If youโve noticed that your WordPress website displays both http:// and https:// in the canonical URL, it can be confusing and concerning from an SEO perspective. Duplicate content issues must be prevented, and only the correct version of web pages should be indexed. That is where canonical URLs come in. Ideally, your canonical URL should only reflect one versionโeither http:// or https://- to keep things consistent and improve your SEO performance.
In this article, weโll look at why this happens and how to fix it so that your WordPress website follows best practices for SEO.
What Is a Canonical URL?
Before we get into why this is the case, letโs first define what a canonical URL is. A canonical URL is a tag in the HTML <head> section of a webpage. This tag helps prevent duplicate content problems when the same content is available using different URLs by telling search engines which version of the page is a primary version. For example, a page might be accessible via http://yourdomain.com and https://yourdomain.com. If you donโt have a canonical tag, search engines could see these as two separate pages, splitting the SEO value and hurting your rankings.
The canonical tag helps aggregate all of those ranking signals and helps this page rank better in search engines because the page consolidates around the preferred URL. Ideally, this tag should always point to the https: if you have moved to HTTPS for enhanced security, especially if you have a https:// version of your website.
Why Does My WordPress Website Include Both http:// or https:// in the Canonical URL?
There are several common reasons why a WordPress website might include both http:// and https:// in the canonical URL. Here are the most frequent causes:
1. Mixed Content Issues
One of the primary causes of seeing both is http:// and https:// is considered mixed content is in the canonical URL. Mixed content is when you load a page over HTTPS, but some content (like images, scripts, or links) is still loading over HTTP.
For example, your homepage might be delivered via HTTPS (which is secure), but an internal link, embedded image, or external resource may still be fetched via HTTP. As a result, you end up getting inconsistent canonical URLs. WordPress, not knowing which version to prioritize, might include both http:// or https:// in the canonical link.
2. Incorrect WordPress Settings
Incorrect settings in your WordPress General Settings are another common reason for the issue.
In WordPress, there are two key fields that control your websiteโs URLs:
โข WordPress Address (URL): This is where WordPress files are kept.
โข Site Address (URL): This is how others will see your site and what your public URL is.
If these settings are not both configured to use https: WordPress might generate mixed canonical URLs. For example, if your WordPress address is set to http://, but your site address is https://, WordPress may generate canonical URLs with both protocols.
3. SSL Installation Issues
If youโve recently installed an SSL certificate and switched your website from HTTP to HTTPS but did not configure it properly, this could lead to both http:// and https:// pages appearing in the canonical tag versions of your pages. This happens because you havenโt set up redirects correctly from HTTP to HTTPS or are still dealing with mixed content on the website.
4. SEO Plugin Conflicts
Most WordPress websites use SEO plugins like Yoast SEO, Rank Math, or All in One SEO to handle their canonical URLs. If these plugins are not configured correctly or if thereโs a conflict between multiple SEO-related plugins, they might generate canonical URLs with both http:// and https://.
For example, the plugin might read your siteโs URL as http://yourdomain.com and automatically add it to the canonical tag while the page itself is being served over https://. In this case, it means that the page protocol will not match with the canonical URL it has.
5. Incorrect .htaccess Redirects
If you changed from HTTP to HTTPS and didnโt set up the proper redirects, both versions of the site could still be available. Without 301 redirects in place, search engines and visitors can still reach your website using HTTP:// and the canonical URL might show both versions.
How to Fix the Issue
To resolve the problem of having both http:// and https:// in your canonical URLs, follow these steps:
1. Force HTTPS for All Pages
Make sure that all pages on your WordPress site are served over HTTPS. Fortunately, simply adding a redirect within your .htaccess file or using a plugin such as Really Simple SSL will allow you to accomplish this. That way, all traffic shall be redirected to HTTPS, and the canonical URL shall be HTTPS as well.
Example .htaccess redirect code:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
2. Update WordPress Settings
Count how many characters these two fields contain: WordPress Address (URL) and Site Address (URL), which are displayed under Settings > General in your WordPress dashboard. Ensure both are set to https://.
โข WordPress Address (URL): https://yourdomain.com
โข Site Address (URL): https://yourdomain.com
WordPress will then use the proper protocol while creating URLs.
3. Fix Mixed Content Issues
Mixed content issues can be fixed with tools such as SSL Insecure Content Fixer. This plugin will automatically update any HTTP content to HTTPS. You can also manually look at your website and make sure all your resources (images, scripts, and CSS files) are loaded over HTTPS.
4. Check SEO Plugin Settings
If youโre using the Yoast SEO, go to the pluginโs settings and make sure that the correct canonical URL is produced. The canonical URL should always use the https:// version of your site.
5. Set Up Proper 301 Redirects
If youโre transitioning from HTTP to HTTPS, make sure to set up 301 redirects from the old http:// redirects pages to the new https:// pages. It tells search engines that the page has moved permanently and that the HTTP version is still SEO valuable.
