From HTTP to HTTPS
-
Hi
We have implemented HTTPS to the our website. Do we need to now redirect the whole site to HTTPS in the HTTACCESS file?
Because when you enter the site via a google search or enter the domain directly the site is set to HTTP once we click on a URL on the page it sets it to HTTPS so do we require to redirect from the start?
thanks
E -
That Stack Overflow discussion goes into getting Google Tag Manager up and running. It's best to clean up URLs to get as many as possible pointing to HTTPS. That way you're not making unnecessary redirection hops with things you can control. Cheers!
-
Thanks guys
Just to confirm would you recommend goign through and altering all links that point to HTTP to HTTPS for example: google+, analytics etc or would the redirect be sufficient and do this automatically?
Also noticed that google analytics and adwords are now blue and not green in tag assistant once the change was made - any ideas?
thanks
R
-
Right. If you want the HTTPS from the start you'll need to redirect to it. There's a few nice discussion around how over at Stack Overflow, here's one such example: http://stackoverflow.com/questions/13977851/htaccess-redirect-to-https-www. The code you use may vary depending on what you want to achieve.
-
Hi Ram,
Yes, you absolutely should redirect all of your HTTP pages and other resources to the HTTPs version to prevent the situation you describe happening. It's likely Google will see duplicates of each of your pages which will cause ranking issues.
There's a great check-list at the bottom of this blog post by Cyrus Shepard which will take you through everything you need to do.
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
301 Old domain with HTTPS to new domain with HTTPS
I am a bit boggled about https to https we redirected olddomain.com to https://www.newdomain.com, but redirecting https://www.olddomain.com or non-www is not possible. because the certificate does not exist on a level where you are redirecting. only if I setup a new host and add a htaccess file will this work. What should I do? just redirect the rest and hope for the best?
Intermediate & Advanced SEO | | waqid0 -
Http to https Canonical Question
Hello Fellow Moz Friends I have recently went from http to https for the website. Do I keep my canonicals at http or make all https? Will this affect ranking signals? Anything I should be looking out for? Thank you.
Intermediate & Advanced SEO | | Carwrapsolutions0 -
HTTP HTTPS Migration Gone Wrong - Please Help!
We have a large (25,000 Products) ecommerce website, and we did an HTTP=>HTTPS migration on 3/14/17, and our rankings went in the tank, but they are slowly coming back. We initially lost 80% of our organic traffic. We are currently down about 50%. Here are some of the issues. In retrospect, we may have been too aggressive in the move. We didn't post our old sitemaps on the new site until about 5 days into the move. We created a new HTTPS property in search console. Our redirects were 302, not 301 We also had some other redirect issues We changed our URL taxonomy from http://www.oursite.com/category-name.html to https://www.oursite.com/category-name (removed the .html) We changed our filters plugin. Proper canonicals were used, but the filters can generate N! canonical pages. I added some parameters (and posted to Search Console) and noindex for pages with multiple filter choices to cut down on our crawl budget yesterday. Here are some observations: Google is crawling like crazy. Since the move, 120,000+ pages per day. These are clearly the filtered pages, but they do have canonicals. Our old sitemaps got error messages "Roboted Out". When we test URLs in Google's robots.txt tester, they test fine. Very Odd. At this point, in search console
Intermediate & Advanced SEO | | GWMSEO
a. HTTPS Property has 23,000 pages indexed
b. HTTP Property has 7800 pages indexed
c. The crawl of our old category sitemap (852 categories) is still pending, and it was posted and submitted on Friday 3/17 Our average daily organic traffic in search console before the move was +/-5,800 clicks. The most recent Search Console had HTTP: 645 Clicks HTTPS: 2000 clicks. Our rank tracker shows a massive drop over 2 days, bottoming out, and then some recovery over the next 3 days. HTTP site is showing 500,000 backlinks. HTTPS is showing 23,000 backilinks. I am planning on resubmitting the old sitemaps today in an attempt to remap our redirects to 301s. Is this typical? Any ideas?0 -
Can I have my blog on http and the rest of the site on https?
I have an ecommerce site that is on https. We have a Wordpress blog for blogging, but we also have our help section located on it. I used a plugin to switch the blog to https but now have a few problems. 1. My sitemap generator still shows the blog as http and Google gives me a warning for the redirect. 2. When trying to use the Moz page grader I was told that I was in a redirect loop. 3. The pages do not seem to be getting indexed. It is a blog so there is never any information exchanged that is private. Would I be ok with just switching it to http? Or would Google see that as two different sites even though they have the same domain?
