Criterion g5-https-ssl : HTTPS / SSL — guide + checklist

Why it matters: it is an anti-duplicate / anti-cannibalization safeguard. When poorly implemented, we often observe: ambiguity (wrong associated query), duplication between pages, or performance loss in loading time.

On high-volume generated sites, this criterion also serves as a **safeguard**: a stable rule prevents 1,000 errors at once.

Approach: express audit (manual + 1 tool). Recommended tool: **curl (headers)**.

1. Open the source code and identify the relevant element (tag/structure).
2. Check the hierarchy and consistency with H1 + intro.
3. Run a crawl to detect pages that violate the criterion.

Tip: first isolate 10 “representative” URLs (top pages + generated pages) before scaling the correction.

Strategy: fix, re-crawl, and monitor in Search Console.

• Check HTTPS + clean redirects.
• Add basic headers (HSTS, reasonable CSP) according to your stack.
• Re-test after deployment.

Then: re-crawl 50–200 URLs, then monitor Search Console over 7–14 days (impressions/CTR/indexing).

Example (illustrative):

• **Context**: FAQ page for real estate in Casablanca
• **Before**: HTTPS OK but headers missing (CSP/HSTS).
• **After**: Added HSTS + reasonable CSP + secure cookies (if applicable).
• **Note**: Goal: reduce risks and improve browser trust.

• [ ] HTTPS everywhere
• [ ] Compliance: ranking factor
• [ ] Clean redirects
• [ ] Basic headers tested
• [ ] No mixed content