Another http vs https Question?
-
Is it better to keep the Transaction/ Payment pages on a commercial website as the only secure ones (https) and remainder of website as http?
Or is it better to have all the commercial website as secure (https)?
-
I really appreciate your help. This information will definitly help me to keep my site all throughut as https the same way I wanted it to be from the beginning.
You are the Best.
S.H
-
No problem - you could place canonical tags on all the http:// pages to the https:// -
have a look at this guide from SeoMoz -
http://www.seomoz.org/learn-seo/canonicalization
I think you should also give this recent Q&A a read as it is very informative in regards to what you are looking at -
http://www.seomoz.org/q/duplicate-content-and-http-and-https
Hope this helps
-
Wow, thank you so much for your response. It attracted my attention to new points. Is there a way to keep the site entirely as https and avoid the duplicate content issue?
I am fairly new to SEO.
I am struggling with a solution for this website which is Drupal based as I am finding it not that easy to work with from SEO point.
Again thank you so muh.
S.H
-
Hi,
Thanks for your response. The thing I had the website set as such as Http with Https oertaining to transactions only but had problems in a warning appearing on logging to website indicating that some contents of pages have insecure informtion withan option to logon anyway. This has been turning visitors away.
I however realize that I have a duplicate content issue with website being as https at the moment. I am just trying to reach a solution whereby visitors feel safe purchasing from a new website that offers quite diverse service at better price than the other competitors who are major market players.
Thanks.
S.H
-
From what I understand, login boxes usually wait to be logged in to activate HTTPS. And as for social media accounts, aren't the social media sharing and links sent to the social network? Like Twitter usually goes to API of twitter's site, which is usually HTTPS.
-
Hi,
The thing is that I have the login box on all pages of that website to allow access for purchase of Products that are quite diverse and also toenter to website's social media accounts.
That is what had led me to have it https throughout whole site
Thanks.
S.H
-
From my experience, if you are an eCommerce site, it is usually best to have https with account or checkout pages.
If you are a banking or payment processing site, it is best to have https throughout the site to offer confidence to users.
So...
eCommerce = Only in checkout/payment pages or account info.
Sensitive sites, like banking or financials = throughout the whole site.
-
This is a good question, I would consider going down the route of making your transactional/payment pages https and then anything else http - anywhere your customers have to enter their sensitive data should be https. The one thing to remember with https is that it potentially causes duplicate content from a search engine point of view:
http://www.seomoz.org/q/duplicate-content-and-http-and-https
Have a look at this interesting article in relation to https and why everyone isn't using it:
http://arstechnica.com/business/2011/03/https-is-more-secure-so-why-isnt-the-web-using-it/
Remember more importance has been placed on page load times since Panda so people are looking to shave every ounce of time they can in relation to load times, this also improves user experience.
I hope this has helps give you some more insight into HTTPs and whether it would be best for your site to be all this protocol or just part of it.
-
As long as the pages that users enter any type of private / secure information is SSL (https), than you're fine. Alternatively if you want to have your entire site https, that’s fine also.
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Unsolved Question about a Screaming Frog crawling issue
Hello, I have a very peculiar question about an issue I'm having when working on a website. It's a WordPress site and I'm using a generic plug in for title and meta updates. When I go to crawl the site through screaming frog, however, there seems to be a hard coded title tag that I can't find anywhere and the plug in updates don't get crawled. If anyone has any suggestions, thatd be great. Thanks!
Technical SEO | | KyleSennikoff0 -
Some SEO 2016 questions
Hello MOZ Community, I have some questions where the following is still working for seo in 2016: Is an exact keyword in the domain still a good start? If a domain contains the most important keyword does one still need subfolders with that keyword in the url? Do you need multiple subpages so the main url becomes stronger? Is linkbuilding still the number one factor? Thank you for your thoughts!
Technical SEO | | mhenze0 -
What do I need to do for HTTPS switch in Webmaster Tools?
My site is currently verified using a meta tag for both Google and Bing. Will I need to recreate the meta tag or will I be able to use the same one?
Technical SEO | | EcommerceSite1 -
Duplicate website with http & https
I have a website that only in a specific state in the USA we had to add a certificate for it to appear with https. my question is how to prevent from the website to be penalized on duplicate content with the http version on that specific state. please advise. thanks!
Technical SEO | | taly0 -
Newbie Duplicate Title Question
We recently update our website with DNN 6. Once the upgrade was done, I kept recieving log in links on my duplicate title and duplicate content error reports. Is anyone familiar with how to stop these links from showing up? Example of link: http://www.faisongroup.com/Login/tabid/750/Default.aspx?returnurl=%2F Any help would be greatly appreciated! Thank you!
Technical SEO | | VeronicaCFowler0 -
Hosting sitemap on another server
I was looking into XML sitemap generators and one that seems to be recommended quite a bit on the forums is the xml-sitemaps.com They have a few versions though. I'll need more than 500 pages indexed, so it is just a case of whether I go for their paid for version and install on our server or go for their pro-sitemaps.com offering. For the pro-sitemaps.com they say: "We host your sitemap files on our server and ping search engines automatically" My question is will this be less effective than my installing it on our server from an SEO perspective because it is no longer on our root domain?
Technical SEO | | design_man0 -
Google Places phone number question
Hi, A hotel/resort has a main phone number of 1-234-567-8901. This phone number is consistent in over 50 directories. However, they have a spa and restaurant with the same phone number. The front-desk answers the phone and routes the call to either the restaurant or spa. The name of the spa and restaurant are also found in the local listing directories under different DBA's with the same phone number as the Hotel/Resort. For example: ABC Resort - 1-234-567-8901 Spa Cuts - 1-234-567-8901 (same address as ABC Resort) The Spa - 1-234-567-8901 ) same address as ABC Resort) Will this phone number that is used by the 3 separate entities penalize the Google listing placements for the actual Hotel/Resort in Google Places? Thanks everyone!
Technical SEO | | hawkvt10 -
Robots.txt questions...
All, My site is rather complicated, but I will try to break down my question as simply as possible. I have a robots.txt document in the root level of my site to disallow robot access to /_system/, my CMS. This looks like this: # /robots.txt file for http://webcrawler.com/
Technical SEO | | Horizon
# mail webmaster@webcrawler.com for constructive criticism **User-agent: ***
Disallow: /_system/ I have another robots.txt file in another level down, which is my holiday database - www.mysite.com/holiday-database/ - this is to disallow access to /holiday-database/ControlPanel/, my database CMS. This looks like this: **User-agent: ***
Disallow: /ControlPanel/ Am I correct in thinking that this file must also be in the root level, and not in the /holiday-database/ level? If so, should my new robots.txt file look like this: # /robots.txt file for http://webcrawler.com/
# mail webmaster@webcrawler.com for constructive criticism **User-agent: ***
Disallow: /_system/
Disallow: /holiday-database/ControlPanel/ Or, like this: # /robots.txt file for http://webcrawler.com/
# mail webmaster@webcrawler.com for constructive criticism **User-agent: ***
Disallow: /_system/
Disallow: /ControlPanel/ Thanks in advance. Matt0