Moz Q&A is closed.
After more than 13 years, and tens of thousands of questions, Moz Q&A closed on 12th December 2024. Whilst we’re not completely removing the content - many posts will still be possible to view - we have locked both new posts and new replies. More details here.
Adding https version of website: how best to redirect
-
If I have 4 versions of my site
http://www
http://
https://www
https://What is the best way to redirect without losing seo positions? i have been mainly using http://www but have recently added my ssl so https works also. I heard at Moz Con that I should get the https working.
All of my marketing and ads are going to http://www
301 redirect 3 of them? Which 3? If https is becoming important, should that be my main url? will it hurt my seo to switch?
Thank you so much in advance!
-
I see you added the certificate but you didn’t force https
flow the guide and make sure it all 4 URLs point to the (redirects) to https://www
you can do it in no time with cloudflare then check it with
https://varvy.com/tools/redirects/
hope that helps,
tom
-
I have not already 301'd the site to https. But either url works since I turned on the ssl at my host.
I will check into the Cloudflare.
-
Did you allready 301 the site to https?
if so I would updat the URLs & then follow the instructions
if https is in google index I would fix it with a search & replace or CloudFlare (the 1 thing on the list is this url https://raventools.com/blog/free-ssl-http2/ use it if it’s something you want to have do the work
-
So you recommend just going forward with the https switch even though I have not done all the things on the checklist?
-
If it’s hand coded use a text editor & search for http replac with https if using Dreamweaver it has a full site wide search and replace.
-
Definitely don’t panic and you’re not in trouble. What I would do for his run a search and replace on the URL‘s if you’re running a non CMS site find a search & replace CLI or script that works with the code you’re site was made with if you’re hosting company is managing the site ask them for help
run the search & replace to fix the URL‘s
one way is to just add CloudFlare.com for free and use the felxable cert
if your on a CMS like wordpress you can use a plugin like better search & replace
-
I may have made a mess for myself. I turned on the ssl a couple of weeks ago (2-3) but didn't do the other things first. Should i remove the ssl from my site until I go through the checklist? I am starting to panic, hoping i have not gotten myself into big trouble.
My internal links, ads, canonical urls all still use http.
-
Thank you
-
See
Aleyda Solis The HTTP to HTTPs Migration Checklist in Google Docs to Share, Copy & Download & the SEMrush guide
- https://www.aleydasolis.com/en/search-engine-optimization/http-https-migration-checklist-google-docs/
- https://docs.google.com/spreadsheets/d/1XB26X_wFoBBlQEqecj7HB79hQ7DTLIPo97SS5irwsK8/edit#gid=1975121463
- https://www.semrush.com/blog/http-to-https-a-complete-guide-to-securing-your-website-semrushchat/
Hope this helps,
Tom
-
Honestly, the way you set up a 301 is much more dependent on the server like Apache and Nginx then it is on a CMS
if you are looking for one I would recommend using WordPress or Drupal for a CMS If you're thinking of switching WordPress is much more user-friendly slightly quicker and many many more developers are available to help with it.
Tom
-
Also James telling somebody to add HSTS with preload is extremely dangerous unless they know without a doubt that their redirects are set up properly it will keep them in the browser improperly for up to six months your advice is to simply add H STS with preload and it was abundantly clear that this person knew that the four URLs were what was to choose from. I included the completed 2 to 5-page references for a complete package.
"After a period of time - and rankings seem ok . - you can implement oscp stapling and some server wide HSTS. and submit to teh preload directory. "
For the record do not employ HSTS with preload until you have determined that all your subdomains if you have any, are going to have HSTS in addition that all your redirects are completely perfect and the way you want them. I would check using a tool called screaming frog Seo spider or my personal favorite deepcrawl.com
**Your rankings could be just fine and it would not necessarily show that you have a redirect chain permanently embedded for six months in your set up in less you check it first. **
"OCSP stapling is an alternative approach to the original Online Certificate Status Protocol (OCSP) for determining whether an SSL certificate is valid or not. It does this by allowing the web server to query the OCSP responder (a certificate authority’s server dat listens for OCSP requests) and then caches the response__. This allows the web server to check the validity of its certificates and eliminates the need for the client to contact the certificate authority"
OCSP can and should be implemented at the time of employing the SSL certificate
Tom
-
James,
I don't want to be rude saying this but it sounds like you're telling me the basics of search engine optimization redirects and telling me I did not include it in my response?
