HTTP & HTTPS
-
what is best recommended when some of the pages on site goes from HTTP to HTTPS: 301 redirection or 302 redirection?
and why?thank you
I was asked to elaborate so:
on my website I have open account pages. users are asked to fill the details. those page are secured and are HTTPS. the problem is that the whole website turned to HTTPS so they redirected most of the pages from HTTPS to HTTP.
the secured pages are redirected from HTTP to HTTPS.I wanted to check if it's correct and what is the best redirection way (301 or 302)
-
It could be this easy
http://kb.sucuri.net/cloudproxy/Configuration/how-to-enable-SSL
-
The answer is 301 redirect however you would ideally like your chosen and page either non-www.or www.so
Or
To be a 200
Here is an example of an HTTPS:// website and the headers it returns when run through this tool that will give you your answer.
http://www.feedthebot.com/tools/headers/test.php
The site I am referencing is using www. so I put the URL with the www.the tool referenced below the headers it will give me a 200 okay
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 17 Jun 2014 15:38:47 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Vary: Accept-Encoding
If I put the same URL from the same website into this tool but do not include www.
I receive this
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 17 Jun 2014 15:39:53 GMT
Content-Type: text/html
Keep in mind you will get a lot more information but you are really should only care about what it says after HTTP/1.1
Useing
http://www.feedthebot.com/tools/headers/test.php
Like the others though I am concerned as to how you are going to make this change.
What company are you buying the SSL certificate from? What is your hosting company? Many times these things are implemented via the hosting, load balancer, WAF etc.
There are so any ways to implement https://
that in less you elaborate a little bit more on your server architecture for instance if you could tell me for using a CMS in your hosting company that would be a big step in the right direction.
Are you using load balancers?
Are using a WAF
or CDN to carry the SSL Cert?
I strongly suggest you reference this information about redirection
http://moz.com/learn/seo/redirection
This great blog post by Cyrus Shepard
http://moz.com/blog/save-your-website-with-redirects
SSL if you are familiar with Regex I would strongly recommend taking a look at this great information provided by WP engine that can be used on WordPress platforms in addition to other platforms as well.
http://wpengine.com/support/regex/#ssl
If you are using a WAF (I do not recommend CloudFlare regardless I know that you would be using a similar tactic shown here depending on the WAF or cloudproxy)
sincerely,
Thomas
-
In my mind the answer is complicated and depends a lot on your site structure and how your cms or website handles https.
Case in point, if you go to a https page on your site and all of the links pointing out from that page are to https pages, but the pages are redirected to http pages I would consider that bad. The way some sites are written, they just use the same protocol that the current page uses no matter what, so you would have to redirect the links on the page to the non secure pages, I would use a 302 in that instance. At the same time if it is possible I would see if this can be corrected, because it is not proper. The same happens a lot going from non-secure to secure with some platforms as well.
This site has an example of what I mean. http://junglejumparoo.com/product/jungle-jumparoo/ If you add the product to the cart, then hover over the checkout button, it is http, but clicking it redirects you to https. Then on the next page, if you mouse over the menu, you will notice that all of the links are https now. That is handling ssl incorrectly, but in that case I would use a 302 redirect I guess.
Doing the redirect is a quick fix, but as a long game I would try to fix the issue itself and not do a redirect.
-
I think you may need to elaborate a little on your question as to why the page goes from http to https ie for a cart checkout etc?
