Moving to TLS and disavow file
-
I'm considering the move to TLS/SSL obviously will be setting up the version in Search Console, do I need to re-upload the disavowal file previously generated before the move?
Look forward to your response.
-
I appreciate your comprehensive article, However, may I kindly point out my question was to do with Disavow in Google Search Console, Not the implementation of secure.
-
1. Get and Install Certificates
Buy a 2048-bit TLS/SSL SHA-2 secure certificate from a Certificate Authority (CA)
Generate some documents so that the CA can issue a signed certificate
Send the CA what they need (your public key and certificate signing request)
Install certificates on your servers
2. Enable HTTPS on Your Servers
Configure your server for HTTPS. Check out these configuration tips for popular servers.
Test properly functioning using an external testing tool. Here’s a good one.
Set a reminder to update your secure certificate before it expires.
3. Code & Configuration Changes
Update site content to request https resources
Update internal links to point to https pages or consider making internal links relative
Use protocol relative URIs. Example: (see note below)
Add self-referencing rel canonical tag to every page, pointing to your HTTPS URIs
Change all Ad calls to work with HTTPS
Update any internal tools, such as Optimizely or CrazyEgg, to work with HTTPS
Update legacy redirects to eliminate chained redirects (see note below)
Update OpenGraph, Schema, Semantic markup etc. to point to HTTPS
Update social sharing buttons to preserve share counts
4. Robots.txt, XML Sitemaps, Search Console and Analytics
Create and verify a new property for the HTTPS site in Google Search Console
Create a new XML sitemap file that points to your HTTPS URLs and upload it to the new property in Search Console
Create a new robots.txt file for the HTTPS site and copy over all existing rules. Include a Sitemap link to the new HTTPS XML sitemap.
Remove all rules from the HTTP robots.txt file, except for the Sitemap link, and leave it in place. This is to encourage bots to crawl and follow all redirects.
Copy any existing disavow file and upload it to the new HTTPS property in Search Console
Note: Don’t use the “Change of Address” feature in Google Search Console. That’s used for migrations to new domains.
5. Redirect HTTP to HTTPs
Deploy the redirect code
Redirect HTTP to HTTPS on IIS (7.x and higher)
Redirect HTTP to HTTPS on Apache
Redirect HTTP to HTTPS on Nginx
Include exceptions to any global redirect directives for your existing robots.txt and XML sitemap files
6. Follow-Up (after the release)
Use a tools, like SSL Check, to scan your site for non-secure content
Check HTTPS redirects and legacy redirects to ensure they work correctly. Check for long redirect chains using a tools that captures the header responses (I like Redirect Path by Ayima). Check for proper redirect functionality from both www and non-www, with and without trailing slashes, etc.
Use “Fetch as Google” tool and submit your Home page and other key pages to speed up the indexing process. I use the “Crawl this URL and its direct links” option.
Monitor the Index Status report in Search Console. The HTTP property should eventually go to zero, and the HTTPS should increase. Take this a step further by calculating the indexation rates of each XML sitemap and monitor them over time.
Monitor the Crawl Errors report in Search Console and address errors, as appropriate
When most new (HTTPS) URLs are already indexed, remove the legacy sitemap link from Robots.txt
Update incoming links that are within your control to point to HTTPS (eg. links to your site from social media profiles)
7. Turn on Strict Transport Security (HSTS)
Once you’re absolutely sure the entire site is working with HTTPS, use HSTS to improve performance by ensuring the browser “remembers” to send all requests to your site to https based on a policy you set. Keep in mind that this means your site will only use HTTPS, so make sure it works! (source).
here is another an good written guide for you.
-
Hey there,
You absolutely do need to. One of the biggest mistakes people make is not migrating their disavow file when they switch domains/encryptions.
Sean
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Move a Wordpress Site to HTTPS with Bluehost
HI Guys, do you think that the following guide is enoght to move a bluehost wordpress site to https in a seo best practive way? https://www.shoutmeloud.com/free-ssl-certificate-bluehost-hosting.html Basically their steps are: Install SSL on Bluehost panel Install Really Simple SSL Wp Plugin Edit Your .htacess File & Add The Code For HTTP To HTTPS Redirection Update All HTTP URLs In Database To HTTPS Using Search and Replace Plugin Use Broken Link Checker plugin & use its redirection module to find links to 3rd party sites with HTTP that should now be HTTPS. Last thing to do Submit your new HTTPS site to Google Search Console & submit your sitemap. Update your profile link on Google Analytics. Update your website links on social media profiles & anywhere else they exist. This step you can do in pieces in the coming days. Read this guide to learn more about HTTP to HTTPS migration & fixing mixed content. If you disabled Who.Is guard for your domain name, you can enable it now. Do you know a better practical guide for wordrpess? in term of usefull plugins to handle the migration? Tx to everyone!
