Moving to https
-
Hi all and thanks for taking the time to read my question.
We are going to migrate a very small website from http to https, its a roughly 9 page site with 5 of those being product pages.
I figured I would have to set a canonical and permanent 301 redirects for each page.
But our tech guys suggested just doing a binding to https so any traffic hitting our site with a http url would automatically get redirected to the https version.
So if someone land on http://mydomain, it would automatically return https://mydomain
Does this sound correct or would we need to do additional tasks even if we go down the binding route?thanks again for looking.
-
Here's the step-by-step right and easy way:
-
1. Sign-up for Google Webmaster Tools and create individual sites for 4 variants of your website:
-
http non-www
-
http www
-
https non-www
-
https www
-
2. Set the preferred domain among the above four.
-
3. Add an canonical URL for all pages for either https://www. or https://.., whichever you choose.
-
4. Add 301 redirect from http:// to https:// via htaccess using mod_rewrite.
-
5. Use Google Webmaster Tools "Fetch as Google", under "Crawl" in your http:// sites to confirm that http://.. gets redirected and optionally submit those redirects to be indexed by Google (just to make sure).
-
6. Build and submit a sitemap for your preferred domain site (one of the https://..) via Google Webmaster Tools.
-
7. Optionally, connect your Google Analytics property with your preferred domain site in Google Webmaster Tools.
-
-
This sounds odd to me - in my experience, if you want to load one page by a server sends you another, that's a redirect. It doesn't matter how the technology works on the server side as long as the initial URL returns a 301 before the server returns a different page.
It's possible that you and your tech guys aren't really talking about different things, you're just coming at it from different angles. Could you ask them to implement the solution they're suggesting, then use http://httpstatus.io/ to test an http:// URL to see what server code it returns? That might be a good way to communicate what you're looking for. The important thing here is to stress that your tech guys can code the server however they want, as long as it has the right output (301 redirects).
And, of course, use canonicals.
-
I would suggest migrating the whole site, and 301 redirecting all the http pages to the https versions. Without a proper redirect you risk the possibility of losing any link juice that would be directed at that page. A canonical should technically cover that, but the hard 301 leaves no room for robot interpretation.
Also, why leave the http version when you have a secure version available?
-
We have been considering switching to https as well, what are the pros and cons of doing this that you have heard on your end?
Make sure you have proper redirects as well.
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Moving content to a new domain
I need to move a lot of content with podcasts and show notes to a new domain. Instead of doing redirects, we want to keep some content on the current domain to retain the link value. There are business reason to keep content on both websites but the new website will primarily be used for SEO moving forward.If we keep the audio portion of the podcast on the old website and move the show notes and the audio portion of the podcast to the new website, is there any issues with duplicate content?Long-term, I presume Google will re-index the old and the new pages, thus no duplicate content, but I want to make sure I'm not missing anything. I was planning to fetch pages in Search Console as we migrate content.Thanks for your help!
Technical SEO | | JimmyFritz0 -
HTTPS Migration & Preserving Link Equity
Hey All — I’m working with a site that is migrating to HTTPS and had a couple questions. I read Moz’s ‘SEO Tips & Tricks for HTTPS’ post but want some clarification on a couple items. Aside from using https canonicals... 1. What is the best way to preserve link equity from inbound links? Site wide 301 Redirect in .htacess? 2. What is the best way to redirect internal links from http to https? The site uses absolute internal links. THX!
Technical SEO | | JJLWeber0 -
How can I get Google to forget an https version of one page on my site?
Google mysteriously decided to index the broken, https version of one page on my company's site (we have a cert for the site, but this page is not designed to be served over https and the CSS doesn't load). The page already has many incoming links to the http version, and it has a canonical URL with http. I resubmitted it on http with webmaster tools. Is there anything else I could do?
