HTTP & HTTPS
-
what is best recommended when some of the pages on site goes from HTTP to HTTPS: 301 redirection or 302 redirection?
and why?thank you
I was asked to elaborate so:
on my website I have open account pages. users are asked to fill the details. those page are secured and are HTTPS. the problem is that the whole website turned to HTTPS so they redirected most of the pages from HTTPS to HTTP.
the secured pages are redirected from HTTP to HTTPS.I wanted to check if it's correct and what is the best redirection way (301 or 302)
-
It could be this easy
http://kb.sucuri.net/cloudproxy/Configuration/how-to-enable-SSL
-
The answer is 301 redirect however you would ideally like your chosen and page either non-www.or www.so
Or
To be a 200
Here is an example of an HTTPS:// website and the headers it returns when run through this tool that will give you your answer.
http://www.feedthebot.com/tools/headers/test.php
The site I am referencing is using www. so I put the URL with the www.the tool referenced below the headers it will give me a 200 okay
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 17 Jun 2014 15:38:47 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Vary: Accept-Encoding
If I put the same URL from the same website into this tool but do not include www.
I receive this
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 17 Jun 2014 15:39:53 GMT
Content-Type: text/html
Keep in mind you will get a lot more information but you are really should only care about what it says after HTTP/1.1
Useing
http://www.feedthebot.com/tools/headers/test.php
Like the others though I am concerned as to how you are going to make this change.
What company are you buying the SSL certificate from? What is your hosting company? Many times these things are implemented via the hosting, load balancer, WAF etc.
There are so any ways to implement https://
that in less you elaborate a little bit more on your server architecture for instance if you could tell me for using a CMS in your hosting company that would be a big step in the right direction.
Are you using load balancers?
Are using a WAF
or CDN to carry the SSL Cert?
I strongly suggest you reference this information about redirection
http://moz.com/learn/seo/redirection
This great blog post by Cyrus Shepard
http://moz.com/blog/save-your-website-with-redirects
SSL if you are familiar with Regex I would strongly recommend taking a look at this great information provided by WP engine that can be used on WordPress platforms in addition to other platforms as well.
http://wpengine.com/support/regex/#ssl
If you are using a WAF (I do not recommend CloudFlare regardless I know that you would be using a similar tactic shown here depending on the WAF or cloudproxy)
sincerely,
Thomas
-
In my mind the answer is complicated and depends a lot on your site structure and how your cms or website handles https.
Case in point, if you go to a https page on your site and all of the links pointing out from that page are to https pages, but the pages are redirected to http pages I would consider that bad. The way some sites are written, they just use the same protocol that the current page uses no matter what, so you would have to redirect the links on the page to the non secure pages, I would use a 302 in that instance. At the same time if it is possible I would see if this can be corrected, because it is not proper. The same happens a lot going from non-secure to secure with some platforms as well.
This site has an example of what I mean. http://junglejumparoo.com/product/jungle-jumparoo/ If you add the product to the cart, then hover over the checkout button, it is http, but clicking it redirects you to https. Then on the next page, if you mouse over the menu, you will notice that all of the links are https now. That is handling ssl incorrectly, but in that case I would use a 302 redirect I guess.
Doing the redirect is a quick fix, but as a long game I would try to fix the issue itself and not do a redirect.
-
I think you may need to elaborate a little on your question as to why the page goes from http to https ie for a cart checkout etc?
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Google No Longer Respecting Javascript Titles & Metas
We implemented title tags and meta descriptions for one of our clients using a GTM and some JS / jQuery. It's been working well for months. Rankings started dropping and nothing had been changed. We tore our hair out. I finally noticed that Google doesn't show our titles/descripts in the SERPs anymore. So I double checked in the developer console that everything was working ok, and you can even see our title in the browser tab. Anyone else see this or have any ideas? Thanks!
Technical SEO | | bbarber570 -
Adding https version of website: how best to redirect
If I have 4 versions of my site http://www
Technical SEO | | bhsiao
http://
https://www
https:// What is the best way to redirect without losing seo positions? i have been mainly using http://www but have recently added my ssl so https works also. I heard at Moz Con that I should get the https working. All of my marketing and ads are going to http://www 301 redirect 3 of them? Which 3? If https is becoming important, should that be my main url? will it hurt my seo to switch? Thank you so much in advance!0 -
Switching to HTTPS
Hey Moz Community! I am about to switch my website from http to https. I am wondering if I need to create a 301 redirect of every single page on my site, from the http address to the https url? Or if setting one master that redirects all traffic to the https version. Obviously I am concerned about losing rankings by switching. Code for https redirect of all RewriteEngine On
Technical SEO | | SeanConroy
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{SERVER_NAME}/$1 [R,L]1 -
Http urls on a new https website
Hi, If a site is quite new and setup as https from the beginning why would http variations exist? There are 301 redirects in place from the http to the https variation and also canonical tags pointing back to the http variation? This seems contradictory to me. I'm not sure why the http variations exist at all but they have gone to the trouble of redirecting these to the https variation indicating that it is the variation of choice but at the same time using a canonical tag that indicates the http variation is the original/main url? Thanks
Technical SEO | | MVIreland0 -
Cloudflare Email Address Protecting & SEO
I have a client who uses Cloudflare to protect their email address on their website from spam and when I crawl their site looking for errors it causes it to report multiple broken links on each page. Does anyone know how this impacts SEO? Should I recommend removing Cloudflare?
Technical SEO | | farlandlee0 -
Is submitting your site to yahoo & Google still relevant
Good Morning from Sh@t its still raining wetherby UK... I want to just make sure the process i go through when a new site is launched is nort overlooking some fundamentals. Most sites we launch are not brand new, do allready have a link heritage and have been indexed by Google. With that in mid i do not submit a sites url thru the following links: www.google.com/addurl
Technical SEO | | Nightwing
search.yahoo.com/info/submit.html
search.live.com/docs/submit.aspx Am i right in saying you should really only bother with this if the site a newbie ie no history no link heritage and the site is enering cyberspace for the forst time. And i wonder if for example you launched a new site made sure the xml site map was in place and it had a few inbound links anyway it would be indexed anyway. So is the practice of submitting your url to search engined relevant anymore? Any insights welcome 🙂2 -
Base HREF set without HTTP. Will this cause search issues?
The base href has been set in the following format: <base href="//www.example.com/"> I am working on a project where many of the programming team don't believe that SEO has an impact on a website. So, we often see some strange things. Recently, they have rolled out an update to the website template that includes the base href I listed above. I found out about it when some of our tools such as Xenu link checker - suddenly stopped working. Google appears to be indexing the the pages fine and following the links without any issue - but I wonder if there is any long term SEO considerations to building the internal links in this manner? Thanks!
Technical SEO | | Nebraska0 -
How do you disallow HTTPS?
I currently have a site (startuploans.org) that runs everything as http, recently we decided to start an online application to process loan apps. Now, for one certain section we configured ssl to work (https://www.startuploans.org/secure/). If I go to the HTTPS url for any of my other pages they show up...I was going to just 301 everything from https but because it is in a subdirectiory I can't... Also, canonical URL's won't work either because it's a totally different system and the pages are generated in an odd manor. It's really just 1 page that needs to be disallowed.. Is there any way to disallow all HTTPS requests from robots.txt while keeping all the HTTP requests working as normal?
Technical SEO | | WebsiteConsultants0