Site not served over HTTPS

HTTPS is a baseline expectation and a lightweight ranking signal. Pages still on HTTP are marked Not secure by browsers.

What it is

This check flags URLs delivered without TLS encryption. Data travels in clear text and the browser shows a Not secure label.

Why it matters for SEO

Google has used HTTPS as a ranking signal for years, and Chrome warns users away from HTTP pages, which depresses click-through and conversions.

Example

http://example.com/contact   (no TLS, browser shows: Not secure)

How to fix

1. Install a valid TLS certificate (Let's Encrypt is free).
2. Serve all pages over https://.
3. Add a site-wide 301 redirect from HTTP to HTTPS.
4. Update canonicals, sitemaps, and internal links to HTTPS.

Related checks

• Invalid SSL certificate
• Mixed content
• Non-200 HTTP status

← Knowledge base