phranque - 9:26 am on Jun 28, 2013 (gmt 0)
''There are at least two reasons search engines may penalise https URLs: (a) they may consider it more likely to be a private URL and/or a misconfiguration by a hapless webmaster just asking to be taken down a notch; (b) if it's a migration from http to https, http forwarding is necessary and there might be a duplicate link penalty.''
the quoted statement is basically useless speculation and the author follows it up with this statement:
Whether (a), (b), neither, or both apply to Google or any other search engine is hard to say, because secrecy. It's a risk of unknown unknowns.
however, his post does get this relatively authoritative answer.
- John Mueller
HTTPS-only sites are fine, there's absolutely no need to shy away from that if you implement it properly. There's certainly no penalty involved with running your site on HTTPS-only when done right. A few of the things that come to mind are (definitely incomplete, just from the top of my head):
- don't forget the http->https redirect & other canonicalization things
- look into HSTS
- list the https site separately in webmaster tools (it's a different site)
- make sure the infrastructure can handle the higher load (SSL, caching, etc)
- check out the differences wrt. caching