Intermediate & Advanced SEO | | EcommerceSite0 -
SEO implications of serving a different site on HTTPS vs. HTTP
I have two sites: Site A, and Site B. Both sites are hosted on the same IP address, and server using IIS 7.5. Site B has an SSL cert, and Site A does not. It has recently been brought to my attention that when requesting the HTTPS version of Site A (the site w/o an SSL cert), IIS will serve Site B... Our server has been configured this way for roughly a year. We don't do any promotion of Site A using HTTPS URLs, though I suppose somebody could accidentally link to or type in HTTPS and get the wrong website. Until we can upgrade to IIS8 / Windows Server 2012 to support SNI, it seems I have two reasonable options: Move Site B over to its own dedicated IP, and let HTTPS requests for Site A 404. Get another certificate for Site A, and have it's HTTPS version 301 redirect to HTTP/non-ssl. #1 seems preferable, as we don't really need an SSL cert for Site A, and HTTPS doesn't really have any SEO benefits over HTTP/non-ssl. However, I'm concerned if we've done any SEO damage to Site A by letting our configuration sit this way for so long. I could see Googlebot trying https versions of websites to test if they exist, even if there aren't any ssl/https links for the given domain in the wild... In which case, option #2 would seem to mostly reverse any damage done (if any). Though Site A seems to be indexed fine. No concerns other than my gut. Does anybody have any recommendations? Thanks!
Intermediate & Advanced SEO | | dsbud0 -
Effects of having both http and https on my website
You are able to view our website as either http and https on all pages. For example: You can type "http://mywebsite.com/index.html" and the site will remain as http: as you navigate the site. You can also type "https://mywebsite.com/index.html" and the site will remain as https: as you navigate the site. My question is....if you can view the entire site using either http or https, is this being seen as duplicate content/pages? Does the same hold true with "www.mywebsite.com" and "mywebsite.com"? Thanks!
Intermediate & Advanced SEO | | rexjoec1 -
How to Resolve Duplication of HTTPS & HTPP URLs?
Right now, I am working on eCommerce website. [Lamps Lighting and More] I can find out both URLs in website as follow. HTTP Version: http://www.lampslightingandmore.com/ HTTPS Version: https://www.lampslightingandmore.com/ I have check one of my competitor who has implemented following canonical on both pages. Please, view source code for both URLs. http://www.wayfair.com ** https://www.wayfair.com** Then, I checked similar thing in SEOmoz website. 🙂 Why should I not check in SEOmoz because, They are providing best SEO information so may be using best practice to deal with HTTPS & HTTP. LOL I tried to load following URL so it redirect to home page. https://www.seomoz.org is redirecting to http://www.seomoz.org But, following URL is not redirecting any where as well as not set canonical over there. https://www.seomoz.org/users/settings I can find out following code on http://www.seomoz.org/robots.txt **User-agent: *** ** Disallow: /api/user?*** So, I am quite confuse to solve issue. Which one is best 301 redirect or canonical tag? If any live example to see so that's good for me and make me more confident.
Intermediate & Advanced SEO | | CommercePundit0 -
Push for site-wide https, but all pages in index are http. Should I fight the tide?
Hi there, First Q&A question 🙂 So I understand the problems caused by having a few secure pages on a site. A few links to the https version a page and you have duplicate content issues. While there are several posts here at SEOmoz that talk about the different ways of dealing with this issue with respect to secure pages, the majority of this content assumes that the goal of the SEO is to make sure no duplicate https pages end up in the index. The posts also suggest that https should only used on log in pages, contact forms, shopping carts, etc." That's the root of my problem. I'm facing the prospect of switching to https across an entire site. In the light of other https related content I've read, this might seem unecessary or overkill, but there's a vaild reason behind it. I work for a certificate authority. A company that issues SSL certificates, the cryptographic files that make the https protocol work. So there's an obvious need our site to "appear" protected, even if no sensitive data is being moved through the pages. The stronger push, however, stems from our membership of the Online Trust Alliance. https://otalliance.org/ Essentially, in the parts of the internet that deal with SSL and security, there's a push for all sites to utilize HSTS Headers and force sitewide https. Paypal and Bank of America are leading the way in this intiative, and other large retailers/banks/etc. will no doubt follow suit. Regardless of what you feel about all that, the reality is that we're looking at future that involves more privacy protection, more SSL, and more https. The bottom line for me is; I have a site of ~800 pages that I will need to switch to https. I'm finding it difficult to map the tips and tricks for keeping the odd pesky https page out of the index, to what amounts to a sitewide migratiion. So, here are a few general questions. What are the major considerations for such a switch? Are there any less obvious pitfalls lurking? Should I even consider trying to maintain an index of http pages, or should I start work on replacing (or have googlebot replace) the old pages with https versions? Is that something that can be done with canonicalization? or would something at the server level be necessary? How is that going to affect my page authority in general? What obvious questions am I not asking? Sorry to be so longwinded, but this is a tricky one for me, and I want to be sure I'm giving as much pertinent information as possible. Any input will be very much appreciated. Thanks, Dennis
Intermediate & Advanced SEO | | dennis.globalsign0
