Another http vs https Question?
-
Is it better to keep the Transaction/ Payment pages on a commercial website as the only secure ones (https) and remainder of website as http?
Or is it better to have all the commercial website as secure (https)?
-
I really appreciate your help. This information will definitly help me to keep my site all throughut as https the same way I wanted it to be from the beginning.
You are the Best.
S.H
-
No problem - you could place canonical tags on all the http:// pages to the https:// -
have a look at this guide from SeoMoz -
http://www.seomoz.org/learn-seo/canonicalization
I think you should also give this recent Q&A a read as it is very informative in regards to what you are looking at -
http://www.seomoz.org/q/duplicate-content-and-http-and-https
Hope this helps
-
Wow, thank you so much for your response. It attracted my attention to new points. Is there a way to keep the site entirely as https and avoid the duplicate content issue?
I am fairly new to SEO.
I am struggling with a solution for this website which is Drupal based as I am finding it not that easy to work with from SEO point.
Again thank you so muh.
S.H
-
Hi,
Thanks for your response. The thing I had the website set as such as Http with Https oertaining to transactions only but had problems in a warning appearing on logging to website indicating that some contents of pages have insecure informtion withan option to logon anyway. This has been turning visitors away.
I however realize that I have a duplicate content issue with website being as https at the moment. I am just trying to reach a solution whereby visitors feel safe purchasing from a new website that offers quite diverse service at better price than the other competitors who are major market players.
Thanks.
S.H
-
From what I understand, login boxes usually wait to be logged in to activate HTTPS. And as for social media accounts, aren't the social media sharing and links sent to the social network? Like Twitter usually goes to API of twitter's site, which is usually HTTPS.
-
Hi,
The thing is that I have the login box on all pages of that website to allow access for purchase of Products that are quite diverse and also toenter to website's social media accounts.
That is what had led me to have it https throughout whole site
Thanks.
S.H
-
From my experience, if you are an eCommerce site, it is usually best to have https with account or checkout pages.
If you are a banking or payment processing site, it is best to have https throughout the site to offer confidence to users.
So...
eCommerce = Only in checkout/payment pages or account info.
Sensitive sites, like banking or financials = throughout the whole site.
-
This is a good question, I would consider going down the route of making your transactional/payment pages https and then anything else http - anywhere your customers have to enter their sensitive data should be https. The one thing to remember with https is that it potentially causes duplicate content from a search engine point of view:
http://www.seomoz.org/q/duplicate-content-and-http-and-https
Have a look at this interesting article in relation to https and why everyone isn't using it:
http://arstechnica.com/business/2011/03/https-is-more-secure-so-why-isnt-the-web-using-it/
Remember more importance has been placed on page load times since Panda so people are looking to shave every ounce of time they can in relation to load times, this also improves user experience.
I hope this has helps give you some more insight into HTTPs and whether it would be best for your site to be all this protocol or just part of it.
-
As long as the pages that users enter any type of private / secure information is SSL (https), than you're fine. Alternatively if you want to have your entire site https, that’s fine also.
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Forced Redirects/HTTP<>HTTPS 301 Question
Hi All, Sorry for what's about to be a long-ish question, but tl;dr: Has anyone else had experience with a 301 redirect at the server level between HTTP and HTTPS versions of a site in order to maintain accurate social media share counts? This is new to me and I'm wondering how common it is. I'm having issues with this forced redirect between HTTP/HTTPS as outlined below and am struggling to find any information that will help me to troubleshoot this or better understand the situation. If anyone has any recommendations for things to try or sources to read up on, I'd appreciate it. I'm especially concerned about any issues that this may be causing at the SEO level and the known-unknowns. A magazine I work for recently relaunched after switching platforms from Atavist to Newspack (which is run via WordPress). Since then, we've been having some issues with 301s, but they relate to new stories that are native to our new platform/CMS and have had zero URL changes. We've always used HTTPS. Basically, the preview for any post we make linking to the new site, including these new (non-migrated pages) on Facebook previews as a 301 in the title and with no image. This also overrides the social media metadata we set through Yoast Premium. I ran some of the links through the Facebook debugger and it appears that Facebook is reading these links to our site (using https) as redirects to http that then redirect to https. I was told by our tech support person on Newspack's team that this is intentional, so that Facebook will maintain accurate share counts versus separate share counts for http/https, however this forced redirect seems to be failing if we can't post our links with any metadata. (The only way to reliably fix is by adding a query parameter to each URL which, obviously, still gives us inaccurate share counts.) This is the first time I've encountered this intentional redirect thing and I've asked a few times for more information about how it's set up just for my own edification, but all I can get is that it’s something managed at the server level and is designed to prevent separate share counts for HTTP and HTTPS. Has anyone encountered this method before, and can anyone either explain it to me or point me in the direction of a resource where I can learn more about how it's configured as well as the pros and cons? I'm especially concerned about our SEO with this and how this may impact the way search engines read our site. So far, nothing's come up on scans, but I'd like to stay one step ahead of this. Thanks in advance!
