Yet another step by Google to achieve HTTPS Everywhere
Taking another step in its crusade against HTTP, Google now redirects AdWords clicks to the HTTPS version of a URL. This is done if you have the HTTP version of a URL in AdWords and Google detects your site supporting HTTPS. In other words, Google will show the HTTPS URL instead of HTTP—if both URLs are available.
The announcement of this move was made on May 17 along with support for AMP page in AdWords. However, the latter seems to have stolen the former’s thunder with very few people taking note of it. However, we, as you know, don’t leave out a single detail pertaining to HTTPS.
Citing “faster, safer and better digital experiences” as its motives, here’s what Google wrote on its official blog:
“You want your customers to have a safe and secure experience, every time they engage with your website. But too many brands still use unencrypted HTTP to send users to their landing pages. That’s why Google strongly advocates that sites adopt HTTPS encryption, the industry standard for ensuring the security and integrity of data traveling between the browser and the website.”
The redirect to HTTPS will be done in two cases:
- If the site has implemented HTTPS Strict Transport Security (HSTS).
- If the site has HTTPS URLs equivalent to HTTP ones and redirects via 301.
To notify advertisers of this change, Google has started rolling out a notification the AdWords panel. Here’s how it looks:
Along with this notification, Google has also started warning advertisers in AdWords if they’re serving unencrypted URLs.
As good as this move by Google is, there are still chances of a user visiting HTTP URL directly or through any other source. That’s why it’s in everyone’s best interest to redirect from HTTP to HTTPS using 301.
Google has been dealing minor blows to HTTP usage for some time, and this is just one more of them. Added up, you can see exactly where Google is trying to reach: HTTPS everywhere. Having said that, the real hammer blow is yet to be delivered. Beginning this July, Google will start marking all HTTP sites as ‘Not Secure.’
I’ve already started the countdown, have you?