Google: Want To Switch To HTTPS? Go Ahead!

Google’s Matt Cutts said on a Hacker News comment that those who are interested in switching their whole web site from http to https should go ahead and do that.

I spotted this comment in response to Facebook going HTTPS by default, where someone mentioned that Google may have an issue indexing HTTPS content. Matt Cutts, Google’s head of search spam, said no – they index it fine and you can “feel free to go HTTPS” at this time.

This is interesting in that we know since Google switched to HTTPS on Google search by default, that the [not provided] statistic in analytics packages have caused a lot of concerns for marketers. In theory, switching your website from http to https, should enable the referrer data to be passed from Google HTTPS to your site and analytics, if you are running HTTPS on your domain as the default.

You should keep in mind, switching your whole site to HTTPS can slow the load time of your pages and take up more processing power on your server. But if you have ample server resources you may want to consider it, especially if you site has sensitive or personal data on your users.

Sites like Google, Twitter and Facebook now default many of their services to HTTPS – so it is not just the checkout process, your bank or credit card companies anymore.

Here is an older video from Matt on HTTPS and Google:

Postscript: I’ve tested to see if Google will pass the query parameter from the default HTTPS version of Google to an HTTPS web page. Google does not pass the query parameter even from HTTPS to HTTPS, they are still stripping it off. So switching your site to HTTPS for the purpose of obtaining the query parameter will have no benefit.

Related Topics: Channel: SEO | Google: Secure Search | Google: Security | Google: SEO | Google: Web Search


About The Author: is Search Engine Land's News Editor and owns RustyBrick, a NY based web consulting firm. He also runs Search Engine Roundtable, a popular search blog on very advanced SEM topics. Barry's personal blog is named Cartoon Barry and he can be followed on Twitter here. For more background information on Barry, see his full bio over here.

Connect with the author via: Email | Twitter | Google+ | LinkedIn


Get all the top search stories emailed daily!  


Other ways to share:

Read before commenting! We welcome constructive comments and allow any that meet our common sense criteria. This means being respectful and polite to others. It means providing helpful information that contributes to a story or discussion. It means leaving links only that substantially add further to a discussion. Comments using foul language, being disrespectful to others or otherwise violating what we believe are common sense standards of discussion will be deleted. Comments may also be removed if they are posted from anonymous accounts. You can read more about our comments policy here.
  • 1918

    “in theory” – always a dangerous way to start a thought

  • 1918

    “in theory” – always a dangerous way to start a thought

  • RyanMJones

    maybe Matt can correct me here. but I was under the impression that Google was stripping the keyword on their site before doing the redirect, so even if you go HTTPS the keyword won’t be present in the referer since Google does an intermediary redirect after you click on results.

  • Andrew Shotland

    I am looking at an all-https client’s analytics and 50% of the keywords are hidden

  • Barry Schwartz

    easy to test

  • RyanMJones

    also, switching to SSL when not needed is a bad idea for the reasons you mention above. Added latency, extra bandwith, and some edge case coding issues.

  • Giacomo Pelagatti

    “In theory” yes, but in practice it doesn’t work like that: I tested more than a year ago, as soon as the change was released. The browser does send a referrer from, but the query parameter (“q”) is stripped from it. I’m quite surprised you seem to don’t know this, Barry.

  • Barry Schwartz

    I was pretty sure Google told us it would pass the query from https Google to your https site.
    I’ll test this myself.

  • Giacomo Pelagatti

    Last time I tested, only worked like that. Let us know!

  • Guest

    Super-easy testing:
    1. Go to
    2. Click on 1st (organic) result.

  • Bron Vourtis

    I’m also looking at the analytics for a site that was changed to all https just on a year ago and at least 30% of the keywords for the past Q are (not provided)

  • Giacomo Pelagatti

    Sorry, I posted the wrong instructions, so I deleted my comment. :)

    Here they are (corrected):
    1. Go to
    2. Click on 1st organic result (which is on HTTPS); your referrer will be displayed in a box near the bottom of the page.

    1. Go to
    2. See step 2 above.

  • Giacomo Pelagatti

    ^This here is my previous comment, which I deleted. :/
    You can use [] to see what happens when clicking from HTTPS -> HTTP (or HTTP -> HTTP).

  • Kelvin Jones

    I was under the impression that the ‘not provided’ keywords were signed in users to protect their privacy. Buf from what I’ve seen, and its only my theory on it, impressions dont change wildly on sites that have higher ‘not provided’ keywords… instead they step and stay at that rate for a few days. My opinion is that Google are A/B testing the best keywords to offer your site and letting you have seach impressions, that way they can see whether their results are better by monitoring the ctr and bounces etc. It could also be a way to prevent fresh updates that may take into account new links/keywords, from becoming transparent. Google realised that if we all were honest with eachother and pooled our data we’d suss the algorithm out. ClusterSEO

  • Barry Schwartz

    So I tested it last night and Google still blocks the query parameter even to an HTTPS page. I’ve updated the post to reflect that.

  • Forrest Corbett

    Sorry but your comment about the overhead of SSL is misleading. It really adds very little overhead, and some would say none.
    “On our production frontend machines, SSL/TLS accounts for less than 1% of the CPU load, less than 10KB of memory per connection and less than 2% of network overhead. Many people believe that SSL takes a lot of CPU time and we hope the above numbers (public for the first time) will help to dispel that.”

    If you stop reading now you only need to remember one thing: SSL/TLS is not computationally expensive any more.”

  • Andy Gambles

    100% HTTPS is not a problem. We did it more than 5 years ago. Positive aspects at the start were lower bounce rate and higher conversions (split tested EV Green Address bar). But then we sell SSL so it made sense for us to do it.

    You still get [Not provided} even with an SSL site. Ours is tipping 83% of traffic (unless of course you are willing to pay for adwords then they tell you the terms :))

  • Giacomo Pelagatti

    Thank you for updating the post.


    easy to check

Get Our News, Everywhere!

Daily Email:

Follow Search Engine Land on Twitter @sengineland Like Search Engine Land on Facebook Follow Search Engine Land on Google+ Get the Search Engine Land Feed Connect with Search Engine Land on LinkedIn Check out our Tumblr! See us on Pinterest


Click to watch SMX conference video

Join us at one of our SMX or MarTech events:

United States


Australia & China

Learn more about: SMX | MarTech

Free Daily Search News Recap!

SearchCap is a once-per-day newsletter update - sign up below and get the news delivered to you!



Search Engine Land Periodic Table of SEO Success Factors

Get Your Copy
Read The Full SEO Guide