Does not redirect HTTP traffic to HTTPS

May 4, 2019 — Updated Jun 10, 2020

All sites should be protected with HTTPS. See the Does not use HTTPS post to learn why and how to set up HTTPS on your server.

How the Lighthouse HTTP redirection audit fails #

Lighthouse flags pages that aren't redirected to HTTPS:

Lighthouse audit showing that HTTP traffic isn't redirected to HTTPS

Lighthouse changes the page's URL to HTTP, loads the page, and then waits for the event from the Chrome Remote Debugging Protocol that indicates that the page is secure. If Lighthouse doesn't receive the event within 10 seconds, the audit fails.

How to redirect HTTP traffic to HTTPS #

Once you've set up HTTPS, make sure that all unsecure HTTP traffic to your site is redirected to HTTPS:

Use canonical links in the head of your HTML page to help search engines figure out the best way to get to the page.
Configure your server to redirect HTTP traffic to HTTPS:

Resources #

Source code for Does not redirect HTTP traffic to HTTPS audit
Does not use HTTPS
Document does not have a valid rel=canonical

Last updated: Jun 10, 2020 — Improve article

Return to all articles