Google AdSense Ready for HTTPS? My Experience Says No

Is Google AdSense supporting HTTPS? Google says YES -- since September 2013 you can use both synchronous and asynchronous Javascript code on your HTTPS website to embed AdSense ads. However is AdSense really ready for HTTPS? Not really.

AdSense's support page suggests the same. While HTTPS is most certainly supported, Google does not recommend it for their publishers due to potential lower earnings.

We don’t recommend that publishers with HTTP sites convert their sites to HTTPS unless they have a strong reason to do so.

If you do decide to convert your HTTP site to HTTPS, please be aware that because we remove non-SSL compliant ads from the auction, thereby reducing auction pressure, ads on your HTTPS pages might earn less than those on your HTTP pages.

"Strong reason" can be a subjective term here, and I believe HTTPS is more than just for protecting the packets transmitted between browsers and web-servers, but also validating the web server against MiTM attacks. In this case if you are a publisher using AdSense to monetise your website, you will need to weight out the pro's and con's before doing the "switch" to HTTPS-only. So, how much less is "might earn less" here? My current experience says "a significant pay cut".

I have been an AdSense user since 2005, and when OzBargain was launched in late-2006, AdSense was the first (and the only) contextual and display advertising network used. Over the years it provided the bulk of revenue to keep the website going. Last December we moved to HTTPS-only as I thought it would be best for our community, but the switch wasn't all smooth-sailing.

Performance issue? Not a big deal with today's multi-core Xeons. Slow down? You can hardly notice. Our Alexa ranking dropped significantly since last December (despite having more traffic than last year), but who still cares about Alexa anyway? The biggest problem we had was actually the reduced revenue from AdSense. Comparing March this year verses March 2013, here are the relative stats from AdSense:

  • Page Views: +13%
  • Earnings: -29%
  • Clicks: -13%
  • Page CTR: -22%
  • CPC: -18%
  • Page RPM: -37%

So despite having more page views, the earnings dropped by almost 30%. Lower Click-Through-Rate translates lower number of clicks. Compounding with lower Cost-Per-Click, I am getting a very sad RPM drop. Lower CPC can be explained by lower auction pressure. Less advertisers also result the same boring ads showing up all the time, resulting lower CTR.

Going deeper into the stats gives you a clearer idea of what's going on.

  • CPM bids dropped by 97%. It was 25% of the revenue before and now almost nothing.
  • Non-AdWords bids dropped by almost 100%. Basically other than AdWords, almost no one on the supply side of advertising network meets the HTTPS requirement.
  • Rich media and Flash ads dropped by 81%. Again, most of them are served from networks that are not compatible with HTTPS.

We used to have quite a few big retailers advertising on OzBargain last year (through AdSense), but you can hardly see any this year. It's probably not Google's fault though, and I am not sure what they are able to do here. It's the advertising networks, the media agencies, the advertisers -- the whole suite needs to move onto HTTPS, which might take a while unless there's a crisis or strong demand (just look at IPv6 migration).