User privacy is a matter of the highest importance for Google and for anyone doing business online. HTTPS is a secure protocol that helps protect your customers’ information by encrypting data traveling between a web browser and a web server. Google Ads recommends (and in some cases, requires) that all URLs use the HTTPS protocol instead of HTTP to protect customers’ personal and financial information.
Trust and safety
Customer privacy is a primary concern for your business and for Google Ads. This is why Chrome will mark all HTTP pages as “not secure,” starting in July 2018.
HTTPS enables technologies that speed up the user experience. New performance-enhancing web protocols like HTTP/2 require HTTPS, which is one of the reasons that 81 of the top 100 sites on the web use HTTPS by default. Also, Google Ads speed-enhancing parallel tracking feature requires that all click-measuring URLs (URLs contained in the "Tracking URL" field) use HTTPS. Starting October 30, 2018, parallel tracking will become the only method for click measurement. Because of this, all Tracking URLs will need to use HTTPS.
Because of the security and performance benefits associated with its use, HTTPS has become the standard protocol used on the web.
How to check if your site supports HTTPS
Open your website in a Chrome browser and check which of the following situations apply to you:
- If you notice a green lock icon to the left of the URL, then your site supports HTTPS.
- If the lock does not appear, try re-entering your website URL with “https://” instead of “http://”.
- If the page doesn’t load, then your site does not support HTTPS.
If your site supports HTTPS
Change your Google Ads final URLs and mobile final URLs to use HTTPS. There are three ways to bulk edit ads and keywords:
- The bulk uploads feature within Google Ads (best for smaller accounts)
For this option, download your ads and (if necessary) keywords from Google Ads, update your URLs, and then upload your edited ads back into your Google Ads account. Learn more about making changes with bulk uploads.
- The desktop tool Google Ads Editor
- Google Ads API (AdWords API)
If your site does not support HTTPS
Speak with your web developer or the administrator of your CMS platform. If you manage your own website, you can learn more at the following websites:
Next, follow the steps in the previous section, "If your site supports HTTPS," to change your final URLs and mobile final URLs in Google Ads.
- When you enable HTTPS on your website, it is a recommended best practice to redirect instances of HTTP to HTTPS to make sure old links keep working and visitors to your website are redirected to secure content.
- We strongly recommend that you explicitly change your final URLs and mobile final URLs from HTTP to HTTPS in Google Ads. Reliance on redirects does not provide the full security protections of the HTTPS protocol. Users' requests are not encrypted. Also, redirects slow down page load times, which affect the landing page experience, and can potentially impact your conversion rate and return on ad spend (ROAS).
The best practice is to replace your HTTP URLs with HTTPS URLs. But, in some cases, if you have HTTP URLs in Google Ads and your website is detected as supporting HTTPS, Google Ads will automatically forward your clicks directly to the HTTPS version of the URL.
Starting the week of June 11, 2018, Google Ads will begin forwarding some, or all, of your HTTP clicks to HTTPS in the following situations:
- If your website has implemented HTTPS Strict Transport Security (HSTS), all clicks will be forwarded to HTTPS.
- If a URL is forwarded to an equivalent HTTPS URL via a 301 redirect, all clicks on that URL will be forwarded to HTTPS.
- Secure your Google Ads account
- Secure your Google Ads account: Best Practices
- Secure your Google Ads account: Suspicious emails or calls claiming to be from Google Ads