Seoxpert.io
Get started
criticalSecurity

Pages Served Over HTTP (Not HTTPS)

Pages delivered over plain HTTP expose user data, reduce trust, and receive a Google ranking penalty.

By Seoxpert Editorial · Published

Why it matters

HTTPS encrypts data between browser and server. Google has used HTTPS as a ranking signal since 2014. Chrome marks HTTP pages as "Not Secure", visibly reducing trust.

Impact

HTTPS is a confirmed Google ranking signal. HTTP pages display browser security warnings that suppress conversions.

How it's detected

Scanner checks the protocol of every crawled URL. Any URL beginning with http:// is flagged.

Common causes

  • SSL certificate not installed or expired
  • Server not configured to redirect HTTP to HTTPS
  • Hardcoded HTTP links in content or templates

How to fix it

Install a valid TLS certificate. Configure your web server to redirect all HTTP traffic to HTTPS with 301 redirects. Update hardcoded HTTP URLs in templates and database content.

Code examples

Nginx HTTP→HTTPS redirect

server {
  listen 80;
  return 301 https://$host$request_uri;
}

FAQ

Does HTTP vs HTTPS affect rankings?

Yes. Google confirmed HTTPS as a ranking signal in 2014 and has progressively increased its weight.

Related Issues

HTTPS Pages Reference HTTP Resources (Mixed Content)

HTTPS pages that load resources (like images, scripts, or stylesheets) over HTTP create mixed content. This undermines security, can break page functionality, a

high
Missing Recommended Security Headers

Missing recommended HTTP security headers leaves your site vulnerable to a range of attacks, including clickjacking, MIME-sniffing, and cross-site scripting (XS

high

Found this issue on your site?

Run a scan to see if Pages Served Over HTTP (Not HTTPS) affects your pages.

Scan my website →