Technical
TechnicalLow

HTTPS Protocol Links

Checks that internal links use https:// consistently.

What this check measures

We scan all internal `<a href>` links and flag any using http:// (insecure) or protocol-relative // when the site is HTTPS-only.

Why it matters

Each HTTP internal link forces a redirect hop, wasting time and crawl budget. Hardcoded http:// URLs are usually leftovers from HTTPS migration that were never cleaned up.

search

How our audit detects it

Parse all internal <a href> values. Flag http:// or // protocol.

Typical findings

  • error_outlineFooter still links to http://example.com/privacy.
  • error_outlineImage src uses http:// on an HTTPS site (mixed content bonus).

How to fix

Replace all http:// with https:// in templates and content. For inherited content, use CSP upgrade-insecure-requests as a safety net.

Frequently asked questions

Are protocol-relative URLs OK?expand_more
Historical pattern, now unnecessary — always use https:// for internal links.

Want this checked on your site?

Pantra runs the full audit (SEO, Security, GEO, Performance, Schema, Technical, Images) in 10 seconds and generates stack-specific fix prompts.

Scan my site

Related checks

Technical

SSR / Pre-rendering

Checks if the page is server-rendered or statically pre-rendered.

Technical

HTTP Status Codes

Checks that pages return proper status codes — 200 for live, 404 for missing, 301 for moved.

Technical

No Client-Side Redirects

Checks that redirects happen server-side, not via JavaScript.

Technical

Viewport Meta Tag

Checks for <meta name="viewport" content="width=device-width, initial-scale=1">.

Learn more in the Glossaryarrow_forward