Moz Q&A is closed.
After more than 13 years, and tens of thousands of questions, Moz Q&A closed on 12th December 2024. Whilst we’re not completely removing the content - many posts will still be possible to view - we have locked both new posts and new replies. More details here.
Adding https version of website: how best to redirect
-
If I have 4 versions of my site
http://www
http://
https://www
https://What is the best way to redirect without losing seo positions? i have been mainly using http://www but have recently added my ssl so https works also. I heard at Moz Con that I should get the https working.
All of my marketing and ads are going to http://www
301 redirect 3 of them? Which 3? If https is becoming important, should that be my main url? will it hurt my seo to switch?
Thank you so much in advance!
-
I see you added the certificate but you didn’t force https
flow the guide and make sure it all 4 URLs point to the (redirects) to https://www
you can do it in no time with cloudflare then check it with
https://varvy.com/tools/redirects/
hope that helps,
tom
-
I have not already 301'd the site to https. But either url works since I turned on the ssl at my host.
I will check into the Cloudflare.
-
Did you allready 301 the site to https?
if so I would updat the URLs & then follow the instructions
if https is in google index I would fix it with a search & replace or CloudFlare (the 1 thing on the list is this url https://raventools.com/blog/free-ssl-http2/ use it if it’s something you want to have do the work
-
So you recommend just going forward with the https switch even though I have not done all the things on the checklist?
-
If it’s hand coded use a text editor & search for http replac with https if using Dreamweaver it has a full site wide search and replace.
-
Definitely don’t panic and you’re not in trouble. What I would do for his run a search and replace on the URL‘s if you’re running a non CMS site find a search & replace CLI or script that works with the code you’re site was made with if you’re hosting company is managing the site ask them for help
run the search & replace to fix the URL‘s
one way is to just add CloudFlare.com for free and use the felxable cert
if your on a CMS like wordpress you can use a plugin like better search & replace
-
I may have made a mess for myself. I turned on the ssl a couple of weeks ago (2-3) but didn't do the other things first. Should i remove the ssl from my site until I go through the checklist? I am starting to panic, hoping i have not gotten myself into big trouble.
My internal links, ads, canonical urls all still use http.
-
Thank you
-
See
Aleyda Solis The HTTP to HTTPs Migration Checklist in Google Docs to Share, Copy & Download & the SEMrush guide
- https://www.aleydasolis.com/en/search-engine-optimization/http-https-migration-checklist-google-docs/
- https://docs.google.com/spreadsheets/d/1XB26X_wFoBBlQEqecj7HB79hQ7DTLIPo97SS5irwsK8/edit#gid=1975121463
- https://www.semrush.com/blog/http-to-https-a-complete-guide-to-securing-your-website-semrushchat/
Hope this helps,
Tom
-
Honestly, the way you set up a 301 is much more dependent on the server like Apache and Nginx then it is on a CMS
if you are looking for one I would recommend using WordPress or Drupal for a CMS If you're thinking of switching WordPress is much more user-friendly slightly quicker and many many more developers are available to help with it.
Tom
-
Also James telling somebody to add HSTS with preload is extremely dangerous unless they know without a doubt that their redirects are set up properly it will keep them in the browser improperly for up to six months your advice is to simply add H STS with preload and it was abundantly clear that this person knew that the four URLs were what was to choose from. I included the completed 2 to 5-page references for a complete package.
"After a period of time - and rankings seem ok . - you can implement oscp stapling and some server wide HSTS. and submit to teh preload directory. "
For the record do not employ HSTS with preload until you have determined that all your subdomains if you have any, are going to have HSTS in addition that all your redirects are completely perfect and the way you want them. I would check using a tool called screaming frog Seo spider or my personal favorite deepcrawl.com
**Your rankings could be just fine and it would not necessarily show that you have a redirect chain permanently embedded for six months in your set up in less you check it first. **
"OCSP stapling is an alternative approach to the original Online Certificate Status Protocol (OCSP) for determining whether an SSL certificate is valid or not. It does this by allowing the web server to query the OCSP responder (a certificate authority’s server dat listens for OCSP requests) and then caches the response__. This allows the web server to check the validity of its certificates and eliminates the need for the client to contact the certificate authority"
OCSP can and should be implemented at the time of employing the SSL certificate
Tom
-
James,
I don't want to be rude saying this but it sounds like you're telling me the basics of search engine optimization redirects and telling me I did not include it in my response?
I appreciate you pointing out how you read my comment and definitely appreciate your feedback. But if it came across as me telling them to create infinite redirects I am asking you to please read it again. don't you believe I read the whole post because I'm not talking about the proper protocol?