I appreciate you pointing out how you read my comment and definitely appreciate your feedback. But if it came across as me telling them to create infinite redirects I am asking you to please read it again. don't you believe I read the whole post because I'm not talking about the proper protocol?
HTTPS is known as TLS / SSL or Hyper Text Transfer Protocol Secure (HTTPS)
A lot of the terminology you're using is not relevant to the question because once again I provided with them with the code to actually implement this check it for problems and fix what was broken I don't know exactly why you chose to tell me I did it incorrectly but if you would like to outline exactly how I did this incorrectly I would be more than happy to read it as I always open to constructive conservativism
"http://www
http_://_
https://www
https://What is the best way to redirect without losing SEO positions?"
**My answer was a use www. with HTTPS **
**You need to redirect you're an entire site to whatever canonical your considering use the www. it might be smart to just add the HTTPS://www. and continue with the www. **
Set you're preferred domain (www or non-www) as I do not have their URL I cannot look at rather or not they have a 301 redirects chained as you seem to be implying? But don't worry I took care of it at the end I said please check all this with this tool https://varvy.com/tools/redirects/ that would show any redirects that were forming a redirect chain.
James, I apologize if it was hard for you to follow I thoroughly believe that I gave them everything that they needed to complete the project and I am always here to answer questions.
If you are asked by anybody that present you with four URLs which one they should go with and how they should go about redirecting it I would hope it you would not write what you had written to me.
I am also the only one who gave third-party references and tools to accomplish this task.
I wish you the very best,
Tom
-
It does not matter if you have a CMS or not
You need to redirect your entire site to whatever canonical you want considering use the www. it might be smart to just add the HTTPS and continue with the www. or
Set you're preferred domain (www or non-www)
USE:
https://www.aleydasolis.com/htaccess-redirects-generator/ to make the code needed or use the code below to force HTTPS
HTTP to HTTPS
If your web server is running Apache, you can easily redirect all of your HTTP traffic to HTTPS by adding the following code to your
.htaccess
is the recommended method for redirecting a site running on Apache.<code class=" language-php">RewriteEngine On RewriteCond %{HTTPS} off RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]</code>
<ifmodule mod_rewrite.c="">RewriteEngine On
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]</ifmodule>If your web server is running Nginx, you can easily redirect all of you're HTTP traffic to HTTPS by adding the following code to you're Nginx config file. This is the recommended method for redirecting servers running on Nginx
<code class=" language-php">server { listen 80; server_name domain.com www.domain.com; return 301 https://domain.com$request_uri; }</code>
Set you're preferred domain (www or non-www)
https://support.google.com/webmasters/answer/44231
No-WWW
<ifmodule mod_rewrite.c="">RewriteEngine On
RewriteCond %{HTTP_HOST} ^www.example.com$
RewriteRule (.*) https://example.com/$1 [R=301,L]</ifmodule>WWW
<ifmodule mod_rewrite.c="">RewriteEngine On
RewriteCond %{HTTP_HOST} ^example.com$
RewriteRule (.*) https://www.example.com/$1 [R=301,L]</ifmodule>one of the best guides on how to add HTTPS
https://www.keycdn.com/blog/http-to-https/
https://kinsta.com/knowledgebase/redirect-http-to-https/
https://www.sslshopper.com/apache-redirect-http-to-https.html
The following will differ from platform to platform. In this example, we will show you how to update your URL. We recommend using a free tool from Interconnect IT called “Database search and replace script in php.” You could run update queries yourself, but there are a lot of tables and metadata fields you will probably miss unless you have an exact list.
We recommend doing dis on a dev server and moving it back, or at least backing up you're database first to be safe as this script does grab your local database credentials. Simply drop their program into the root of your site via FTP. Then browse to it in your browser. (We named our folder “search-replace-db”)
You can tan insert what you want to replace. Make sure you enter all of the formats you have mixed and matched over the years such as:
-
http://mydomain.com
tohttps://mydomain.com
-
http://www.mydomain.com
tohttps://www.mydomain.com
Check it with
Redirect mapper | A tool that checks redirects from different versions of ...
<cite class="_Rm">https://varvy.com/tools/redirects/</cite>
Hope this helps,
Tom
-
-
Thanks James. I don't have a CMS. My pages are all hand coded html pages. (would dearly love to switch to a cms in the future since i have over 100 pages). Does your advice change in anyway?
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Redirecting an Entire Website?
