SSL in Session
-
fellow mozzers,
i have a question concerning ssl.
we were working on a new webshop - the login and all the steps of the shopping cart are secured with ssl, all the other (and important) sites of the webpage are regular http.
but if you have visited one site with ssl, the whole session you will be forwarded to the ssl versions, so all pages turn to ssl pages. for me this looks like a possible spider trap for an search engine as they wont find any non-https sites anymore, and these are the ones i want in the index.what do you think? my personal opinion is to make the ssl sites autonomous from the session, but i need some more opinions, as my developer are telling me that this would be alot more work for them.
thanks in advance
seth -
our site is selfmade with our own cms.
we could handle it with absolute links, but that isnt the solution i am looking for.
the question is "is the solution we are currently using, a spider trap?", if the answer is yes, we need to make it happen that only a few sites are ssl secured and it doesnt depend on session.
thank you marisa.
-
Are you using a CMS for your site? Some of them have a setting that will automatically make all the links absolute.
-
Hi Marisa,
Thanks for your reply.
My site is huge
unfortunately this solutions doesnt work for me.
any other ideas :-)?
thanks
-
Hi Marisa,
Thanks for your reply.
My site is huge
unfortunately this solutions doesnt work for me.
any other ideas :-)?
thanks
-
A quick fix if you have a rather basic site, would be, on the SSL pages, make all the links to other pages absolute rather than relative.
Instead of page.html
do http://www.site.com/page.html
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
De-indexing and SSL question
Few days ago Google indexed hundreds of my directories by mistake (error with plugins/host), my traffic dropped as a consequence. Anyway I fixed that and submitted a URL removal request. Now just waiting things to go back to normality. Meantime I was supposed to move my website to HTTPS this week. Question: Should I wait until this indexing error has been fixed or I may as well go ahead with the SSL move?
Technical SEO | | fabx0 -
Cloudflare shared SSL certificate vs Letsencrypt
Cloudflare does have a free SSL certificate, which is shared among many domains (in my case 30+ domains). An alternative would be to use letsencrypt and generate a dedicated certificate. Can a shared SSL certificate hurt my google ranking?
Technical SEO | | danielbeck0 -
Can you have an SSL cert but still have http?
I was under the impression that if you got an SSL cert for your site that the site would change to https. I ran this site: http://thekinigroup.com/ through an SSL checker and it said it had one...but it's http. 1. Why didn't it change to https? Is there an extra step there that needs to be done? 2. Is there a reason someone would choose to get an SSL cert, but not have https? Thanks, Ruben
Technical SEO | | KempRugeLawGroup0 -
Should I add SSL certificate site-wide? Or just on Checkout?
I'm setting up my SSL certificate and my programmer said it's smart to just apply it to the entire site. I'm concerned about how this could affect my SEO work. I've heard as far as SEO is concerned, applying it to just the checkout pages is the best way to do it. What are your thoughts? What are potential problems?
Technical SEO | | Webmaster1230 -
Google Impressions Drop Due to Expired SSL
Recently I noticed a huge drop in our clients Google Impressions via GWMT from 900 impressions to 70 overnight on October 30, 2012 and has remained this way for the entire month of November 2012. The SSL Cert had expired in mid October due to the notification message for renewal going to the SPAM folder and being missed. Is it possible for an SSL expiry to be related to this massive drop in daily impressions which in-turn has also effected traffic? I also can't see any evidence of duplicate pages (ie. https and http) being indexed but to be honest I'm not the one doing the SEO therefore haven't been tracking this. Thanks for your help! Chris
Technical SEO | | MeMediaSEO0 -
Please advice needed SSL .htaccess
Hi everyone, I recently installed verisign ssl. the idea to have page https://example.com all redirect from non-http to https work properly, but in IE whenever smbdy types https://www.example.com it shows the red screen with invalid certificate. If you click "proceed" - everything goes to normal page and on server redirect www to non-www seem to work fine. Is there way to get rid of the warning? Is it server or certificate issue? Here is the peice of code from htaccess. Please, advice needed! RewriteEngine On RewriteBase /RewriteCond %{HTTPS} !=on RewriteRule ^(.*) https://%{SERVER_NAME}/$1 [R,L] RewriteRule ^index.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] Thanks in advance
Technical SEO | | Kotkov0 -
Problem with canonical url and session ids
Hi, i have a problem with the following website: http://goo.gl/EuF4E Google always indexes the site with session-id, although i use canonical url in this page. Indexed sites: http://goo.gl/RQnaD Sometimes it goes right, but sometimes wrong. Is it because we separate our session-id with ";" as separator? In the Google Webmaster Tools, i can´t choose jsessid as a parameter, so i think google does not recognize this. But if we have to change it (f.e. ? as separator) we have to spend many days in programming. Any ideas? thanks for your help!
Technical SEO | | tdberlin0 -
Is a redirect based on a session cookie hurting rankings?
My clients business is divided in chain stores. All stores are set under the same franchise. There is one domain www.company.com with branches like www.company.com/location1/content and www.company.com/location2/content etc. I've taken care of duplicate content issues with rel="canonical" and duplicate page titles are also not a concern, anymore. Right now the concept is like this: If you visit the site for the first time you get to choose between the locations. Then a cookie is set and once you revisit www.company.com it will redirect you via a php header command to the location stored in your cookie: www.company.com/location1/content. My question is if this might hurt rankings in some kind of way as these aren't permanent redirects with a 301 but rather individual ones, based on your cookie.
Technical SEO | | jfkorn0