SSL Certificate Install Conerns
-
Hi guys
I've recently had an EV security certificate installed on the site and have seen a drop in search visibility ever since. It was installed on Nov 27th.
Though I was expecting some tracking hiccups as a result of the install and that this is a particularly competitive time of year (I know that others are bidding more aggressively on our brand terms which constitute the vast majority of our traffic) I have been quite concerned by the following:
- Under Acquisition > SEO > Landing Pages this has dropped to 0.
- In GWT, the certificate has been identified as self-signed which we know not to be the case. We've checked with the SSL provider that the certificate has been properly installed and obviously with our developers.
We're just at a bit of a loss as to whether there is actually an issue and it's not just due to tracking issues and external factors.
Does anyone have any advice as to confirm the existence of a problem with the install?
Or how to rectify the GWT error as obviously if Google thinks it's self-signed we're not going to get the ranking benefits we were expecting?
Thanks in advance for your time.
Kind regards
-
How is the rest of your visitors seeking out natural, is it declining for different pages or sub folders as nicely? I've in no way visible Google Analytics no longer attributing the right visit to the right pages so I doubt that could be the case.
-
Sorry for the late response.
What SSL Labs is telling you to do is disable SSLv3. You should be using only the more secure Transport Layer Security(TLS) 1.0 or higher (if you're running credit cards then PCI compliance will force you to use only 1.2 soon). I would also disable RC4 if you can (only affects IE6 users)
-
I've passed this onto our developers so hopefully they can do something with that.
Thanks very much for your time.
-
I got PM. But will post response here.
So there are two situations in SSL (there are much more but it's complicated) - SNI or w/o SNI.
With SNI on one IP you can use many TLS sites. Because in process of handshake browser put hostname and server knows this request for what site inside is. But some browsers doesn't support SNI - Windows XP, IE6, Android 2.2/2.3 and few more. For that you need dedicated IP just they can connect correct on your site.
I think that you have issue with SNI. Because if you trying to open your IP - http://212.48.85.138/ you get warning (about host mismatch) and self-signed certificate (on some machines).
Also you need to tighten your secure connection - stop SSL (it's 15 year old and it's now deprecated), you should support only TLS. Also enable forward secrecy, OCSP stapling and TLS session tickets. It's long but you can see all recommendations here:
https://www.ssllabs.com/ssltest/analyze.html?d=quellabicycle.comI hope that implementing few of them will bring GoogleBot back in site w/o warnings.
-
Hi Highland
Thanks for your response. I've done as you suggested and put our domain through the SSL Labs Tool. Again, nothing is jumping out at me. Except of course the fact we're vulnerable to a POODLE attack for which the suggestion is simply to disable SSL?
-
I had added to the search console the HTTPs versions of the site so we have:
Do I need both HTTP & HTTPs?
& Does it matter which of either www or non-www I select as the "Preferred domain"?
With regards to your second point, I'm fairly confident that our visitors are getting no such warning as there is nothing to suggest to me, other than what is said in the search console, that it is a self-signed certificate. I've checked it on multiple computers/browsers. But as you say, as it does say it in SC then it may be the case!
I've messaged you with the site details. Thanks very much for your help and time!
-
So this is two issues:
- You should verify in SearchConsole new site https:// and link this site with Analytics to get Landing Pages. Please check for correct sitewide 301 redirect from http:// to https:// on ALL your assets. This can be CSS/JS/canonicals/images/local links between pages, etc.
- You should track down this ASAP because of SC show that certificate is self-signed probably same can be seen on your users computers/devices. And this also can lead your visits to 0 if some "warning" was shown. Probably your certificate isn't installed correct on server.
You can PM me with site so i can make quick test.
-
I would highly recommend you run your site through SSL Labs tool. It should help you identify any problems with your SSL install.
Also, make sure that you're loading GA in a secure manner. If it's not loaded securely and someone says not to load insecure assets then it won't show up.
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Huge increase in links to your site when moving to SSL
Hi My client has 2 websites that after moving them to SSL the number of links to your site in the search console increased in 10s of thousands. What can be the reasons?
Technical SEO | | digital19740 -
SSL redirect issue
Hi guys, I have a site that has some internal pages with SSL. Recently i noticed that if i put https://mydomain.com, this URL is accessible but all the design is messed up. My site is on wordpress and i use "redirection" plugin for all the 301 redirect. So i decided to add a new 301 redirect from https://mydomain.com to my actual URL version of home page http://mydomain.com. After doing that, my home page doesn't load at all. Does anybody know what happens? Thank you for advice!
