Ranking benefits might come at a later date.

Don't hold your breath

There are plenty of major organizations and other entities that still haven't switched their sites to https.

For example, I just noticed that imdb.com (Internet Movie Database) is still http. This is one of the highest-traffic sites on the web.

I suspect that the big changes in ranking may happen in tandem with the speed benefits resulting from http/2 implementation.

I still not recovered after going over to https 30% loss its been 3 months now.

It was a way to re-evaluate my pages and I think to be fair some should have lost rank but others should not have, I am just waiting now and improving but who knows! I am outranked by http now.

I am outranked by http now.

Maybe that http site has better, more-useful content than your https site.

I switched to HTTPS for our main information site (using CloudFlare Pro's "Flexible" scheme and "Always Use HTTPS" setting) a few days ago.

So far, so good. (CloudFlare's "Always Use HTTPS" feature is a lifesaver, in my opinion: Because it rewrites internal HTTP links to HTTPS, I can take my time in changing internal links that point to HTTP pages.)

65% loss here, since i switched to https 100 days ago
main keyword ranking dropped from #2 to #6

The most troubling aspect of my switch to HTTPS has been link loss.
When I began the switch, I had 30,000 links to my top page.
My links started disappearing. On one day, I went from 10,000 to 7,500 links for this page. Today, it is 5,100.
I was improperly redirecting to HTTPS, for 3 months (not redirecting). Now, Google has finally reindexed all my pages to HTTPS.
Do you suppose that any of those links will ever return?
Or were they deemed cr@p links for some other reason? Seems unlikely, since SO MANY disappeared, SO QUICKLY.
.

Sally I hate to say I told you so, but then again I did......

There is I believe a filter you go through when you 301 links to https, not all of the links make it through and this causes a drop in rankings. They encouraged everyone to go secure but omitted to tell people there links could then be filtered in the process.

I went back and read your post on page 1, and I must admit that seems like a very plausible explanation for my situation.

Is this right?
1. You gotta do it, because there will be even bigger issues if you don't, and
2. suffer the accompanying slings and arrows, including the loss of many valuable long-time authoritative links
3. Sooner will be better than later, now is best.

Anyone know how the HTTPS link filter works?
--- Must all credited links come from an HTTPS site? Is that it?

So, there is the"switch-to-https" penalty.
Old, long time links will become worthless, since most came from http sites.
In the future, more links will come from https sites, which will create a de facto "recent-link-authority" index.
.

I was improperly redirecting to HTTPS, for 3 months (not redirecting).

Of course inbound links will become worthless if you don't redirect. But that's not a filter... that's carelessness. It would happen with any url change that's not properly 301ed.

Not so much carelessness, as ignorance.
As far as programming, I am a lay person, not sophisticated.

My web host switched over to the "Plesk" system.
I was assured that the redirection was handled in the htaccess file, which I looked at, but had no understanding of.
MY sin was not checking the redirection (it didn't work). Blind faith is a poor servant, and a dangerous strategy.
It was later implemented in the secret plesk control panel, and does work now.

One can acquire painful penalties when one does not know what one is doing.
.

I manually switched all my websites to https 18 months ago (I don't use CF of another CDN anymore) and I didn't experience any traffic and/or Adsense revenue drop whatsoever; my traffic is about 70% higher now and ADsense revenue has almost doubled, instead; both started climbing almost immediately after the move. Within three or four days Google completely reindexed all my websites' pages (more than 3,000) and dropped the http version from the SERP. I can't figure out any reason why moving to https can be detrimental for your traffic, unless:

- the SSL certificate is somehow a bad or untrusted one
- 301 redirections weren't correctly of fully implemented (both at an .htaccess and a Wordpress config level, if your sites are made with WP)
- your websites have mixed content (images still with the old http address, for example); yet, if you are using WP, there are free plugins which rewrite all the internal links for you in minutes, including images'
- you didn't take some time to update all the inbound links you have access to from http to https

My humble suggestion, if you experienced a traffic drop after moving to https, is to check if any of the above is true, and amend what's wrong with them; thereafter, you should see a positive effect in just few days

@riccarbi

I second your thoughts. I made a huge move on both of 15,000+ page sites back in October.

