HTTPS in organic results, no SSL - Google Search and SEO forum at WebmasterWorld - WebmasterWorld

Forum Moderators: Robert Charlton & goodroi

Message Too Old, No Replies

HTTPS in organic results, no SSL

smallcompany

5:37 am on Jun 12, 2017 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member

Top Contributors Of The Month

A few days ago, I have moved a website (local organization that I help) to another provider. Now I got questioned by people why it does not work, just to realize that Google would show it in organic results as HTTPS version.
The site has never been HTTPS nor had any sort of SSL certificate installed.

Hm... cough, cough.

I could only think that the previous provider served both versions, for whatever reason. I thought that the website could not be HTTPS if the certificate is not installed.

The interesting part is that there is another website, same organization, served as HTTP (as it should be), and both websites went through the same procedure of a movement to a new webhost.

One difference at the moment though... I'm switching the domain name provider as well, the site that has trouble with HTTPS is currently being transferred. The "ok" one is done with the transfer.

But... organic results... even though Google reflects some stuff very quickly, I don't think domain registrar change could affect it this fast, even if that is theoretically possible.

Anyway, I would appreciate your input about where to start. BTW, websites have never been submitted to WMT as https.

Thank you

Peter_S

1:16 pm on Jun 12, 2017 (gmt 0)

Top Contributors Of The Month

Google tests if an HTTPS version of a site exists , and if does, it indexes this version.

So if your site listen on both HTTP and HTTPS ports, Google will use the HTTPS one. So it's possible your new host is set up to listen on both ports. It's also possible they include a generic, or self signed SSL certificate.

robzilla

9:17 pm on Jun 12, 2017 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member

Top Contributors Of The Month

A registrar change won't affect your rankings so long as you keep the nameservers intact.

If a site's SSL certificate is invalid, you should see notifications of that in the Search Console.

smallcompany

9:36 pm on Jun 12, 2017 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member

Top Contributors Of The Month

Thanks.

I'm still puzzled. When I do a site query (site:example.com), both some pages come up as https, and other as www.

I just went back and logged into the old cpanel (shared hosting), and there was nothing there that would point to any sort of SSL.

Is it possible to look for a certificate of the website? I would like to see if that really exists(ed).

Thanks

P.S.
I find it challenging to get HTTPS requests go to HTTP since the site is on WordPress. Plain redirect via .htaccess does not work.

lucy24

11:09 pm on Jun 12, 2017 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member

Top Contributors Of The Month

Plain redirect via .htaccess does not work.

Well, we've got a WP subforum and an Apache subforum. Between the two of them, they'll get it figured out for you. (Crystal ball says you need to put the redirect immediately before the WP section of your htaccess. Try that first.)

smallcompany

2:34 am on Jun 14, 2017 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member

Top Contributors Of The Month

Thank you.

Interestingly, I just checked and it's showing "WWW" now, meaning HTTP. So I guess we're back to normal. :)

keyplyr

7:38 am on Jun 14, 2017 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member

Top Contributors Of The Month

Just a reminder, if you need a cert, you can get a free one at Lets Encrypt [letsencrypt.org]

topr8

1:31 pm on Jun 14, 2017 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member

Top Contributors Of The Month

glad you got it sorted, just for reference

>>Plain redirect via .htaccess does not work.

if the apache config file is not set up to listen on port 443 for your website then none of your files would be called by the server, therefore no htaccess rules would be followed anyway as they aren't even being seen. [to put it simplistically!]

>>Just a reminder, if you need a cert ...

i concur with keyplyr, once you learn how to use Let's Encrypt, it is easy to set up certificates for all your domains and subdomains [and there are plenty of online tutorials explaining how to]