Another http vs https Question?
-
Is it better to keep the Transaction/ Payment pages on a commercial website as the only secure ones (https) and remainder of website as http?
Or is it better to have all the commercial website as secure (https)?
-
I really appreciate your help. This information will definitly help me to keep my site all throughut as https the same way I wanted it to be from the beginning.
You are the Best.
S.H
-
No problem - you could place canonical tags on all the http:// pages to the https:// -
have a look at this guide from SeoMoz -
http://www.seomoz.org/learn-seo/canonicalization
I think you should also give this recent Q&A a read as it is very informative in regards to what you are looking at -
http://www.seomoz.org/q/duplicate-content-and-http-and-https
Hope this helps
-
Wow, thank you so much for your response. It attracted my attention to new points. Is there a way to keep the site entirely as https and avoid the duplicate content issue?
I am fairly new to SEO.
I am struggling with a solution for this website which is Drupal based as I am finding it not that easy to work with from SEO point.
Again thank you so muh.
S.H
-
Hi,
Thanks for your response. The thing I had the website set as such as Http with Https oertaining to transactions only but had problems in a warning appearing on logging to website indicating that some contents of pages have insecure informtion withan option to logon anyway. This has been turning visitors away.
I however realize that I have a duplicate content issue with website being as https at the moment. I am just trying to reach a solution whereby visitors feel safe purchasing from a new website that offers quite diverse service at better price than the other competitors who are major market players.
Thanks.
S.H
-
From what I understand, login boxes usually wait to be logged in to activate HTTPS. And as for social media accounts, aren't the social media sharing and links sent to the social network? Like Twitter usually goes to API of twitter's site, which is usually HTTPS.
-
Hi,
The thing is that I have the login box on all pages of that website to allow access for purchase of Products that are quite diverse and also toenter to website's social media accounts.
That is what had led me to have it https throughout whole site
Thanks.
S.H
-
From my experience, if you are an eCommerce site, it is usually best to have https with account or checkout pages.
If you are a banking or payment processing site, it is best to have https throughout the site to offer confidence to users.
So...
eCommerce = Only in checkout/payment pages or account info.
Sensitive sites, like banking or financials = throughout the whole site.
-
This is a good question, I would consider going down the route of making your transactional/payment pages https and then anything else http - anywhere your customers have to enter their sensitive data should be https. The one thing to remember with https is that it potentially causes duplicate content from a search engine point of view:
http://www.seomoz.org/q/duplicate-content-and-http-and-https
Have a look at this interesting article in relation to https and why everyone isn't using it:
http://arstechnica.com/business/2011/03/https-is-more-secure-so-why-isnt-the-web-using-it/
Remember more importance has been placed on page load times since Panda so people are looking to shave every ounce of time they can in relation to load times, this also improves user experience.
I hope this has helps give you some more insight into HTTPs and whether it would be best for your site to be all this protocol or just part of it.
-
As long as the pages that users enter any type of private / secure information is SSL (https), than you're fine. Alternatively if you want to have your entire site https, that’s fine also.
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Link to AMP VS AMP Google Cache VS Standard page?
Hi guys, During the link building strategy, which version should i prefer as a destination between: to the normal version (php page) to the Amp page of the Website to the Amp page of Google Cache The main doubt is between AMP of the website or standard Version. Does the canonical meta equals the situation or there is a better solution? Thank you so mutch!
Technical SEO | | Dante_Alighieri0 -
Can you keep you old HTTP xml sitemape when moving to HTTPS site wide?
Hi Mozers, I want to keep the HTTP xml sitemape live on my http site to keep track of indexation during the HTTPS migration. I'm not sure if this is doable since once our tech. team forces the redirects every http page will become https. Any ideas? Thanks
Technical SEO | | znotes0 -
vs.
