Can I leave off HTTP/HTTPS in a canonical tag?
-
We are working on moving our site to HTTPS and I was asked by my dev team if it is required to declare HTTP or HTTPS in the canonical tag? I know that relative URL's are acceptable but cannot find anything about HTTP/HTTPS.
Example of what they would like to do
Has anyone done this?
Any reason to not leave off the protocol?
-
Very good to hear, thanks Shawn! The goal is to use absolute canonicals, but for a period of time, we may have to use protocol relative. The redirects in place should avoid any duplicate content issues, which seems to be the big landmine.
-
That's good to know. Thanks for the update Shawn.
Since the initial discussion took place several Google reps. have publicly stated that there is no PageRank loss between redirects and rel ="canonical" tags. This seems to substantiate their claim.
The biggest issue with these is when giving conflicting instructions to user agents, such as a redirect to a page that rel canonicals back to the URL from which it was redirected, thus closing an infinite loop. For example, if you redirected from HTTP to HTTPS, but then the HTTPS version had a rel ="canonical" tag that was hard-coded to the HTTP version.
The above issue doesn't apply because you're redirecting from HTTP to HTTPs, which shows a relative path rel canonical tag for the HTTPs domain.
-
Now that our entire site is HTTPS, there does not seem to be any negative impact to our URL's by leaving off the HTTP protocol. If there was any traffic lost, it didn't seem significant as our reports did not indicate a decline. One year later, traffic through SEO is higher than before we implemented.
I personally agree with Everett, don't leave things to chance. I did require that the homepage did have HTTPS for the canonical though. I felt massive panic attacks while we were going through the transition. However, if you are unable to convince your developers the importance of using an absolute path for canonical this did not seem to have a negative impact on our site.
I am glad that we didn't have any noticeable impact, but I am also glad that I didn't turn it into a bigger issue within our leadership team. Since we didn't see anything negative, it could've reduced my credibility within the business which would've had made it difficult for larger SEO problems.
BTW, we are still using relative canonical tags today. (except the homepage, that still has HTTPS)
-
Hey Shawn, did using an unspecified HTTP/HTTPS protocol work for you in the canonical and/or HREF-LANG? We are going through a transition to HTTPS as well, and have multiple systems with some URLs that are hard coded. Hoping this solution would work as a short-term fix, while we update these pages to use a new, more dynamic system.
-
Shawn,
My advice would be to canonical everything to the HTTPS version using an absolute path. That would be the best practice. I understand that is not what you're doing and you aren't getting any errors, but site-wide use of rel canonicals is something that can do more harm than good if a search engine misinterprets what you're trying to accomplish.
Either way, good luck and keep us posted.
-
No worries Shawn. I also hope it doesn't cause issues down the line. Everything in me is screaming "Don't do it!"
Best of luck.
-Andy
-
I know, and that's what sucks. It appears to work, but goes against what seems to be best practice and since I cannot find other instances to state one or the other it's hard not to follow their logic.
I just hope it doesn't screw up everything in the end. Thanks for the discussion.
-
Well, if it works (which I didn't think it would!) then I guess that answers one question - and I ran that page through Screaming Frog just to confirm there are no issues and it does indeed canonical back to the https version of the page.
I just can't get out of the mindset that the format looks wrong. I haven't seen other instances of it done that way, and like you, have no documentation to suggest issues that might be caused.
Sorry I can't be of more help.
-Andy
-
Thanks Andy, I posted a reply to the other response that ties into your comment here. On the page I listed above, there are not errors if I use HTTPS and the canonical doesn't declare anything. We have SSL certs, just haven't made the big switch yet.
-
Thanks for the answers, all of which I've passed on to them.
They have attempted this on a page and have not seen any errors or issues as of yet which is problematic for me in the sense of if I cannot show where any issue results by them taking shortcuts, they will not necessarily listen to my feedback.
Here is the URL that they have left off the protocol in the canonical
http://www.alaskaair.com/content/deals/flights/cheapest-flights-to-hawaii.aspx.
I use the Chrome extension Canonical which doesn't give me the icon indicating that I am not viewing the preferred URL. When I use HTTPS and view source it looks the same as it does with HTTP. Sometimes there are parameters in the URL like ?INT=AS_HomePage_-prodID:SEO and even with HTTP missing from the canonical it still seems to work.
Since I cannot find any documentation against doing it this way I am getting strong resistance to declaring HTTP and then going back at some point when it moves to HTTPS and updating. Like I've stated above, they are using this for links and assets on the site since our site moves back and forth between HTTPS and HTTP depending on what the customer is doing and they have found leaving off the protocol it makes their life easier and limits the errors that Andy below mentions.
https://www.alaskaair.com/content/deals/flights/cheapest-flights-to-hawaii.aspx
-
Hi again
To be clear, I think this would populate http://www.domain.com//www.domain.com as the where the canonical should be attributed to.
Hope this makes a bite more sense. Good luck!
