Secure your Google Ads account: The importance of HTTPS

User privacy is a matter of the highest importance for Google and for anyone doing business online. HTTPS is a secure protocol that helps protect your customers’ information by encrypting data traveling between a web browser and a web server. Google Ads recommends (and in some cases, requires) that all URLs use the HTTPS protocol instead of HTTP to protect customers’ personal and financial information.

Why HTTPS?

Trust and safety

Customer privacy is a primary concern for your business and for Google Ads. This is why Chrome will mark all HTTP pages as “not secure,” starting in July 2018.

Higher performance

HTTPS enables technologies that speed up the user experience. New performance-enhancing web protocols like HTTP/2 require HTTPS, which is one of the reasons that 81 of the top 100 sites on the web use HTTPS by default. Also, Google Ads speed-enhancing parallel tracking feature requires that all click-measuring URLs (URLs contained in the "Tracking URL" field) use HTTPS. Starting October 30, 2018, parallel tracking will become the only method for click measurement. Because of this, all Tracking URLs will need to use HTTPS.

Web norms

Because of the security and performance benefits associated with its use, HTTPS has become the standard protocol used on the web.

How to check if your site supports HTTPS

Open your website in a Chrome browser and check which of the following situations apply to you:

If you notice a green lock icon to the left of the URL, then your site supports HTTPS.
If the lock does not appear, try re-entering your website URL with “https://” instead of “http://”.
If the page doesn’t load, then your site does not support HTTPS.

Learn how to check if a website is safe to visit

Next steps

If your site supports HTTPS

Change your Google Ads final URLs and mobile final URLs to use HTTPS. There are three ways to bulk edit ads and keywords:

The bulk uploads feature within Google Ads (best for smaller accounts)
For this option, download your ads and (if necessary) keywords from Google Ads, update your URLs, and then upload your edited ads back into your Google Ads account. Learn more about making changes with bulk uploads.
The desktop tool Google Ads Editor
Google Ads API

If your site does not support HTTPS

Speak with your web developer or the administrator of your CMS platform. If you manage your own website, you can learn more at the following websites:

Next, follow the steps in the previous section, "If your site supports HTTPS," to change your final URLs and mobile final URLs in Google Ads.

Notes

When you enable HTTPS on your website, it is a recommended best practice to redirect instances of HTTP to HTTPS to make sure old links keep working and visitors to your website are redirected to secure content.
We strongly recommend that you explicitly change your final URLs and mobile final URLs from HTTP to HTTPS in Google Ads. Reliance on redirects does not provide the full security protections of the HTTPS protocol. Users' requests are not encrypted. Also, redirects slow down page load times, which affect the landing page experience, and can potentially impact your conversion rate and return on ad spend (ROAS).

Google Ads automatic redirecting to HTTPS

The best practice is to replace your HTTP URLs with HTTPS URLs. But, in some cases, if you have HTTP URLs in Google Ads and your website is detected as supporting HTTPS, Google Ads will automatically forward your clicks directly to the HTTPS version of the URL.

Starting the week of June 11, 2018, Google Ads will begin forwarding some, or all, of your HTTP clicks to HTTPS in the following situations:

If your website has implemented HTTPS Strict Transport Security (HSTS), all clicks will be forwarded to HTTPS.
If a URL is forwarded to an equivalent HTTPS URL via a 301 redirect, all clicks on that URL will be forwarded to HTTPS.

Was this helpful?

How can we improve it?