HTTP & HTTPS
-
what is best recommended when some of the pages on site goes from HTTP to HTTPS: 301 redirection or 302 redirection?
and why?thank you
I was asked to elaborate so:
on my website I have open account pages. users are asked to fill the details. those page are secured and are HTTPS. the problem is that the whole website turned to HTTPS so they redirected most of the pages from HTTPS to HTTP.
the secured pages are redirected from HTTP to HTTPS.I wanted to check if it's correct and what is the best redirection way (301 or 302)
-
It could be this easy
http://kb.sucuri.net/cloudproxy/Configuration/how-to-enable-SSL
-
The answer is 301 redirect however you would ideally like your chosen and page either non-www.or www.so
Or
To be a 200
Here is an example of an HTTPS:// website and the headers it returns when run through this tool that will give you your answer.
http://www.feedthebot.com/tools/headers/test.php
The site I am referencing is using www. so I put the URL with the www.the tool referenced below the headers it will give me a 200 okay
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 17 Jun 2014 15:38:47 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Vary: Accept-Encoding
If I put the same URL from the same website into this tool but do not include www.
I receive this
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 17 Jun 2014 15:39:53 GMT
Content-Type: text/html
Keep in mind you will get a lot more information but you are really should only care about what it says after HTTP/1.1
Useing
http://www.feedthebot.com/tools/headers/test.php
Like the others though I am concerned as to how you are going to make this change.
What company are you buying the SSL certificate from? What is your hosting company? Many times these things are implemented via the hosting, load balancer, WAF etc.
There are so any ways to implement https://
that in less you elaborate a little bit more on your server architecture for instance if you could tell me for using a CMS in your hosting company that would be a big step in the right direction.
Are you using load balancers?
Are using a WAF
or CDN to carry the SSL Cert?
I strongly suggest you reference this information about redirection
http://moz.com/learn/seo/redirection
This great blog post by Cyrus Shepard
http://moz.com/blog/save-your-website-with-redirects
SSL if you are familiar with Regex I would strongly recommend taking a look at this great information provided by WP engine that can be used on WordPress platforms in addition to other platforms as well.
http://wpengine.com/support/regex/#ssl
If you are using a WAF (I do not recommend CloudFlare regardless I know that you would be using a similar tactic shown here depending on the WAF or cloudproxy)
sincerely,
Thomas
-
In my mind the answer is complicated and depends a lot on your site structure and how your cms or website handles https.
Case in point, if you go to a https page on your site and all of the links pointing out from that page are to https pages, but the pages are redirected to http pages I would consider that bad. The way some sites are written, they just use the same protocol that the current page uses no matter what, so you would have to redirect the links on the page to the non secure pages, I would use a 302 in that instance. At the same time if it is possible I would see if this can be corrected, because it is not proper. The same happens a lot going from non-secure to secure with some platforms as well.
This site has an example of what I mean. http://junglejumparoo.com/product/jungle-jumparoo/ If you add the product to the cart, then hover over the checkout button, it is http, but clicking it redirects you to https. Then on the next page, if you mouse over the menu, you will notice that all of the links are https now. That is handling ssl incorrectly, but in that case I would use a 302 redirect I guess.
Doing the redirect is a quick fix, but as a long game I would try to fix the issue itself and not do a redirect.
-
I think you may need to elaborate a little on your question as to why the page goes from http to https ie for a cart checkout etc?
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Https to http
Two versions of the same page are being served at the moment. Certain pages on the site redirect to the https version whilst others don't. I am being flagged for duplicate content because of this. Is this a simple fix? As in just redirect all to the https version and set the preferred version in WMT?
Technical SEO | | TAT1000 -
Changing Ecommerce Site Display style will it impact on seo & performance?
Hello Expert, Do redesign website will affect seo? At initial level drop in visitor, pageviews? Actually I am redesign my ecommerce site but we are not changing 1) url's 2) we are not changing content 3) we are not changing server 4) we are not changing navigation. We are changing display style at homepage, category page, subcategory page, product page, checkout step. So still it will impact on website visitors & pageviews? 2) How google will react on int 3) How visitor will react? Thanks!