Technical SEO | | Dreamrealemedia0 -
Negative SEO attack, just keep disavowing?
Hello, Around 2 months ago someone started a negative SEO campaign against us. Each week in Majestic around 50-60 domains appear (all .biz or .eu) which link to our site in hidden code via the exact match keyword. Now luckly nothing has happened to our rankings, as i have been disavowing all those links as soon as they appear in Majestic. (google only shows a few of them, and Google webmaster forum told me that google only shows a "sample of links" and that we should disavow as soon as we see) So only thing for me is to monitor majestic each week and keep on disavowing. I think there are almost 250 domains to this date i have disavowed. Or should i still only disavow those that google shows? (I think not, as those are "sample links")
Technical SEO | | advertisingtech0 -
Can you keep you old HTTP xml sitemape when moving to HTTPS site wide?
Hi Mozers, I want to keep the HTTP xml sitemape live on my http site to keep track of indexation during the HTTPS migration. I'm not sure if this is doable since once our tech. team forces the redirects every http page will become https. Any ideas? Thanks
Technical SEO | | znotes0 -
Mass HTTP to HTTPs move
Hi, As as part of an on-site SEO optimisation process, we've identified moving over from http to https - this is also in part to ensure our on-site forms are secure. In our industry our website has a high traffic volume (top 2 in the industry), we are concerned what impact the 301-redirecting from http to https would have on our organic traffic, both in terms of how Google would react to this mass-301 redirect plus the loss of 'search value' of inbound links. Privacy issues aside, would the minor quality-signal improvement be worth the move? Anyone have experience with such a move - was the outcome positive? Many thanks, Jason
Technical SEO | | Clickmetrics0 -
When doing internal linking back to your home/index file what is the best coding course of action?
When doing internal linking back to your home/index page is it best to set the code as linked to "www.thedomain.com" or "www.thedomain.com/" or just "/" - I'm attempting some canonicalization and our programmer is concerned about linking to just the URL as he's saying it's going to be viewed as an external source. We have www redirects in place that come back to just www.thedomain.com and a redirect to send the www.thedomain.com/index.php back to just www.thedomain.com . Any help would be appreciated, thank you!
Technical SEO | | CharlesDaniels0 -
Directory Naming & File Organization
We're redoing an entire site and are going to reorganize, and link to the site's pages by directory instead of page name. So instead of:xyz.com/services/fixingtvs.phpit will be:xyz.com/fixingtvsAt first I was thinking 1 index.php page per directory but that will make content management really confusing with a bunch of files with the same name.Anyone have a better idea?Thanks,Matt
Technical SEO | | mattloht0 -
What's the best way to deal with an entire existing site moving from http to https?
I have a client that just switched their entire site from the standard unsecure (http) to secure (https) because of over-zealous compliance issues for protecting personal information in the health care realm. They currently have the server setup to 302 redirect from the http version of a URL to the https version. My first inclination was to have them simply update that to a 301 and be done with it, but I'd prefer not to have to 301 every URL on the site. I know that putting a rel="canonical" tag on every page that refers to the http version of the URL is a best practice (http://www.google.com/support/webmasters/bin/answer.py?hl=en&answer=139394), but should I leave the 302 redirects or update them to 301's. Something seems off to me about the search engines visiting an http page, getting 301 redirected to an https page and then being told by the canonical tag that it's actually the URL they were just 301 redirected from.
Technical SEO | | JasonCooper0 -
When moving my ecommerce website from one host to another should I also 301 all my image urls?
I'm going to be 301'ing a lot of pages, but should i also 301 my image URLS? Any other helpful hints would be awesome too, as this will be my first move online ever. We've been with our host 3 years. Thanks! Paul Serra STbands.com, Owner
Technical SEO | | Hyrule0