I saw no immediate improvement, but no losses either. After 10 weeks, rankings climbed a little overall.

I followed the detailed check list on movingtohttps.com and had an outside SEO verify all my changes. I spent a day formulating the plan and less than 3 hours to implement it over the 2 sites.

After moving to https (2 months ago), 38% drop in visits/rankings! Checked every single step, but everything seems fine.

As I understand it, Google has said that its algorithm currently treats http and https sites exactly the same in determining their search rankings. This could explain why so many http sites are still ranking high in the results.

So the traffic changes that some members have reported after switching to https are probably due to other factors. Technical errors in the new implementation are one obvious possibility, although some members have insisted that they didn't make any errors yet still suffered traffic losses. Sometimes I see popup warnings for invalid or expired certificates which might cause problems.

At some unknown time in the future, google's algorithm reportedly will use https as a "tie-breaker" when other factors give virtually the same ranking score. This would have a very minor effect. But bigger factors could eventually come into play, such as site speed and user-reactions to "non-secure" and "invalid certificate" warnings.

Meanwhile, if you have an http site that is still doing well, why risk making a switch at this point when you can just as easily do it later.

Not so much carelessness, as ignorance.

Thanks, Sally. I pretty much thought that this might have been the case, but I wanted to give you every benefit of the doubt.

I also want to debunk the notion that there's a special "filter you go through when you 301 links to https" The move to https is not a "trap" set up by Google.

I'm still not understanding your earlier post, though, where you say...

I went back and read your post on page 1, and I must admit that seems like a very plausible explanation for my situation.

What is it that sounded plausible, when you admit you hadn't checked your redirects to make sure that they worked, and, when you did, found out that they'd been done incorrectly?

Google seems to be digesting our https URLs pretty quickly. (I just changed the site over quite recently, and Search Console is showing quite a few of the pages indexed.)

My sites have plummeted in the rankings since switching to https. Initially my sites had a 'B' rating at ssllabs.com, but since moving to a newer platform, and gaining 'A' rating, the situation has worsened further.

The only theory that makes sense, is that older links have been re-evaluated somehow, and that is why my sites have lost positions. My sites are all quite old (10 - 15 years), and many of the inbound links are old too.

Is there a consensus that it is older sites that are losing their ranking after switching to https?

I can’t see google reevaluating bazillions of links. maybe they just lose a bit of juice when they go through a 301, so you’re losing juice off of hundreds or thousands of links at once. The less links you have, the more of an effect it has

I can’t see google reevaluating bazillions of links. maybe they just lose a bit of juice when they go through a 301, so you’re losing juice off of hundreds or thousands of links at once. The less links you have, the more of an effect it has

Could be. All we can do here is report the symptoms and try to figure out the causes based on that.

Also, I don't think that anyone is saying that Google are deliberately penalising sites for switching to https, however there are way too many site owners complaining about this issue for it not to be real. The question is still why sites drop in rank after the switch, and there is still no consensus. It may well be a bug in Google's algorithm.

Don't forget that all pages are being reevaluated right now and for the next couple months. We are right in the middle of a slow rollout of the Mobile-First Index [webmasterworld.com]

Don't forget that all pages are being reevaluated right now and for the next couple months. We are right in the middle of a slow rollout of the Mobile-First Index [webmasterworld.com]

Plenty of non-mobile-friendly sites now outranking mine that did not do so before.
My sites are all mobile friendly.

It does look like a pagerank hit, where all my pages have dropped since making the change to https.

If you're using a CDN you may want to make sure it's properly configured, especially if you're using pull origin. You can test this by running your page through [webpagetest.org...] to see if you're getting an F score for "Cache static content". In that instance, you'll see css/js/svg/font/static files being rejected from the CDN and served from your domain instead.

