WIRED began the switch to HTTPS in late April. We hoped the process would take about a month. It’s now mid-August, and although we’ve made plenty of progress, we’re not 100 percent yet. The two big stumbling blocks are still SEO and mixed content issues. Although we’ve missed our goal of transitioning all of WIRED.com to HTTPS before the start of summer, we remain undeterred.
We’ve seen an adverse impact on search performance for the four sections of the site with HTTPS. We’re still trying to figure out why, and whether performance will rebound. The uncertainty makes us hesitant to deploy HTTPS site-wide until we know more. Our SEO team is watching this closely.
During the transition, we’ve seen a lot of HTTP assets being delivered on HTTPS pages. An insecure HTTP asset loaded within a secure HTTPS context is called a “mixed content” issue. As we see these problems, we address the systemic causes to reduce the overall number of issues. The good news is, we’re seeing patterns in the mixed content issues, which allows us to address them more quickly. This typically originates with ad content, and our ad operations teams are improving processes to detect mixed content issues before they hit our site.
You can see the trend below. The graph shows the ratio of mixed content issues to page views. We are trending downward, with some spikes due to the occasional problematic new ad.
Overall, we’re finding a rhythm identifying and addressing mixed content issues. We continue improving our code for collecting mixed content issue reports, some of which we’ll share once our transition is done. What’s more, we’re categorizing reports based on type (e.g., editorial content vs. ad content) to better prioritize reports and address issues sooner. Finally, we’ve seen WebKit developers start implementing the “upgrade-insecure-requests” Content Security Policy directive, which …