Still not all sites actually use HTTPS sitewide these days. According to the latest statistics from BuiltWith, only 4.2% of the top 10,000 websites redirect users to SSL/HTTPS by default. While that number appears small, the percentage drops to 1.9% for the top million sites.
Websites using SSL by Default
So, how do I migrate to HTTPS?
Nevertheless, migrating is certainly something to bear in mind over the coming months, as Google is sure to continue its push towards improved online security. So, if you do decide to implement the augmented security certificate, here’s some useful advice on how to do it right.
If your entire site is already running on HTTPS then you shouldn’t need to worry, but we still recommend that you test its security level and configuration using this SSL certificates tool. If you don’t have an SSL certificate, and are looking to incorporate HTTPS for your site, here are a few basic tips for getting started recommended by Google directly:
- Decide the kind of certificate you need: single, multi-domain, or wildcard certificate
- Use 2048-bit key certificates
- Use relative URLs for resources that reside on the same secure domain
- Use protocol relative URLs for all other domains
- Don’t block your HTTPS site from crawling using robots.txt
- Allow indexing of your pages by search engines where possible. Avoid the noindex robots meta tag
- Check out our Site move article for more guidelines on how to change your website’s address