HTTPS is known as TLS / SSL or Hyper Text Transfer Protocol Secure (HTTPS)
A lot of the terminology you're using is not relevant to the question because once again I provided with them with the code to actually implement this check it for problems and fix what was broken I don't know exactly why you chose to tell me I did it incorrectly but if you would like to outline exactly how I did this incorrectly I would be more than happy to read it as I always open to constructive conservativism
"http://www
http_://_
https://www
https://What is the best way to redirect without losing SEO positions?"
**My answer was a use www. with HTTPS **
**You need to redirect you're an entire site to whatever canonical your considering use the www. it might be smart to just add the HTTPS://www. and continue with the www. **
Set you're preferred domain (www or non-www) as I do not have their URL I cannot look at rather or not they have a 301 redirects chained as you seem to be implying? But don't worry I took care of it at the end I said please check all this with this tool https://varvy.com/tools/redirects/ that would show any redirects that were forming a redirect chain.
James, I apologize if it was hard for you to follow I thoroughly believe that I gave them everything that they needed to complete the project and I am always here to answer questions.
If you are asked by anybody that present you with four URLs which one they should go with and how they should go about redirecting it I would hope it you would not write what you had written to me.
I am also the only one who gave third-party references and tools to accomplish this task.
I wish you the very best,
Tom
-
It does not matter if you have a CMS or not
You need to redirect your entire site to whatever canonical you want considering use the www. it might be smart to just add the HTTPS and continue with the www. or
Set you're preferred domain (www or non-www)
USE:
https://www.aleydasolis.com/htaccess-redirects-generator/ to make the code needed or use the code below to force HTTPS
HTTP to HTTPS
If your web server is running Apache, you can easily redirect all of your HTTP traffic to HTTPS by adding the following code to your
.htaccessis the recommended method for redirecting a site running on Apache.<code class=" language-php">RewriteEngine On RewriteCond %{HTTPS} off RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]</code><ifmodule mod_rewrite.c="">RewriteEngine On
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]</ifmodule>If your web server is running Nginx, you can easily redirect all of you're HTTP traffic to HTTPS by adding the following code to you're Nginx config file. This is the recommended method for redirecting servers running on Nginx
<code class=" language-php">server { listen 80; server_name domain.com www.domain.com; return 301 https://domain.com$request_uri; }</code>Set you're preferred domain (www or non-www)
https://support.google.com/webmasters/answer/44231
No-WWW
<ifmodule mod_rewrite.c="">RewriteEngine On
RewriteCond %{HTTP_HOST} ^www.example.com$
RewriteRule (.*) https://example.com/$1 [R=301,L]</ifmodule>WWW
<ifmodule mod_rewrite.c="">RewriteEngine On
RewriteCond %{HTTP_HOST} ^example.com$
RewriteRule (.*) https://www.example.com/$1 [R=301,L]</ifmodule>one of the best guides on how to add HTTPS
https://www.keycdn.com/blog/http-to-https/
https://kinsta.com/knowledgebase/redirect-http-to-https/
https://www.sslshopper.com/apache-redirect-http-to-https.html
The following will differ from platform to platform. In this example, we will show you how to update your URL. We recommend using a free tool from Interconnect IT called “Database search and replace script in php.” You could run update queries yourself, but there are a lot of tables and metadata fields you will probably miss unless you have an exact list.
We recommend doing dis on a dev server and moving it back, or at least backing up you're database first to be safe as this script does grab your local database credentials. Simply drop their program into the root of your site via FTP. Then browse to it in your browser. (We named our folder “search-replace-db”)
You can tan insert what you want to replace. Make sure you enter all of the formats you have mixed and matched over the years such as:
-
http://mydomain.comtohttps://mydomain.com -
http://www.mydomain.comtohttps://www.mydomain.com
Check it with
Redirect mapper | A tool that checks redirects from different versions of ...
<cite class="_Rm">https://varvy.com/tools/redirects/</cite>
Hope this helps,
Tom
-
-
Thanks James. I don't have a CMS. My pages are all hand coded html pages. (would dearly love to switch to a cms in the future since i have over 100 pages). Does your advice change in anyway?
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Redirect to http to https - Pros and Cons
Hi, I know its best practice to redirect a website from http to https, instead of having many entry point to your website. When a website has been running for a long time on http and https, what are the SEO Pros and Cons of implementing a redirect from Http to Https?