Technical SEO | | ogiovetti0 -
Subdomain Question
Having a difficult time on our site and looking for some advice. Our site pages are indexed perfectly, however, we have a subdomain where we have all of our images and PDF's. We only have the main domain set-up in Search Console with our sitemap. We can't seem to get any of our images indexed by Google that are in the subdomain however all the PDF's are indexed. My thought is to add the subdomain to SC and create a new sitemap that is just for the subdomain. Assuming we are not blocking any folders or files with our robots.txt can anyone think of any other reasons why the images wouldn't get indexed.
Technical SEO | | cbathd
Thanks0 -
Rel=canonical on landing page question
Currently we have two versions of a category page on our site (listed below) Version A: www.example.com/category • lives only in the SERPS but does not live on our site navigation • has links • user experience is not the best Version B: www.example.com/category?view=all • lives in our site navigation • has a rel=canonical to version A • very few links and doesn’t appear in the SERPS • user experience is better than version A Because the user experience of version B is better than version A I want to take out the rel=canonical in version B to version A and instead put a rel=canonical to version B in version A. If I do this will version B show up in the SERPS eventually and replace version A? If so, how long do you think this would take? Will this essentially pass page rank from version A to version B
Technical SEO | | znotes0 -
301 redirect Question
Hi all, I have a client who has a domain lets say www.xyz.de which is redirected 301 to www.zyx.de. Now they're working on a relaunch and they want to use the www.xyz.de as their origibnal doman after that. So, at the end the www.zyx.de - which is indexed by Google - should be redirected to www.xyz.de. It vice versa. So the redirect becomes the original and the original becomes the redirect 😕 Is there anything we have to care off? Or will that run into the hell? Thanx. Seb.
Technical SEO | | TheHecksler0 -
Redirect of https:// to http:// without SSL. Possible or not?!
Good afternoon, smart dudes : ) I am here to ask for your help. I posted this question on google help forum and stackoverflow, but looks like people do not know the correct answer... QUESTION: We used to have a secured site, but recently purchased a separate reservation software that provides SSL (takes clients to a separate secured website) where they can fill out the reservation form. We cancelled our SSL (just think its a waste to pay $100 for securing plain text). Now i have so many links pointing to our secured site and i have no idea how to fix it! How do i redirect https://www.mysite.comto http://www.mysite.com.Also would like to mention that i already have redirect from non www to www domain (not sure if that matters): RewriteEngine onRewriteCond %{HTTP_HOST} ^mysite.com$ [NC]RewriteRule ^(.*)$ http://www.mysite.com/$1 [R=301,L]As i already mentioned....we do not have SSL!!!! None of those 301 redirect codes i found online work (you have to have SSL for the site to be redirected from https to http | currently i get an error - can't establish a secured connection to the server ). Is there anything i can do???? Or do i have to purchase SSL again?
Technical SEO | | JennaD140 -
Meta Description VS Rich Snippets
Hello everyone, I have one question: there is a way to tell Google to take the meta description for the search results instead of the rich snippets? I already read some posts here in moz, but no answer was found. In the post was said that if you have keywords in the meta google may take this information instead, but it's not like this as i have keywords in the meta tags. The fact is that, in this way, the descriptions are not compelling at all, as they were intended to be. If it's not worth for ranking, so why google does not allow at least to have it's own website descriptions in their search results? I undestand that spam issues may be an answer, but in this way it penalizes also not spammy websites that may convert more if with a much more compelling description than the snippets. What do you think? and there is any way to fix this problem? Thanks!
Technical SEO | | socialengaged
Eugenio0 -
Migrating to New site keywords question
We are converting an old static html ecommerce site to a new platform. The old site has excellent ranking for some of the products. In order to maintain our ranking we will implement 301 redirects from old to new pages (as the urls will change to SEF). I am using Googles Keyword tool (in adwords) and entering each page url of the old site (there are hundreds, I'm doing the top 50 in traffic) and generating a set of keywords, then sorting each list by global searches. For each page, Google's Keyword Tool is giving me hundreds of keywords, but in meta tags there should be no more than 15, so I need a method to choose the keywords on the new page. Question: in the new meta tags should we emphasize the most common keywords (as defined by most global searches) or the least common keywords? I would hate to lose the good ranking for the least common (long tail) keywords.
Technical SEO | | ssaltman0 -
Questions about Redirects
Hi, I am trying to make sure that I can determine if a site has a 301 redirect set up to redirect the site from domain.com to www.domain.com and am hoping that you can confirm the following for me, or let me know if I am off track: is http://www.internetofficer.com/seo-tool/redirect-check/ a reliable way to check if a 301 redirect is set up? is Screaming Frog SEO Spider a good tool to use to see if a redirect is in place? if I search for site:www.domain.com and site:domain.com, I should only get results for the site being indexed, not for the site that has the 301 redirect set up, right? For example, if www.domain.com is set up to redirect to domain.com, then I should get no search results for site:www.domain.com and only show indexed pages for domain.com. If I search for site:www.domain.com and site:domain.com and get results for both, then does this mean that the redirect is not set up? if a redirect is set up from www.domain.com to domain.com, should the crawl report should only show one page crawled on www.domain.com? if a crawl report shows same number of pages for www.domain.com as for domain.com, does that mean that redirect is not set up properly? Thanks in advance for your help! Carolina
Technical SEO | | csmm0