1) Make sure HTTP/2 is activated on your server. For instance, Apache requires you to install the mod_http2 module. You can use the following site to determine if your site's been configured for HTTP/2: [tools.keycdn.com...]

2) When transitioning to HTTPS you may activate HTTP/2, but the CDN may have an old configuration set to only support versions HTTP/1.1, HTTP/1.0. You'll have to update its settings to accept all three: HTTP/2, HTTP/1.1, HTTP/1.0

3) Check the CDN's origin SSL protocols. It may be set to TLSv1 and SSLv3 when it should probably be set to just TLSv1.2 or at least TLSv1.2, TLSv1.1, and TLSv1

4) Check the CDN's origin protocol policy (how the CDN should connect to your site) to make sure it's not set to only HTTP. It should either be set to HTTPS or match protocol.

5) Make sure your CDN whitelists the "origin" header, otherwise your static files may not be cached according to the settings established by your server. For instance, if your site is setup to instruct browsers to cache CSS or JS files for an extended period of times (e.g., months, one year) and your CDN is set to reject your response headers, none of your caching rules will take effect which means your visitors aren't getting an optimum cache experience. Some CDNs will reject any headers you send for optimization purposes unless you instruct otherwise.

6) Make sure you're starting with a small HSTS setting of around 5 minutes and increment upward over time once things are looking good. The following website will test your site for HSTS and provide recommendations on how to increment it over time:
[hstspreload.org...]

7) Take a look at HTML5 Boilerplate Server Configs for how to optimize your server, especially for SSL and HTTPS: [github.com...]

8) If you're using WordPress Yoast SEO plugin, you may want to check your sitemap to make sure the links are pointing to the "https://" links. If not, deactivate just the sitemap setting (not the entire plugin) then reactivate to fix.

9) When you're done, run your site through both [webpagetest.org...] and [ssllabs.com...] to make sure nothing is awry.

10) This should be obvious and previously mentioned, but make sure your 301 HTTP to HTTPS redirects are in place.

It does look like a pagerank hit, where all my pages have dropped since making the change to https.

Were there any other sitewide changes at the same time, or just the move to https?

Other structural changes will take Google some time to figure out.

It does look like a pagerank hit, where all my pages have dropped since making the change to https.

Were there any other sitewide changes at the same time, or just the move to https?

Other structural changes will take Google some time to figure out.

Just the move to https.

The same here. It was just move to https.

Although we do not use HSTS, but we set the SSL properly.

Note: We do not use rel=canonical since we use 301 redirects and have responsive layout. Is rel=canonical still necessary?

Maybe google should have held off on pushing this switch to https until the process is improved and streamlined, and the risk of losing traffic is reduced. I can understand why ecommerce sites would need https, but for static article sites, concerns about security are being greatly overblown.

But because of the unnecessary atmosphere of rush that google has created, I've been looking at options for how to make the switch to https for my sites, but haven't found anything I like.

Because there are still lots of large organizations on http sites, I doubt that google will take any more concrete steps to push this further for some time. So I'm waiting to see what develops.

@aristotle

Well, you may wait for the better times ... anyway browser msgs are going to irritate your users as well, and I'm pretty sure it will affect the SERPs, if not now, then pretty soon.

The main issue is with backlinks. Obviously the Google SE algo is still not conversant with redirecting backlinks from http to https, although we used several channels to inform googlebot as well as using GWT account, sitemaps and 301 redirects which should point him to the right direction. It seems this part is still not working as it should or as they officially state (although I cannot remember I read any official announcement on google blogs regarding this, except 'random google guy told me' stories).

At this point out traffic decreased 30% and still no signs of recovery. Some SERPs just vanished and some are crumpled somewhere below 2nd SERP. We run content related community (ugc + authority content) for almost 10 years and this kind of a decrease/increase flux was noticed only during some b&w-algo-change eras (Panda/Penguin).