Technical SEO | | odmsoft0 -
SSL, www issue. Should we buy WWW license or just add redirect from www to non-www site?
Hi, We've installed SSL certificate (Symantec Safe Site).
Technical SEO | | Ryan_V
Now our site shows with https, but when someone types www before site name it leads to http and shows strikethrough https unsafe icon in the browser. As it appears, our SSL was purchased without www domain name license. Should we buy www license or just add redirect from www to without www site? If so how to set up this redirect properly. Thanks.0 -
Big Increase in 404 Errors after Google Custom Search Engine Install on Website
My URL is: http://www.furniturefashion.comHi forum.I recently installed a Custom Google Search Engine (https://www.google.com/cse/) on my blog about ten days ago. Since then my 404 errors in Webmaster Tools has skyrocketed by several thousand. I had not had an issue before. Once it was installed the 404 errors started appearing. What's interesting is that all the errors have the URL then the word "undefined" at the end. I have attached a screen shot from my Webmaster Tools dashboard. Also, there are a few examples below of what the URLs are that have the 404 errors.wood_closet_organizer_to_improve_space_utilization/undefinedsmall-sweet-10-inspiring-small-kitchen-designs/undefined Has anyone had this issue? I very much want the search engine on my site, but not at the expense of several thousand 404 errors. My site queries has been going down since the installation of the custom search engine. Here is some of the code that I have below that I took off my site doing a "view source". Any help would be greatly appreciated.href='http://cdn.furniturefashion.com/wp-content/plugins/google-custom-search/css/smoothness/jquery-ui-1.7.3.custom.css?ver=3.9.2' type='text/css' media='all' />rel='stylesheet' id='gsc_style_search_bar-css' href='http://www.google.com/cse/style/look/minimalist.css?ver=3.9.2' type='text/css' media='all' />rel='stylesheet' id='gsc_style_search_bar_more-css' href='http://cdn.furniturefashion.com/wp-content/plugins/google-custom-search/css/gsc.css?ver=3.9.2' type='text/css' media='all' />< uXRSEkC
Technical SEO | | will21120 -
Moving my website that is currently fully https (ssl) to http (non ssl).
Hey MOZ Community. I have a site that is currently full https (ssl) and what to move it to http (non-ssl). How will this move effect my SEO and what would be the best method of doing so without causing to much damage?
Technical SEO | | Bonx0 -
Will it make any difference to SEO on an ecommerce site if they use their SSL certificate (https) across every page
I know that e-commerce sites usually have SSL certificates on their payment pages. A site I have come across is using has the https: prefix to every page on their site. I'm just wondering if this will make any difference to the site in the eyes of Search Engines, and whether it could effect the rankings of the site?
Technical SEO | | Sayers1 -
Please advice needed SSL .htaccess
Hi everyone, I recently installed verisign ssl. the idea to have page https://example.com all redirect from non-http to https work properly, but in IE whenever smbdy types https://www.example.com it shows the red screen with invalid certificate. If you click "proceed" - everything goes to normal page and on server redirect www to non-www seem to work fine. Is there way to get rid of the warning? Is it server or certificate issue? Here is the peice of code from htaccess. Please, advice needed! RewriteEngine On RewriteBase /RewriteCond %{HTTPS} !=on RewriteRule ^(.*) https://%{SERVER_NAME}/$1 [R,L] RewriteRule ^index.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] Thanks in advance
Technical SEO | | Kotkov0 -
Cant view campaign after windows 7 install
i am giving it a try here since seomoz support couldnt help me. Anyone had similar problems ? Earlier i was using W Vista (norwegian version) - did a clean reinstall of windows 7 (english version). After that i couldnt open anything related to the pro version of seomoz. When i am on the dashboard and try to open my campaign nothing happens and I just time out after a while(internet explorer). Tried with google chrome. Google chrome says after a while that this site has a redirection loop that is causing multiple redirections. Its advicing me to try to delete cookies (didnt help) also set security to minimum(didnt help). I then also realized that my google analytics didnt update last 2 days (after install). I am writing this now on my wifes mac. Seomoz and google analytics work just fine. What is wrong? anyone know ?
Technical SEO | | danlae0