On 08/06/14 Google announces a new major change that will force the entire industry to switch to SSL / HTTPS across the board. I don’t think anyone was taken by surprise, but HTTPS became a new ranking signal in Google’s algorithm. HTTPS was a consistent trend in Google in the past couple of years and it’s going to continue growing, because Google believes that security is their top priority. Forcing SSL means that Google Search and Google products users will automatically have a secure connection.
HTTPS Migration
To ensure the smoothest HTTPS migration, you will need to purchase 2048-bit SSL, please make sure you have SSL for each of your sub-domains (www. and the non www. versions) or you can get a wildcard SSL (*.domain.com) that will secure a domain and all of it’s first-level sub-domains. Once you installed SSL, you need to force HTTPS across the board, to avoid duplicated content problems. There is no need to submit a change of address in Google webmaster tools, a 301 permanent redirect with parameters passing will do the trick.
Before you force HTTPS, please make sure all of your internal hard-coded and dynamic absolute URL links pointing to your internal resources and media, have HTTPS prefix or use a relative URL structure, otherwise you pages will return a Mixed Mode Content security warning in your browser.
Absolute URL structure example: https://www.domain.com/absolute-url-structure
Relative URL structure example: /relative-url-structure
REGEX redirect Syntaxes
If you are using mod_rewrite or ISAPI rewrite filter for IIS such as IIRF or HeliconTech, you can use the following REGEX to force HTTPS:
RewriteCond %{HTTPS} off RewriteCond %{SERVER_PORT} ^80$ RewriteCond %{HTTP_HOST} ^(?!www\.).*domain\.com$ [NC] RedirectRule ^/(.*)$ https://www.domain.com/$1 [R=301]