Update: I’ve now enabled TLS on this site, and url auto-redirection to https is now in effect. This should now all be seamless.
About a month ago, I turned-down the no-index switch on my site — a directive it carried since 2010, and Google like clock-work promptly elevated it to the top of its “Past year” search results. It looked fine, until I noticed https prefixed to my site URL. But I am not serving my site over https, so this is annoying. Let me explain.
If a site seeks visitor’s inputs — secret or otherwise, then TLS (encrypting user information/query before transmission) is warranted. But my site is just a catalogue of information, and it seeks no information from a visitor, and so there’s no user interaction to protect. As a result, there is no need for transport layer security. In other words, I serve my site over http by design.
But when a non-https site is accessed through https protocol (thanks Google for incorrectly prefixing my site with https), the browser throws up a cautionary security warning — usually forcing an unsuspecting visitor to backtrack. So, going from complete-obscurity to being-warned-to-stay-away must be progress, I guess.