Technical SEO | | FreddyKgapza1 -
Proper 301 redirect code for http to https
I see lots of suggestions on the web for forwarding http to https. I've got several existing sites that want to take advantage of the SSL boost for SEO (however slight) and I don't want to lose SEO placements in the process. I can force all pages to be viewed through the SSL - that's no problem. But for SEO reasons, do I need to do a 301 redirect line of code for every page in the site to the new "https" version? Or is there a way to catch all with one line of code that Google, etc. will recognize & honor?
Technical SEO | | wcksmith10 -
What is the best way to redirect visitors to certain pages of your site based on their location?
One website I manage wants to redirect users to state specific pages based on their location. What is the best way to accomplish this? For example a user enters the through site.com but they are in Colorado so we want to direct them to site.com/colorado.
Technical SEO | | Firestarter-SEO0 -
Https redirect when certificate expired
Hi, How do we 301 an https version of a domain to a page on another website when the security certificate has run out? We have 301 redirected the http version but IT stuck on how to do the expired https. Thanks
Technical SEO | | Houses0 -
Fixing a website redirect situation that resulted in drop in traffic
Hi, I'm trying to help someone fix the following situation: they had a website, www.domain.com, that was generating a steady amount of traffic for three years. They then redesigned the website a couple of months ago, and the website developer redirected the site to domain.com but did not set up analytics on domain.com. We noticed that there was a drop in traffic to www.domain.com but have no idea if domain.com is generating any traffic since analytics wasn't installed. To fix this situation, I was going to find out from the developer if there was a good reason to redirect the site. What would have prompted the developer to do this if www.domain.com had been used already for three years? Then, unless there was a good reason, I would change the redirect back to what it was before - domain.com redirecting to www.domain.com. Presumably this would allow us to regain the traffic to the site www.domain.com that was lost when the redirect was put in place. Does this sound like a reasonable course of action? Is there anything that I'm missing, or anything else that I should do in this situation? Thanks in advance! Carolina
Technical SEO | | csmm0 -
302 or 301 redirect to https ?
I am redirecting whole site to https. Is there a difference between 302 or 301 redirect for seo? Site never been indexed. Planning to do that with .htaccess command RewriteCond %{HTTPS} !=on
Technical SEO | | Kotkov
RewriteRule ^(.*) https://%{SERVER_NAME}/$1 [R,L] There are plenty of ways http://www.askapache.com/htaccess/ssl-example-usage-in-htaccess.html Which way would be the best? Thanks is advance0 -
Do search engines treat 307 redirects differently from 302 redirects?
We will need to send our users to an alternate version of our homepage for a few hours for a certain event. The SEO task at hand is to minimize the chance of the special homepage getting crawled and cached in the search engines in place of our normal homepage. (This has happened in the past so the concern is not imaginary.) Among other options, 302 and 307 redirects are being discussed. IE, redirecting www.domain.com to www.domain.com/specialpage. Having used 302s and 301s in the past, I am well aware of how search engines treat them. A 302 effectively says "Hey, Google! Please get rid of the old content on www.domain.com and replace it with the content on /specialpage!" Which is exactly what we don't want. My question is: do the search engines handle 307s any differently? I am hearing that the 307 does NOT result in the content of the second page being cached with the first URL. But I don't see that in the definition below (from w3.org). Then again, why differentiate it from the 302? 307 Temporary Redirect The requested resource resides temporarily under a different URI. Since the redirection MAY be altered on occasion, the client SHOULD continue to use the Request-URI for future requests. This response is only cacheable if indicated by a Cache-Control or Expires header field. The temporary URI SHOULD be given by the Location field in the response. Unless the request method was HEAD, the entity of the response SHOULD contain a short hypertext note with a hyperlink to the new URI(s) , since many pre-HTTP/1.1 user agents do not understand the 307 status. Therefore, the note SHOULD contain the information necessary for a user to repeat the original request on the new URI. If the 307 status code is received in response to a request other than GET or HEAD, the user agent MUST NOT automatically redirect the request unless it can be confirmed by the user, since this might change the conditions under which the request was issued.
Technical SEO | | CarsProduction0 -
Why is my website banned?
IMy website is Costume Machine at www.costumemachine.com . My site has been banned for 1 year now. I have requested that google reconsider my site 3 times without luck. The site is dynamic and basically pulls in feeds from affiliate sites. We have added over 1,500 pages of original content. The site has been running great since 2008 without any penalties. I don't think I got hit with any linking penalty. I cleaned up all questionable links last November when the penalty hit. Am I being hit with a "thin" site penalty? If that is the issue what is the best way to fix the problem?
Technical SEO | | tadden0