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Resolving 301 Redirect Chains from Different URL Versions (http, https, www, non-www)
Hi all, Our website has undergone both a redesign (with new URLs) and a migration to HTTPS in recent years. I'm having difficulties ensuring all URLs redirect to the correct version all the while preventing redirect chains. Right now everything is redirecting to the correct version but it usually takes up to two redirects to make this happen. See below for an example. How do I go about addressing this, or is this not even something I should concern myself with? Redirects (2) <colgroup><col width="123"><col width="302"></colgroup>
Technical SEO | | theyoungfirm
| Redirect Type | URL |
| | http://www.theyoungfirm.com/blog/2009/index.html 301 | https://theyoungfirm.com/blog/2009/index.html 301 | https://theyoungfirm.com/blog/ | This code below was what we added to our htaccess file. Prior to adding this, the various subdomain versions (www, non-www, http, etc.) were not redirecting properly. But ever since we added it, it's now created these additional URLs (see bolded URL above) as a middle step before resolving to the correct URL. RewriteEngine on RewriteCond %{HTTP_HOST} ^www.(.*)$ [NC] RewriteRule ^(.*)$ https://%1/$1 [R=301,L] RewriteCond %{HTTPS} !on RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L] Your feedback is much appreciated. Thanks in advance for your help. Sincerely, Bethany0 -
Move a Wordpress Site to HTTPS with Bluehost
HI Guys, do you think that the following guide is enoght to move a bluehost wordpress site to https in a seo best practive way? https://www.shoutmeloud.com/free-ssl-certificate-bluehost-hosting.html Basically their steps are: Install SSL on Bluehost panel Install Really Simple SSL Wp Plugin Edit Your .htacess File & Add The Code For HTTP To HTTPS Redirection Update All HTTP URLs In Database To HTTPS Using Search and Replace Plugin Use Broken Link Checker plugin & use its redirection module to find links to 3rd party sites with HTTP that should now be HTTPS. Last thing to do Submit your new HTTPS site to Google Search Console & submit your sitemap. Update your profile link on Google Analytics. Update your website links on social media profiles & anywhere else they exist. This step you can do in pieces in the coming days. Read this guide to learn more about HTTP to HTTPS migration & fixing mixed content. If you disabled Who.Is guard for your domain name, you can enable it now. Do you know a better practical guide for wordrpess? in term of usefull plugins to handle the migration? Tx to everyone!
Technical SEO | | Dreamrealemedia0 -
Working out whether a site is http and https
Hi there, I can access the following site with http and https making me think that there will be a duplicate content issue. How can I work out if this is the case? http://ionadebarge.com https://ionadebarge.com Thanks.
Technical SEO | | Bee1591 -
Canonical & rel=prev / next changes to website a good idea or not?
Hi all, I decided yesterday to make a load of changes to my website, and today i woke thinking, should i have done that! So below is an example of what i have done (i will try to explain clearly anyway), can you let me know if you think what i have done would harm or help my website in search results etc... ok, so lets take just one category - Cameras And it has the sub categories - box dome bullet it also has other sub categories (which are actually features, but the only way i can show them on my site is by having them as a sub-category with its own static page, and adding the products to these as secondary categories) vandal proof high resolution night vision previously i have it set up so that every single category / sub category / feature had its own static page, with a canonical tag to itself (i.e cameras.html canonical was to cameras.html, vandalproof.html canonical was to vandalproof.html). Any of the categories / sub cats / features that had more than one page were simply not in search results due to the canonical pointing to "Page 1"... What i have now done: Last night i decided to change all this, now for all categories / sub cats / features i have add rel=prev / next where applicable, and removed the canonical from second / third / fourth pages etc, but left the canonical on "page 1". I also removed any keywords from page 2,3,4 etc and changed descriptions to just page "X" + category name. So for example, page one looks like: and page two looks like: I also went a little further (maybe too far) and decided that the features pages would canonicalize back to cameras so for those i now have: Page 1: Page 2: Any advice is welcome on the above, in regards to which way may be better and why, and obviously if anything jumps out as a mistake... Please advise James
Technical SEO | | isntworkdull0 -
Https vs http sitemap
I have a site that does a 301 redirect from http to https I currently have a sitemap auto submitted to google webmaster tools using the http pages. (because i didnt have https before) should I disable that sitemap for http and create one for the https only?
Technical SEO | | puremobile0 -
Blocking https from being crawled
I have an ecommerce site where https is being crawled for some pages. Wondering if the below solution will fix the issue www.example.com will be my domain In the nav there is a login page www.example.com/login which is redirecting to the https://www.example.com/login If I just disallowed /login in the robots file wouldn't it not follow the redirect and index that stuff? The redirect part is what I am questioning.
Technical SEO | | Sean_Dawes0 -
Http VS https and google crawl and indexing ?
Is it true that https pages are not crawled and indexed by Google and other search engines as well as http pages?
Technical SEO | | sherohass0 -
Microformats & Schema.org query
Just finished watching the Microformats & Schema.org webinar (thanks for a good presentation Richard) and picked up some interesting tips. It did get me thinking about ways I could use them with a couple of ecommerce sites I am working on. At present there are no reviews on the page so cannot add that tag, however the product pages have a facebook like and a tweet option so maybe I could add a tag based around that? Another one I am considering is putting the sizes of the items in one 'available in sizes 12-32' for example as women often ponder if a store will have it in their size. I guess my question is, would these ways of using it be considered too spammy. I note the webinar state using microformats can be useful but there is a risk if they are too spammy etc. Any opinions would be most welcome, Carl
Technical SEO | | Grumpy_Carl0