SSL in Session
-
fellow mozzers,
i have a question concerning ssl.
we were working on a new webshop - the login and all the steps of the shopping cart are secured with ssl, all the other (and important) sites of the webpage are regular http.
but if you have visited one site with ssl, the whole session you will be forwarded to the ssl versions, so all pages turn to ssl pages. for me this looks like a possible spider trap for an search engine as they wont find any non-https sites anymore, and these are the ones i want in the index.what do you think? my personal opinion is to make the ssl sites autonomous from the session, but i need some more opinions, as my developer are telling me that this would be alot more work for them.
thanks in advance
seth -
our site is selfmade with our own cms.
we could handle it with absolute links, but that isnt the solution i am looking for.
the question is "is the solution we are currently using, a spider trap?", if the answer is yes, we need to make it happen that only a few sites are ssl secured and it doesnt depend on session.
thank you marisa.
-
Are you using a CMS for your site? Some of them have a setting that will automatically make all the links absolute.
-
Hi Marisa,
Thanks for your reply.
My site is huge unfortunately this solutions doesnt work for me.
any other ideas :-)?
thanks
-
Hi Marisa,
Thanks for your reply.
My site is huge unfortunately this solutions doesnt work for me.
any other ideas :-)?
thanks
-
A quick fix if you have a rather basic site, would be, on the SSL pages, make all the links to other pages absolute rather than relative.
Instead of page.html
do http://www.site.com/page.html
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Cloudflare shared SSL certificate vs Letsencrypt
Cloudflare does have a free SSL certificate, which is shared among many domains (in my case 30+ domains). An alternative would be to use letsencrypt and generate a dedicated certificate. Can a shared SSL certificate hurt my google ranking?
Technical SEO | | danielbeck0 -
Does a DV SSL Certificate Help with SEO more than a standard SSL?
I've found information on both sides of the topics, so I'd love to get some thoughts and insights from people here. Does a DV SSL Certificate have more SEO benefits than a standard SSL certificate? I understand the "boost" from an SSL is minimal, but is there extra value in the DV? Some have argued that since a DV SSL is "certified", that Google gives it more preference over a standard SSL. While others have argued that a DV SSL is only required for specific types of websites, which is why Google doesn't give them special preference. Thoughts? Opinions? Proof? Thanks everyone!
Technical SEO | | McFaddenGavender0 -
SSL for subdomain is good or bad?
Hello, We have SSL certificate for our domain only for *.website.com, And now, we have few subdomains, as you know, we have two choices: 1. Using HTTPS for subdomain https://me.website.com, while it has problem with https://www.me.website.com (SSL error) 2. Using HTTP for subdomain, which has www and non-www with redirects. Which one is good for us?
Technical SEO | | Anetwork0 -
SSL Certificate Install Conerns
Hi guys I've recently had an EV security certificate installed on the site and have seen a drop in search visibility ever since. It was installed on Nov 27th. Though I was expecting some tracking hiccups as a result of the install and that this is a particularly competitive time of year (I know that others are bidding more aggressively on our brand terms which constitute the vast majority of our traffic) I have been quite concerned by the following: Under Acquisition > SEO > Landing Pages this has dropped to 0. In GWT, the certificate has been identified as self-signed which we know not to be the case. We've checked with the SSL provider that the certificate has been properly installed and obviously with our developers. We're just at a bit of a loss as to whether there is actually an issue and it's not just due to tracking issues and external factors. Does anyone have any advice as to confirm the existence of a problem with the install? Or how to rectify the GWT error as obviously if Google thinks it's self-signed we're not going to get the ranking benefits we were expecting? Thanks in advance for your time. Kind regards
Technical SEO | | Q-TCM0 -
Multi Domain SSL Certs re HTTPS migration
Hi How important is it that when migrating sites to HTTPS they have their own SSL certificates as opposed to choosing the much cheaper multi domain certificate options such as: https://www.namecheap.com/security/ssl-certificates/comodo/ev-multi-domain.aspx I have been told really should have 1 certificate per domain and people generally unsure about multi domain certsificates ? All Best Dan
Technical SEO | | Dan-Lawrence0 -
Would adding an SSL certificate help my website?
SSL certificates can obviously be a used as a ranking factor by Google, but would a site with no need for an SSL certificate notice a gain by adding one? Is it possible to demonstrate you have an SSL certificate without having some https pages on your site?
Technical SEO | | sthompson0 -
Please advice needed SSL .htaccess
Hi everyone, I recently installed verisign ssl. the idea to have page https://example.com all redirect from non-http to https work properly, but in IE whenever smbdy types https://www.example.com it shows the red screen with invalid certificate. If you click "proceed" - everything goes to normal page and on server redirect www to non-www seem to work fine. Is there way to get rid of the warning? Is it server or certificate issue? Here is the peice of code from htaccess. Please, advice needed! RewriteEngine On RewriteBase /RewriteCond %{HTTPS} !=on RewriteRule ^(.*) https://%{SERVER_NAME}/$1 [R,L] RewriteRule ^index.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] Thanks in advance
Technical SEO | | Kotkov0 -
Problem with canonical url and session ids
Hi, i have a problem with the following website: http://goo.gl/EuF4E Google always indexes the site with session-id, although i use canonical url in this page. Indexed sites: http://goo.gl/RQnaD Sometimes it goes right, but sometimes wrong. Is it because we separate our session-id with ";" as separator? In the Google Webmaster Tools, i can´t choose jsessid as a parameter, so i think google does not recognize this. But if we have to change it (f.e. ? as separator) we have to spend many days in programming. Any ideas? thanks for your help!
Technical SEO | | tdberlin0