Hosting Servers, you can refer to
Also, update previously added redirection rules on the website with HTTPS version of URLS
Step 3. – Use of Canonical Tags
If for some reason 301 redirections cannot be setup due to server issue etc. then, add canonical tags to HTTP version of the website, which would point towards their respective HTTPS version of URLs.
Also, update any previously updated canonical tags on the website with HTTPS version of URLs
Step 4 – Ensure correct Webmaster Tools settings
Add HTTPS version of Website in Google Webmaster Tool (with both www and non-www urls ) and verify them using any of the several verification methods available within Google Webmaster Tool.
Reconfigure the following settings again for the newly added HTTPS version of the website. These settings are:
1) URL Parameters
2) Geo Targeting – Set Target Country again (not applicable to ccTLD websites)
3) Upload disavow file again (if any) for HTTPS version of website
4) Set preferred domain for HTTPS version of website
5) Crawl Rate (if modified for HTTP version of the website)
Step 5 – Robots.txt Check
1) Ensure that robots.txt is accessible via HTTPS for e.g. https://www.example.com/robots.txt
2) Update blocked URLs (if any) in robots.txt with HTTPS
3) Update Sitemap / Sitemap Index directive with HTTPS version of their paths
Step 6 – Sitemap Check
1) Ensure existing sitemap(s) or sitemap(s) index files are accessible via HTTPS protocol for e.g. https://www.xyz.com/sitemap.xml
2) Update all existing HTTP URLs in the sitemap with their respective HTTPS version