I have had a number of questions about this recently so I thought it would be good for me to write an article that would help to explain what happens to your disavow file when you switch to https. Does changing to https mean that you are starting over with a fresh disavow file? If Penguin refreshes soon, and you make a switch to https today, does this mean that the whole disavow needs to be reprocessed in order for Penguin to treat your https version of your site with trust?

First, you need to re-upload your disavow

Once you have migrated your site to https, you need to register your https version of your site in Webmaster Tools.  And then, you need to upload your disavow file that you used for your http version of your site to your https version.

Here is where you get your disavow file from Google.  You'll get it in the form of a CSV.  You'll need to save that as a .txt file, or copy and paste everything from the CSV into a plain text file.  Then, upload that .txt file to your https version of your site.


Does this mean that you have to wait for your disavow to take effect?

I am getting emails from site owners who are concerned that they have now left themselves with an essentially blank disavow file while they wait for Google to recrawl each of the links in the file.  However, this is not what happens.  I find this difficult to explain, but I think that the following description should help.

When you had just an http version, you filed a disavow and as each of these urls got crawled, Google applied the invisible nofollow tag to links that were pointing to your site. This invisible nofollow basically asks Google not to count these links in their algorithmic calculations that involve links (i.e. Penguin).

When you make the switch to https and immediately upload a disavow file as described above, as each of the urls get crawled again Google applies the disavow so that links pointing to the https are not counted in algorithms that use links.  But, what about the spammy urls that haven't been crawled yet?  Is Google going to see them as unnatural links pointing to your https version?  The key point is that Google is not going to see these links pointing to your https site until they recrawl them.  When they recrawl them then they will apply the disavow.

In other words, as soon as an unnatural link pointing to your https version of your site is picked up by Google, it is disavowed before Google gets a chance to use it in any link algos.

So, as long as you upload your disavow file to your https version of your site in Webmaster Tools there is nothing to worry about!


A few additional points:

  • If you had a lot of unnatural links and you last did a link audit and disavow a number of months ago, it is a good idea to have a look at the new links that are pointing to your site.  I have found that for clients that had link cleanups done, it is amazing how many old spam links are just coming to light now.  You need to disavow those as soon as you see them. I recommend monthly disavows for sites that had to do large cleanups.
  • Most of you know this, but be sure that you are disavowing at the domain level.  It is very rare that I will disavow just one url from a domain.  If you're not doing this, you are likely missing a lot of unnatural links.
  • And finally, don't be in a huge rush to change to https unless it really makes sense for your business. While Google did say recently that https could be considered a ranking signal, it is an extremely weak signal.  In fact, John Mueller from Google recently said that changing to https on its own will NOT cause a ranking increase.  If you do https migration incorrectly you have great potential to mess up your site!


If you have additional questions about this topic, please ask in the comments.  Also, if my description of the scenario doesn't make sense I'd love for some ideas on how to explain this better.

(Thank you to Karl Baxter, Michael Reilly and Adam Szmerling for asking me about this subject and encouraging me to write about it.)