-
Example of what they would like to do
That would be a no-no Shawn. If you are running over SSL, then you need to canonical back to the https version of the page. If you don't, you will end up with errors on the page (yellow warning triangle) and trust issues with Google. What they would like to do is canonical to a malformed URL which it could interpret as a file.
Try going to any URL and just entering it as //www.domain.com
-Andy
-
Hi there
According to Google...
Avoid errors**:** use absolute paths rather than relative paths with the
rel="canonical"link element. However, they then say (under "Prefer HTTPS over HTTP for canonical URLs)...
Google prefers HTTPS pages over equivalent HTTP pages as canonical, except when there are conflicting signals such as the following:
- The HTTPS page has an invalid SSL certificate.
- The HTTPS page contains insecure dependencies.
- The HTTPS page is roboted (and the HTTP page is not).
- The HTTPS page redirects users to or through an HTTP page.
- The HTTPS page has a
rel="canonical"link to the HTTP page. - The HTTPS page contains a
noindexrobots meta tag
Although our systems prefer HTTPS pages over HTTP pages by default, you can ensure this behavior by taking any of the following actions:
- Add 301 or 302 redirects from the HTTP page to the HTTPS page.
- Add a
rel="canonical"link from the HTTP page to the HTTPS page. - Implement HSTS.
To prevent Google from incorrectly making the HTTP page canonical, you should avoid the following practices:
- Bad SSL certificates and HTTPS-to-HTTP redirects cause us to prefer HTTP very strongly. Implementing HSTS cannot override this strong preference.
- Including the HTTP page in your sitemap or hreflang entries rather than the HTTPS version.
- Implementing your SSL/TLS certificafe for the wrong host-variant: for example, example.com serving the certificate for www.example.com. The certificate must match your complete site URL, or be a wildcard certificate that can be used for multiple subdomains on a domain.
Since I don't know how your SSL is configured, I can't tell you one way or another, but if you have a https version of your pages, then head that direction. Having a relative protocol won't seem to work here for what you're asking.
Read the above and let me know if that helps! Good luck!
-
I did read that before I asked, it didn't really answer my question. I understand that relative URL's work, but leaving off the protocol declaration isn't relative it just leaves it up to the server to provide whether the site is secure or not.
Since we use multiple systems across our site, there isn't an easy way to implement relative or absolute canonical tags which is why the dev's want to know if they can implement without HTTP/HTTPS. They like to do this with assets on the site and have started to code links in a similar manner. What I can't determine is if this will cause issues.
-
Hi there
According to Google, they want you to either use relative URLs or use absolute URLs. You can read more here.
I recommend reading this so you can see the types of common mistakes they find and how to resolve those.
Good luck!
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Analytics Spammer Can Haz Humors: Who Else?
Yeah... the traffic is annoying. But seeing this (attached image) in my GA was pretty funny. Obviously it was only a couple hits. I thought it was pretty cute in comparison to the other actions. 1WnZK0p
White Hat / Black Hat SEO | | Travis_Bailey2 -
Old Press Release sites - Which ones do you Disavow and leave alone
Hi Mozers! I need your help. I'm in the final stages of a huge link audit and press releases are a big concern. As you know, press release distribution sites up until 2012 had "follow" links, giving webmasters a delight of having their keyword anchor texts a big boost in rankings. These are the websites that are troubling me today so i would appreciate your input on my strategy below as most of these websites are asking for money to remove them: 1. Press Release sites that are on the same C-class - Disavow 2. Not so authoritative press release websites that just follow my www domain only (no anchor texts) - I leave it alone 3. Not so authoritative press release websites but have anchor texts that are followed - Disavow 4. Post 2012 press release websites that have "followed" anchor text keywords - Request to remove, then disavow 5. Post 2012 press release websites that just follow my www domain only (no anchor texts) - leave it alone #2 and #5 are my biggest concern. Now more than ever I would appreciate your follow ups. I will respond quickly and apply "good answers" to the one's that make the most sense as my appreciation to you. God bless you all.
White Hat / Black Hat SEO | | Shawn1240 -
Can H1 and Meta title be exactly the same ?
I've heard from some SEO's that H1 and Meta Title shouldn't be exactly the same, why ? Both of them describe what is ON the page right ? Why is it Spammy? Is it ?
White Hat / Black Hat SEO | | Tintanus2 -
Embedded links/badges
Hi there Just picking up on something Rand said in his blog analysing his predictions for 2014. Rand predicted that Google will publicly acknowledge algorithmic updates targeting...embeddable infographics/badges as manipulative linking practices While this hasn't exactly materialised yet, it has got me thinking. We have a fair few partners linking to us through an embedded badge. This was done to build the brand, but the positives here wouldn't be worth being penalised in search. Does anyone have any further evidence of websites penalised for doing this, or any views on whether removing those badges should be a priority for us? Many thanks
White Hat / Black Hat SEO | | HireSpace0 -
Forcing Entire site to HTTPS
We have a Wordpress site and hope to force everything to HTTPS. We change the site name (in wordpress settings) to https://mydomain.com In the htaccess code = http://moz.com/blog/htaccess-file-snippets-for-seos Ensure we are using HTTPS version of the site. RewriteCond %{HTTPS} !on RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] but some blogs http://stackoverflow.com/questions/19168489/https-force-redirect-not-working-in-wordpress say RewriteCond %{HTTPS} off RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] Which one is right? 🙂 and are we missing anything?