Technical SEO | | Johny123450 -
Mass HTTP to HTTPs move
Hi, As as part of an on-site SEO optimisation process, we've identified moving over from http to https - this is also in part to ensure our on-site forms are secure. In our industry our website has a high traffic volume (top 2 in the industry), we are concerned what impact the 301-redirecting from http to https would have on our organic traffic, both in terms of how Google would react to this mass-301 redirect plus the loss of 'search value' of inbound links. Privacy issues aside, would the minor quality-signal improvement be worth the move? Anyone have experience with such a move - was the outcome positive? Many thanks, Jason
Technical SEO | | Clickmetrics0 -
Changing the order of items on page against Google Terms & Conditions?
Good day, I am wondering if anybody here has done something like this before. I have a page in one of my sites that contains a number of different - but related - free resources. The resources can be sorted in different ways once the user is on the page. Now I am starting an outreach campaign, and want to be able to send out custom URLS (which pretty much means they have different query strings after them like '?id=123' ) so that when a person clicks on the link to the page it brings up the stuff they are more likely to be interested in at the top. I expect - hope - that some of these people will put links back to this page as a result of this. Now all the links may be slightly different, but they will come to the same page and the content will look slightly different. I will make sure to have the rel=canonical tag in place. Does anybody know if this would be in violation of Google Terms and Conditions. I can't see how, but I wanted to see what the experts here on Moz think before moving forward. Thanks in advance.
Technical SEO | | rayvensoft0 -
Http vs https: which is better for seo / usability
Hi All, Firstly thank you for taking the time to look. My dilemma is as follows; I have a site on wordpress that I have added an ssl certificate to and the entire domain is secure. The site has a mix of content including a blog area and product pages. My question is what does Google prefer, http or https or does it not matter As i see it my option is to keep the entire site as https and enforce this sitewide so all non secure content redirects to the https version or i could enforce https just in the cart and or product pages, all other content, homepage, blog, about us, contact us etc would be http. From an seo perspective ie google search engine, is their a best way to proceed? Finally, as i currently have http and https both displaying ie duplicate, what would be the way to fix this, i have yoast plugin so can set the canonical there and can also edit my robot.txt. I have come across this resource (http://www.creare.co.uk/http-vs-https-duplicate-content) and am wondering if this guideline is still correct or is there another more current way, if so I would be grateful if you could point me in the right direction. thanks in advance.
Technical SEO | | Renford_Nelson0 -
Redirects & 404 Errors
Hi everyone, I'm probably missing some GLARING error here, but I'm hoping you can help me! We recently built a new website on Wordpress and attempted to use a redirect plugin to take care of some old pages. The issue we are having though, is that when you click an old link you are not automatically redirected and instead are given a 404 error page. Then, when you try to view another page (by clicking a navigation item), every pages shows a 404 error. I implemented a redirect plugin, however it seems to start to work then still throws the 404 page. I believe this has something to do with the htaccess file which has the standard WP rewrite info in there... The way the old site was setup was kind of janky, so wondering if it's on that side or if I'm just going crazy. An old URL example would be http://orchards inn.com/index.php/specials and the new page is http://orchardsinn.com/special-offers. Sometimes the redirect seems to work, and others it actually throws a 404 page, then every other page in the navigation is 404'd as well. Your help is GREATLY appreciated!!
Technical SEO | | marisolmarketing0 -
Http & https canonicalization issues
Howdyho I'm SEOing a daily deals site that mostly runs on https Versions. (only the home page is on http). I'm wondering what to do for canonicalization. IMO it would be easiest to run all pages on https. But the scarce resources I find are not so clear. For instance, this Youmoz blog post claims that https is only for humans, not for bots! That doesn't really apply anymore, right?
Technical SEO | | zeepartner0 -
Https-pages still in the SERP's
Hi all, my problem is the following: our CMS (self-developed) produces https-versions of our "normal" web pages, which means duplicate content. Our it-department put the <noindex,nofollow>on the https pages, that was like 6 weeks ago.</noindex,nofollow> I check the number of indexed pages once a week and still see a lot of these https pages in the Google index. I know that I may hit different data center and that these numbers aren't 100% valid, but still... sometimes the number of indexed https even moves up. Any ideas/suggestions? Wait for a longer time? Or take the time and go to Webmaster Tools to kick them out of the index? Another question: for a nice query, one https page ranks No. 1. If I kick the page out of the index, do you think that the http page replaces the No. 1 position? Or will the ranking be lost? (sends some nice traffic :-))... thanx in advance 😉
Technical SEO | | accessKellyOCG0