Enforce HTTPS (redirect http→https)

HTTPS is a confirmed ranking signal and a hard trust requirement — browsers flag plain HTTP as “Not secure”, killing conversions. Serving both http and https without a redirect also splits ranking signals across duplicate URLs.

How to fix

Issue a single permanent 301 from http:// to the https:// equivalent at the edge or web server, and add HSTS so browsers skip the insecure hop entirely.

# nginx
server {
  listen 80;
  server_name example.com;
  return 301 https://$host$request_uri;
}

---

Detected automatically by the SEOlvl SEO Health audit (check https). Run a free audit or see the full issue library.