HTTP vs HTTPS differing statistics?

Maybe somebody can explain why my site gets drastically different statistics as HTTP vs HTTPS?

I got my domain name through Host Gator a year ago. I got an SSL cert to have an Https site. I created the site via Blocs as an Https site and uploaded it and changes over the year as Https. Included in the created Blocs site was a GA tracking code for this Https site.
The site has about 7 or 8 pages. The stats for the site are understandably very low. Awstats gives you the option of viewing stats for SSL and http sites. Today I looked at the Http site stats and it has drastically higher stats.
Today Google visited both “sites” 155 hits and Bing 55 hits worth. On the Awstats http site Google indexed 15 pages and Bing 5 pages are indexed, two external inks are listed. On the Https site neither Google or Bing indexed anything and no external links. Google, bind and Yandex and other bots visit the Http several times a month
How can they find identical content and pages so different? Where do they get Http site info when I only use Https:?
I looked at other months and pattern is the same one site is “interesting” but not on my server and the other not so. GA statistic issues are very similar although you can get realtime comparisons of the two.
Any help would be appreciated.

At the moment it sounds like robots and humans can visit either version and having an SSL certificate does not stop that by itself. You could try redirecting everything to the https version with some htaccess as described here:

At a later stage you could also enable HSTS Preload, however that should only be done if you are certain you will always work with https.

1 Like

My sites have been HTTPS for years, and I have all the .htaccess redirects setup too. I’ve never considered HSTS Preload though. It’s too strict for my taste. Interestingly, if you type “” or “” into that web page you suggested, you’ll see even they don’t have it setup, despite the fact they are all secure HTTPS sites.

Yes it’s a one way street and I wouldn’t do it on a client site. I’ve used it on a few of my sites for a year or two without problem, since it does provide an extra layer of security and a modest improvement in page speed. Facebook uses it.

I appreciate your comments.The coding is far beyond my skill set but I do appreciate it.

I still do not understand how google and bing can look at the same data/pages, one as an http and the other as an https and come to different conclusions about the site.
How do they look at a published https site and determine that it is http?

Given my limited understanding it seems to defeat the purpose of an ssl certificate if the search engine determines ie penalizes you for the certificate.

The search engine is not penalising you for the SSL certificate. It’s just that you’ve left the door open for visitors including search engines to see non encrypted pages and this is showing in your stats.

SSL is required for SEO. Google considers it a trust factor. If you’re using SSL you need to 301 redirect your HTTP traffic to HTTPS or you’ll have double indexation of your pages - all this does is dilute any potential for ranking.