From HTTP to HTTPS
-
Hi
We have implemented HTTPS to the our website. Do we need to now redirect the whole site to HTTPS in the HTTACCESS file?
Because when you enter the site via a google search or enter the domain directly the site is set to HTTP once we click on a URL on the page it sets it to HTTPS so do we require to redirect from the start?
thanks
E -
That Stack Overflow discussion goes into getting Google Tag Manager up and running. It's best to clean up URLs to get as many as possible pointing to HTTPS. That way you're not making unnecessary redirection hops with things you can control. Cheers!
-
Thanks guys
Just to confirm would you recommend goign through and altering all links that point to HTTP to HTTPS for example: google+, analytics etc or would the redirect be sufficient and do this automatically?
Also noticed that google analytics and adwords are now blue and not green in tag assistant once the change was made - any ideas?
thanks
R
-
Right. If you want the HTTPS from the start you'll need to redirect to it. There's a few nice discussion around how over at Stack Overflow, here's one such example: http://stackoverflow.com/questions/13977851/htaccess-redirect-to-https-www. The code you use may vary depending on what you want to achieve.
-
Hi Ram,
Yes, you absolutely should redirect all of your HTTP pages and other resources to the HTTPs version to prevent the situation you describe happening. It's likely Google will see duplicates of each of your pages which will cause ranking issues.
There's a great check-list at the bottom of this blog post by Cyrus Shepard which will take you through everything you need to do.
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Redirecting traffic to https
Hey! i was wondering, should i force all traffic to https address? i know that overall a better secured website will rank better since it earns more trust from users which means less bounce rate and the list of benefits is endless..
Intermediate & Advanced SEO | | SharonEKG
but should i FORCE ALL traffic to a https? or maybe only force a http to https? or not at all?2 -
Google cache is for a 3rd parties site for HTTP version and correct for HTTPS
If I search Google for my cache I get the following: cache:http://www.saucydates.com -> Returns the cache of netball.org (HTTPS page with Plesk default page) cache:https://www.saucydates.com -> Displays the correct page Prior to this my http cache was the Central Bank of Afghanistan. For most searches at present my index page is not returned and when it is, it’s the Net Ball Plesk page. This is, of course hurting my search traffic considerably. ** I have tried many things, here is the current list:** If I fetch as Google in webmaster tools the HTTPS fetch and render is correct. If I fetch the HTTP version I get a redirect (which is correct as I have a 301 HTTP to HTTPS redirect). If I turn off HTTPS on my server and remove the redirect the fetch and render for HTTP version is correct. The 301 redirect is controlled with the 301 Safe redirect option in Plesk 12.x The SSL cert is valid and with COMODO I have ensured the IP address (which is shared with a few other domains that form my sites network / functions) has a default site I have placed a site on my PTR record and ensured the HTTPS version goes back to HTTP as it doesn’t need SSL I have checked my site in Waybackwhen for 1 year and there are no hacked redirects I have checked the Netball site in Waybackwhen for 1 year, mid last year there is an odd firewall alert page. If you check the cache for the https version of the netball site you get another sites default plesk page. This happened at the same time I implemented SSL Points 6 and 7 have been done to stop the server showing a Plesk Default page as I think this could be the issue (duplicate content) ** Ideas:** Is this a 302 redirect hi-jack? Is this a Google bug? Is this an issue with duplicate content as both servers can have a default Plesk page (like millions of others!) A network of 3 sites mixed up that have plesk could be a clue? Over to the experts at MOZ, can you help? Thanks, David
Intermediate & Advanced SEO | | dmcubed0 -
Http and https protocols being indexed for e-commerce website
Hi team, Our new e-commerce website has launched and I've noticed both http and https protocols are being indexed. www.mountainjade.co.nz Our old website was http with only the necessary pages running https (cart, checkout etc). No https pages were indexed and you couldn't access a https page if you manually typed it into the browser. We outrank our competition by a mile, so I'm treading carefully here and don't want to undo the progress we made on the old site, so I have a few questions: 1. How exactly do we remove one protocol from the index? We are running on Drupal. We tried a hard redirect from https to http and excluded the relevant pages (cart, login etc from the redirect), but found that you could still access https pages if you we're in the cart (https) and then pressed back on the browser button for example. At that point you could browse the entire site on https. 2. Is the safer option to emulate what we had in place on the old website e.g http with only the necessary pages being https, rather than making the switch to sitewide https? I've been struggling with this one, so any help would be much appreciated. Jake S
Intermediate & Advanced SEO | | Jacobsheehan0 -
Visibility for https://goo.gl/gJH7eh
Hi Mozzers, I am wondering if anyone can help me with the following. At the start of May this year we really lost visibility for the homepage of this site https://goo.gl/gJH7eh. This was particularly noticeable by tracking rankings for the term 'oak furniture'. We previously ranked on page 1 for the term 'oak furniture', but since May the homepage has struggled to make the top 100 positions for this term. We're confident that we have done everything within Google's guidelines, but it seems something is really holding the homepage back. The site ranks on page 1 for 'oak furniture' on Bing. The site had previously had a manual penalty for unnatural links (warning received several years ago). These links had a particular emphasis on using the anchor text 'oak furniture'. When we took over the site we did an extensive link clean up and disavow and managed to get the penalty removed at the end of October 2013. Any help would be greatly appreciated. Karen
Intermediate & Advanced SEO | | OFS0 -
Client has moved to secured https webpages but non secured http pages are still being indexed in Google. Is this an issue
We are currently working with a client that relaunched their website two months ago to have hypertext transfer protocol secure pages (https) across their entire site architecture. The problem is that their non secure (http) pages are still accessible and being indexed in Google. Here are our concerns: 1. Are co-existing non secure and secure webpages (http and https) considered duplicate content?