White Hat / Black Hat SEO | | joony0 -
Blogger Reviews w/ Links - Considered a Paid Link?
As part of my daily routine, I checked out inbound.org and stumbled upon an article about Grey Hat SEO techniques. One of the techniques mentioned was sending product to a blogger for review. My question is whether these types of links are really considered paid links. Why shouldn't an e-commerce company evangelize its product by sending to bloggers whose readership is the demographic the company is trying to target? In pre e-commerce marketing, it was very typical for a start-up company to send samples for review. Additionally, as far as flow of commerce is concerned, it makes sense for a product review to direct the reader to the company, whether by including a contact phone number, a mailing address, or in today's e-commerce world, a link to their website. I understand the gaming potential here (as with most SEO techniques, black-hat is usually an extreme implementation), but backlinks from honest product reviews shouldn't have a tinge of black, thus keeping it white-hat. Am I wrong here? Are these types of links really grey? Any help or insight is much appreciated!
White Hat / Black Hat SEO | | b40040400 -
EMD with 3.3million broad match searches got hit hard by Panda/Penguin
k, so I run an ecommerce website with a kick ass domain name. 1 keyword (plural)
White Hat / Black Hat SEO | | SwissNinja
3.3 million broad match searches (local monthly)
3.2 million phrase match
100k exact match beginning of march I got a warning in GWT about unnatural links. I feel pretty certain its a result of an ex-employee using an ALN listing service to drip spun article links on splogs. This was done also for another site of mine, which received the same warning, except bounced back much sooner (from #3 for EMD w/ 100k broad, 60k phrase and 12k exact, singular keyword phrase) I did file reinclusion on the 2nd (smaller) domain. Received unnatural warning on 4/13 and sent reconsideration on 5/1 (tune of letter is "I have no clue what is up, I paid someone $50 and now Im banned) As of this morning, I am not ranking for any of my terms (had boucned back on main keyword to spot #30 after being pushed down from #4) now back to the interesting site....
this other domain was bouncing between 8-12 for main keyword (EMD) before we used ALN.
Once we got warning, we did nothing. Once rankings started to fall,we filed reinclusion request...rankings fell more, and filed another more robustly written request (got denials within 1 week after each request)until about 20 days ago when we fell off of the face of the earth. 1- should I take this as some sort of sandbox? We are still indexed, and are #1 for a search on our domain name. Also still #1 in bing (big deal) 2- I've done a detailed analysis of every link they provide in GWT. reached out to whatever splog people I could get in touch with asking them to remove articles. I was going to file another request if I didn't reappear after 31 days after I fell off completely. Am I wasting my time? there is no doubt that sabatoge could be committed by competition by blasting them with spam links (previously I believed these would just be ignored by google to prevent sabatoge from becoming part of the job for most SEOs) Laugh at me, gasp in horror with me, or offer some advice... I'm open to chat and would love someone to tell me about a legit solution to this prob if they got one thanks!0 -
Which of these elements are good / bad link building practices?
Hi, I need some help. I recently got some help with an seo project from a contractor. He did 50 directory submissions and 50 article submissions. I got good results, going up about 20 places (still a long way to the first page!) on google.co.uk on a tough key word Since this project I learned article marketing is not cool. So I am wondering about what I should do next. The contractor has proposed a new bigger project consisting of the elements listed below. I don’t know which of these elements are ok and which aren’t. If they are not ok are they: 1) a waste of time or 2) something I could get penalized for? Let me know what you think?? Thanks, Andrew 100 ARTICLE SUBMISSIONS [APPROVED ARTICLES] -> 1 article submitted to 100 article directories 50 PRESS RELEASE SUBMISSIONS [APPROVED & SCREENSHOTS]-> 1 PR writing & submissions to top 50 PR distribution sites each 150 PRIVATE BLOGS SUBMISSION [APPROVED ARTICLES] -> 1 article submitted to 150 private blogs submission 100 WEBSITE DIRECTORY SUBMISSION -> 1 url (home page) submitted to 100 top free web directories 50 SOCIAL BOOKMARKING [CONFIRMED LINKS] -> 1 url of site submitted to top 50 social bookmarking websites 40 PROFILE BACK-LINKS [CONFIRMED LINKS] -> 1-3 url's of site submitted and create 40 profile websites 50 SEARCH ENGINES -> submission to all the major search engines 20 NEWS WEBSITES -> Ping all links from reports to news websites
White Hat / Black Hat SEO | | fleurya0