Technical SEO | | BostonWright0 -
Google showing https:// page in search results but directing to http:// page
We're a bit confused as to why Google shows a secure page https:// URL in the results for some of our pages. This includes our homepage. But when you click through it isn't taking you to the https:// page, just the normal unsecured page. This isn't happening for all of our results, most of our deeper content results are not showing as https://. I thought this might have something to do with Google conducting searches behind secure pages now, but this problem doesn't seem to affect other sites and our competitors. Any ideas as to why this is happening and how we get around it?
Technical SEO | | amiraicaew0 -
Non Moving #1 Website
Hi Guys, Bit of an odd one we have recently undertaken our SEO in house (6-7 Months) and since doing this have had some great results, we have identified our competitors utilising Ahrefs, Moz and other tools that we have selected. However we have come up against something that we really cannot work out. One of our competitors ranks for everything related to there term on their website and industry at position #1 They are not actively doing SEO, Poor backlink structure from the research that we have carried out No fresh content being generate I was wondering if someone would perhaps mind spending 5 mins having a quick look to see what you think as i can't think what we might have missed. Tim.
Technical SEO | | fordy0 -
Https Duplicate Content
My previous host was using shared SSL, and my site was also working with https which I didn’t notice previously. Now I am moved to a new server, where I don’t have any SSL and my websites are not working with https version. Problem is that I have found Google have indexed one of my blog http://www.codefear.com with https version too. My blog traffic is continuously dropping I think due to these duplicate content. Now there are two results one with http version and another with https version. I searched over the internet and found 3 possible solutions. 1 No-Index https version
Technical SEO | | RaviAhuja
2 Use rel=canonical
3 Redirect https versions with 301 redirection Now I don’t know which solution is best for me as now https version is not working. One more thing I don’t know how to implement any of the solution. My blog is running on WordPress. Please help me to overcome from this problem, and after solving this duplicate issue, do I need Reconsideration request to Google. Thank you0 -
Move established site from .co.uk to .org - good or bad idea?
I am currently considering moving our site from the current .co.uk domain to the .org version which we also own. The site is established and indexed for 7 years, ranks well and has circa 10k traffic per month which is mainly UK & US traffic. The reason for the change to the .org domain is to make the site more global facing and give us the opportunity to develop the site into multi language within directories (.org/es/ etc.) and then target those to the local search engines. For the kind of site it is (community based) it wouldn’t really work to split this into lots of separate country targeted domains. So the choice is to either stick with the .co.uk and add the other foreign language specific content in directories within the .co.uk or move to the .org and do the same (there is also a potential third option of purchasing the .com which is currently unused but that could be pricey!) We are also planning a big overhaul of the site with redesign, lots of added content and reorganisation of the site – but are thinking that it would be better to move the domain on a 1:1 basis first with the current design, content and URL structure in place and then do the other changes 2 or 3 months down the line. I have read up on SEOmoz, google guidelines etc on moving a site to a new domain and understand the theoretical approach of moving the site and the steps to take (1to1 301 redirects, sitemaps on old and new etc) and I will retain ownership of the .co.uk so the redirects can remain in place indefinitely. However having worked so hard to get the site to where it is in the search engines and traffic levels I am very worried about whether the domain change is a good move. I am more than happy to accept a temporary fluctuation in rankings & traffic for 1 – 4 weeks as reported may happen as long as I can be sure it will return after a temporary period and be as strong (or almost as strong) as the previous rankings / traffic. Looking for peoples experiences to give me the confidence / reassurance to go ahead with this or any info on why I shouldn’t Thanks in advance for your advice. Adrian.
Technical SEO | | Zilla0 -
How do you disallow HTTPS?
I currently have a site (startuploans.org) that runs everything as http, recently we decided to start an online application to process loan apps. Now, for one certain section we configured ssl to work (https://www.startuploans.org/secure/). If I go to the HTTPS url for any of my other pages they show up...I was going to just 301 everything from https but because it is in a subdirectiory I can't... Also, canonical URL's won't work either because it's a totally different system and the pages are generated in an odd manor. It's really just 1 page that needs to be disallowed.. Is there any way to disallow all HTTPS requests from robots.txt while keeping all the HTTP requests working as normal?
Technical SEO | | WebsiteConsultants0