Skip to main content

HTTPS Pages without HSTS

HTTPS pages which include a Strict-Transport-Security HSTS header in the HTTP response headers

Priority: Low

Impact: Negative

What issues it may causeโ€‹

If any pages are being served on the HTTP protocol without a redirect, users will be able to access them on the HTTP protocol resulting in a poorer user-experience. This may result in a higher bounce/exit rate reducing conversions.

How do you fix itโ€‹

A Strict-Transport-Security HSTS header should be included the response headers on all HTTPS URLs.

What is the positive impactโ€‹

Users who have interacted with an HTTPS page that contains an HSTS header will be automatically redirected in the browser from any HTTP URLs on the same domain to the HTTPS equivalent, resulting in fewer pageviews of HTTP URLs, and a more secure experience.

Users will not see any further pages as insecure, resulting in an improved user-experience and a lower rate of bounce back to search results. This may positively impact the rankings and increase traffic.

How to fetch the data for this report templateโ€‹

You will need to run a crawl for report template to generate report. When report has been generated and you have crawl id you can fetch data for the report using the following query:

query GetReportForCrawl($crawlId: ObjectID!, $reportTemplateCode: String!) {
  getCrawl(id: $crawlId) {
    reportsByCode(
      input: {
        reportTypeCodes: Basic
        reportTemplateCodes: [$reportTemplateCode]
      }
    ) {
      rows {
        nodes {
          ... on CrawlUrls {
            pageTitle
            url
            foundAtUrl
            deeprank
            level
            hsts
            https
            redirectedToUrl
            foundInGoogleAnalytics
            foundInGoogleSearchConsole
            foundInBacklinks
            foundInList
            foundInLogSummary
            foundInWebCrawl
            foundInSitemap
          }
        }
      }
    }
  }
}

Try in explorer