Proper method of consolidating https to http?
-
A client has an application area of the site (a directory) that has a form and needs to be secured with ssl. The vast majority of the site is static, and does not need to be secured. We have experienced situations where a visitor navigates the site as https which then throws security errors. We want to keep static visitors on http; (and crawlers) and only have visits to the secure area display as ssl. How is this best accomplished?
Our developer wants to add a rule to the global configuration file in php that uses a 301 redirect to ensure static pages are accessed as http, and the secure directory is accessed as https. Is the the proper protocol? Are there any SEO considerations we should make?
Thanks.
-
Hi there,
I would agree with your developer in using 301 redirects to ensure all static pages resolve only to the HTTP version while the secure pages resolve only to HTTPS.
As for SEO, the search engines should follow these 301 redirects just fine, but it might also be a good idea to designate canonical URLs to tell the search engines only to index non-HTTPS pages just to be safe. The PHP code below automatically detects which version of the page is being accessed and automatically inserts a canonical tag to tell the search engines to only index the non-HTTPS versions.
$currenturl= $_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];
//Check if it is using the secure https port which is 443
if ($_SERVER["SERVER_PORT"] == “443″) {//connected to secure port, formulate the http canonical version
$canonicalversion=”http://”.$currenturl;//echo the canonical version to the HTML as link rel canonical tag
echo ‘’;
}
?>
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Http:// vs Https:// in Og:URL
Hi, Recently, we have migrated our website from http:// to https://. Now, every URL is in https:// and we have used 301 permanent redirection for redirecting OLD URL's to New Ones. We have planned to include http:// link in og:url instead of https:// due to some social share issues we are facing. My concern is, if Google finds the self http:// URL on every page of my blog, will Google gets confused with http and https:// as we are providing the old URL to Google for crawling. Please advice. Thanks
Technical SEO | | SameerBhatia0 -
Http -> https redirections / 301 the right way
Dear mozers, Thank you for your time reading the message and wanting to help! So, we have moved our WordPress to https and redirected all the content successfully via htaccess file. We used a simple 301 redirect plugin, which we are using to redirect old URLs to the new ones. The problem today is, the redirections in the plugin are not working for http version. Here is an example: htaccess redirect: http --> https Plugin redirect domain.com/old --> domain.com/new but, the url http://domain.com/old is not redirecting to https://domain.com/new while https://domain.com/old does redirects to https://domain.com/new What can you suggest as a solution? Thank you in advance! P.S. I don't think having 2 redirects for each version of the URL is the smartest solution Best wishes, Dusan
Technical SEO | | Chemometec0 -
How bad is it to have duplicate content across http:// and https:// versions of the site?
A lot of pages on our website are currently indexed on both their http:// and https:// URLs. I realise that this is a duplicate content problem, but how major an issue is this in practice? Also, am I right in saying that the best solution would be to use rel canonical tags to highlight the https pages as the canonical versions?
Technical SEO | | RG_SEO0 -
Should we dump the https from a client site?
We inherited a site that has both http and https. No e-commerce or data transfer...just html. Should we dump the https certificate? I think it might be causing issues with indexing and possible duplicate content. The https site has a certificate warning message...not good. The URL is www.charlottemechanical.com
Technical SEO | | theideapeople0 -
What is the best way to deal with https?
Currently, the site I am working on is using HTTPS throughout the website. The non-HTTPS pages are redirected through a 301 redirect to the HTTPS- this happens for all pages. Is this the best strategy going forward? if not, what changes would you suggest?
Technical SEO | | adarsh880 -
WordPress - How to stop both http:// and https:// pages being indexed?
Just published a static page 2 days ago on WordPress site but noticed that Google has indexed both http:// and https:// url's. Usually I only get http:// indexed though. Could anyone please explain why this may have happened and how I can fix? Thanks!
Technical SEO | | Clicksjim1 -
Does http://my.dudamobile.com/ Effect SEO
Hi, Hope everyone is enjoying the new year! I was wondering if converting your desk top website to a mobile one, example via http://my.dudamobile.com/, has any negative effects on SEO. Did it effect your site? Do you recommend doing it? Does it effect links? When people link to your desk top URL does that authority carry to the mobile, or would it be better if they link to the mobile (m.website.com) URL? Is http://my.dudamobile.com/ a good choice? Any feedback, as always, is greatly appreciated! Thanks Jimmy
Technical SEO | | jimmy02250 -
.htaccess problem using POST method
Hi guys I'm after some help with trying to achieve the following: 1. Canonicalise to http://www. 2. Remove the index.php from root and subfolders. I have the .htaccess code below, which seemed to work fine, but the urls use the POST method and this isn't working with the rewrites. Can anyone please advise as to what I am doing wrong? As you can probably guess .htaccess isn't my strongest SEO discipline! The code I have is: http:// to http://www. RewriteEngine on
Technical SEO | | TrevorJones
RewriteCond %{HTTP_HOST} ^mydomainexample.com
RewriteRule (.*) http://www.mydomainexample.com/$1 [R=301,L] /index.php to / Options +FollowSymLinks
DirectoryIndex index.php RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /index.php\ HTTP/
RewriteRule ^index.php$ http://www.mydomainexample.com/ [R=301,L] Subdirectory /index.php to / RewriteCond %{THE_REQUEST} ^[A-Z]+\ /([^/]+/)index.(php|html|htm?)[#?]?
RewriteRule ^(([^/]+/))index.(php|html|htm?)$ http://www.mydomainexample.com/$1 [R=301,L] Just to add to this I have found this which I think is what I need to restrict it to GET: RewriteCond %{THE_REQUEST} ^GET.*index\.php [NC]RewriteRule (.*?)index\.php/*(.*) /$1$2 [R=301,L] Thank you in advance for any suggestions as to how I may put this code together.. Trevor0