I have a site that is based in the US but each page has several different versions for different regions. These versions live in folders (/en-us for the US English version, /en-gb for the UK English version, /fr-fr for the French version, etc.). Obviously, the French pages are in French. However, there are two versions of the site that are in English with little variation of the content. The pages all have a tag to indicate the language the page is in. However, there are no <hreflang>tags to indicate that the pages are the same page in two different languages.</hreflang> My question is, do I need to go through and add the <hreflang>tags to each page to reference each other and identify to Google that these are duplicate content issues, but different language versions of the same content? Or, will Google figure that our from the tag?</hreflang>
Technical SEO | | InterCall0 -
Easy Question: regarding no index meta tag vs robot.txt
This seems like a dumb question, but I'm not sure what the answer is. I have an ecommerce client who has a couple of subdirectories "gallery" and "blog". Neither directory gets a lot of traffic or really turns into much conversions, so I want to remove the pages so they don't drain my page rank from more important pages. Does this sound like a good idea? I was thinking of either disallowing the folders via robot.txt file or add a "no index" tag or 301redirect or delete them. Can you help me determine which is best. **DEINDEX: **As I understand it, the no index meta tag is going to allow the robots to still crawl the pages, but they won't be indexed. The supposed good news is that it still allows link juice to be passed through. This seems like a bad thing to me because I don't want to waste my link juice passing to these pages. The idea is to keep my page rank from being dilluted on these pages. Kind of similar question, if page rank is finite, does google still treat these pages as part of the site even if it's not indexing them? If I do deindex these pages, I think there are quite a few internal links to these pages. Even those these pages are deindexed, they still exist, so it's not as if the site would return a 404 right? ROBOTS.TXT As I understand it, this will keep the robots from crawling the page, so it won't be indexed and the link juice won't pass. I don't want to waste page rank which links to these pages, so is this a bad option? **301 redirect: **What if I just 301 redirect all these pages back to the homepage? Is this an easy answer? Part of the problem with this solution is that I'm not sure if it's permanent, but even more importantly is that currently 80% of the site is made up of blog and gallery pages and I think it would be strange to have the vast majority of the site 301 redirecting to the home page. What do you think? DELETE PAGES: Maybe I could just delete all the pages. This will keep the pages from taking link juice and will deindex, but I think there's quite a few internal links to these pages. How would you find all the internal links that point to these pages. There's hundreds of them.
Technical SEO | | Santaur0 -
Questions about the Sandbox and 301 Redirects
Does the sandbox still exist? What if you have a brand new URL and do a 301 redirect from another website because the name of the service business changed? Thanks for any insight and help.
Technical SEO | | SDSLaw0 -
Switching to HTTPS
I'm trying to get my server PCI Compliant and they want me to switch the forums at http://www.usacarry.com/forums/ over to https because of the logins. Could this possibly affect my existing rankings?
Technical SEO | | USACarry0 -
Https Version of Homepage in SERPS
The https version of our homepage appears in Google's SERPs. We have rel canonical on the page pointing to the http version. We have a redirect in our htaccess that sends https to http. I thought this was just a fluke and it would be fixed by the next crawl, but it's been like this for a few weeks now. Not only that, but we're losing rank a bit and I'm afraid there's a correlation. Has this ever happened to anyone?
Technical SEO | | UnderRugSwept0 -
Another Penalty Question - Should I Start from Scratch?
I've seen many questions on google penalties recently. Not really sure where to go from here. I realised a year or so we would be living on borrowed time with our link building methods. We have been really successful in the past and are keen to build a site that has a bit more longevity. We have not received a warning from google but have lost pretty much all of our ranking for everything. My question is with our backlink profile as it is. Building links from various blog networks for the past 3 years. Is it just worth rebranding and starting from scratch rather than trying to get over a million links removed? We have a lot of content that I guess could be classed as spam. Should I really remove all of the content? or leave it running as we are still getting some traffic from other marketing activities. Or should I just get a new domain and transfer all the decent content?
Technical SEO | | DaveDawson2