Recently I was looking at this site on Google Search Console, and noticed a few warnings about HTTP canonical URLs. This was a little confusing, since all my content is HTTPS, and it was only happening on one site. Turns out the problem was a GitHub Pages setting I’d forgotten to change…

The issue

So, here’s the warning I had in Google Search Console:

HTTP marked with canonical tag

These pages are not served over HTTPS. HTTPS is a requirement for a good page experience.

Looking at this site’s source code… Google had a good point! All internal references were to http URLs that were then being redirected to https via Cloudflare when navigated to. This applied to asset references as well as the canonical URL.

The investigation

I’m in a unique situation where I have multiple almost identical sites, helping narrow down the problem. Since this issue only affected my programming site, I knew it wasn’t a template issue, and was specific to this project.

Since the issue is in the source code, I assumed it had to be within my codebase. As such, I looked into where this base URL comes from, including a completely unnecessary dive into the Jekyll SEO plugin that generates these meta tags.

After looking into the SEO plugin, my theme (minimaJake), and this site’s config and finding no issues at all, I widened my search to GitHub pages. Sure enough, it was an obvious fix…

The solution

Tick this box:

Yep, that was it. Ticking that box and rerunning the GitHub Actions build now generated HTTPS URLs in the source code, and solved the issue entirely.

Initially, I didn’t understand how this fixed it whatsoever. Surely this checkbox only changes how the already generated website is served, and doesn’t do anything about rewriting code?

Nope! I compared the code generated by the GitHub action with the checkbox checked and unchecked, and every meta URL changed between https:// and http://. This means the “Enforce HTTPS” GitHub pages checkbox impacts the default Jekyll GitHub action!

I suspect this fix also applies to many other Jekyll unsecured HTTP issues, since it’s not very intuitive that the GitHub action (usually controlled via a static config file) changes behaviour based on a GitHub setting.