Intermediate & Advanced SEO | | VanguardCommunications
2. If these pages are duplicate content should we use 301 redirects or rel canonicals?
3. If we go with rel canonicals, is it okay for a non secure page to have rel canonical to the secure version? Thanks for the advice.0 -
How do I add https version of site to Bing webmaster tools?
I could add my site to Google Webmaster tools with no problems, but when I try to add it in Bing webmaster tools it just redirects me to what I already have. Everything is staying the same but the switch from http to https. Anyone else experienced this? This is what I just received back from Bing and it doesn't seem right- I understand that you switched to the https version of your site and you're now trying to use the Site Move tool. However, in order to do this, you must verify the https version of your site first. You cannot do this because it just redirects you to the dashboard. We thank you for reporting this to us. We've investigated on this matter and can see that you're already put a redirect from the http to the https version of your site. We also checked the /BingSiteAuth.xml file and this also redirects to the https version. At this point, we suggest that you remove the current website (http version) that is verified through Bing Webmaster Tool and add your https domain. When done, use the Site Move tool. Thoughts?
Intermediate & Advanced SEO | | EcommerceSite1 -
SEO implications of serving a different site on HTTPS vs. HTTP
I have two sites: Site A, and Site B. Both sites are hosted on the same IP address, and server using IIS 7.5. Site B has an SSL cert, and Site A does not. It has recently been brought to my attention that when requesting the HTTPS version of Site A (the site w/o an SSL cert), IIS will serve Site B... Our server has been configured this way for roughly a year. We don't do any promotion of Site A using HTTPS URLs, though I suppose somebody could accidentally link to or type in HTTPS and get the wrong website. Until we can upgrade to IIS8 / Windows Server 2012 to support SNI, it seems I have two reasonable options: Move Site B over to its own dedicated IP, and let HTTPS requests for Site A 404. Get another certificate for Site A, and have it's HTTPS version 301 redirect to HTTP/non-ssl. #1 seems preferable, as we don't really need an SSL cert for Site A, and HTTPS doesn't really have any SEO benefits over HTTP/non-ssl. However, I'm concerned if we've done any SEO damage to Site A by letting our configuration sit this way for so long. I could see Googlebot trying https versions of websites to test if they exist, even if there aren't any ssl/https links for the given domain in the wild... In which case, option #2 would seem to mostly reverse any damage done (if any). Though Site A seems to be indexed fine. No concerns other than my gut. Does anybody have any recommendations? Thanks!
Intermediate & Advanced SEO | | dsbud0 -
Website Displayed by Google as Https: when all Secure Content is Blocked - Causing Index Prob.
Basically, I have no inbound likes going to https://www.mysite.com , but google is indexing the Homepage only as https://www.mysite.com In June, I was re included to the google index after receiving a penalty... Most of my site links recovered fairly well. However my homepage did not recover for its top keywords. Today I notice that when I search for my site, its displayed as https:// Robots.txt blocks all content going to any secure page. Leaving me sort of clueless what I need to do to fix this. Not only does it pose a problem for some users who click, but I think its causing the homepage to have an indexing problem. Any ideas? Redirect the google bot only? Will a canonical tag fix this? Thx
Intermediate & Advanced SEO | | Southbay_Carnivorous_Plants0