Is it best to redirect an old website to a new website page by page to like pages or just the entire site all at once to the home page of the new site? I do have about 10 good pages on the site that are worth directing to corresponding pages on the new site. Just trying to figure out what is going to preserve the most link juice. Thanks for the help!
Technical SEO | | photoseo10 -
Redirect to http to https - Pros and Cons
Hi, I know its best practice to redirect a website from http to https, instead of having many entry point to your website. When a website has been running for a long time on http and https, what are the SEO Pros and Cons of implementing a redirect from Http to Https?
Technical SEO | | FreddyKgapza1 -
Any SEO benefits of adding a Glossary to our website?
Hi all, I manage a website for a software company. Many terms can be quite tricky so it would be nice to add a Glossary page. Other than that, I have 2 questions: 1. What would be the SEO benefits? 2. How would you suggest to implement this glossary so we can get as much SEO benefit as possible (for example how would we link, where would we place the glossary in the terms of the sitemap, etc.). Any advice appreciated! Katarina
Technical SEO | | Katarina-Borovska2 -
How to change 302 redirect from http to https
Hi gang. Our site currently has a 302 redirect from the HTTP version of the homepage to the HTTPS version of the homepage. I understand this really should be changed to a 301 redirect but I'm having a little trouble figuring out exactly how this should be done. Some places on the internet are telling me I can edit our htaccess file to specify the type of redirect, however our htaccess file seems to be missing some of the information in theirs. Can anyone tell me what needs to be changed in the htaccess file - or if there's a simpler way to change the 302 to a 301? Many thanks 🙂 htaccess: BEGIN WordPress RewriteEngine On RewriteBase / RewriteRule ^index.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] END WordPress EXPIRES CACHING ExpiresActive On ExpiresByType image/jpg "access plus 6 months" ExpiresByType image/jpeg "access plus 6 months" ExpiresByType image/gif "access plus 6 months" ExpiresByType image/png "access plus 6 months" ExpiresByType text/css "access plus 10 days" ExpiresByType application/pdf "access plus 10 days" ExpiresByType application/x-shockwave-flash "access plus 10 days" ExpiresByType image/x-icon "access plus 6 months" ExpiresDefault "access plus 2 days" EXPIRES CACHING
Technical SEO | | davedon0 -
301 redirect adding trailing slash to url
I am looking into a .htacess file for a site I look after and have noticed that the urls are all 301 redirecting from a none slash directory to a trailing slashed directory/folders. e.g. www.domain.com/folder gets 301 redirected to www.domain.com/folder/ Will this do much harm and reduce the effect on the page and any links pointing to the site be lessened? Secondly I am not sure what part of my htaccess is causing the redirect. RewriteCond %{HTTP_HOST} !^www.domain.co.uk [NC] RewriteCond %{HTTP_HOST} !^$
Technical SEO | | TimHolmes
RewriteRule ^(.*) http://www.domain.co.uk/$1 [L,R,NE] RewriteCond %{THE_REQUEST} ^./index.php
RewriteRule ^(.)index.php$ /$1 [R=301,L] or could a wordpress ifmodule be causing the problem? Any info would be apreciated.0 -
Https redirect when certificate expired
Hi, How do we 301 an https version of a domain to a page on another website when the security certificate has run out? We have 301 redirected the http version but IT stuck on how to do the expired https. Thanks
Technical SEO | | Houses0 -
302 or 301 redirect to https ?
I am redirecting whole site to https. Is there a difference between 302 or 301 redirect for seo? Site never been indexed. Planning to do that with .htaccess command RewriteCond %{HTTPS} !=on
Technical SEO | | Kotkov
RewriteRule ^(.*) https://%{SERVER_NAME}/$1 [R,L] There are plenty of ways http://www.askapache.com/htaccess/ssl-example-usage-in-htaccess.html Which way would be the best? Thanks is advance0 -
How do you disallow HTTPS?
I currently have a site (startuploans.org) that runs everything as http, recently we decided to start an online application to process loan apps. Now, for one certain section we configured ssl to work (https://www.startuploans.org/secure/). If I go to the HTTPS url for any of my other pages they show up...I was going to just 301 everything from https but because it is in a subdirectiory I can't... Also, canonical URL's won't work either because it's a totally different system and the pages are generated in an odd manor. It's really just 1 page that needs to be disallowed.. Is there any way to disallow all HTTPS requests from robots.txt while keeping all the HTTP requests working as normal?
Technical SEO | | WebsiteConsultants0