From HTTP to HTTPS
-
Hi
We have implemented HTTPS to the our website. Do we need to now redirect the whole site to HTTPS in the HTTACCESS file?
Because when you enter the site via a google search or enter the domain directly the site is set to HTTP once we click on a URL on the page it sets it to HTTPS so do we require to redirect from the start?
thanks
E -
That Stack Overflow discussion goes into getting Google Tag Manager up and running. It's best to clean up URLs to get as many as possible pointing to HTTPS. That way you're not making unnecessary redirection hops with things you can control. Cheers!
-
Thanks guys
Just to confirm would you recommend goign through and altering all links that point to HTTP to HTTPS for example: google+, analytics etc or would the redirect be sufficient and do this automatically?
Also noticed that google analytics and adwords are now blue and not green in tag assistant once the change was made - any ideas?
thanks
R
-
Right. If you want the HTTPS from the start you'll need to redirect to it. There's a few nice discussion around how over at Stack Overflow, here's one such example: http://stackoverflow.com/questions/13977851/htaccess-redirect-to-https-www. The code you use may vary depending on what you want to achieve.
-
Hi Ram,
Yes, you absolutely should redirect all of your HTTP pages and other resources to the HTTPs version to prevent the situation you describe happening. It's likely Google will see duplicates of each of your pages which will cause ranking issues.
There's a great check-list at the bottom of this blog post by Cyrus Shepard which will take you through everything you need to do.
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
What is the Redirect Rule for corresponding https urls to new domain with the same https urls?
2 sites have the same urls but the owner wants just the 1 site. So I will be doing a 301 redirect with .htaccess from https://www.example.co.uk/sportsbook/SOCCER/today/ redirecting to https://www.example.com//sportsbook/SOCCER/today/ There are a lot of urls that are the same, so I was wondering what the rule is to put in the file please that will change them all to the corresponding urls? Would this be correct?... RewriteEngine on
Intermediate & Advanced SEO | | WSIDW
RewriteCond %{HTTPS_HOST} ^example.co.uk [NC,OR]
RewriteCond %{HTTPS_HOST} ^www.example.co.uk [NC]
RewriteRule ^(.*)$ https://example.com$1 [L,R=301,NC] Or would a simple rule like this work... redirect 301 / http://www.new domain.com/ If not correct could you please give me the correct rule, thanks! Then of course doing a change of address of address in webmaster tools after. Also... do I still need to do the forwarding from the https://www.example.co.uk/ domain provider after as well? Many thanks for your help in advance.0 -
Browser Cacheing - HTTPS redirects to HTTP
Howdy lovely Moz people. A webmaster redirected https protocol links to http a number of years ago in order to try and capture as many links as possible on a site we now manage. We have recently tried to implement https and realised that because of this existing redirect rule, they are now causing infinite loops when trying to test an http redirect. http redirecting to https redirecting back to http, etc. The https version works by itself weirdly enough. We believe that this is due to the permanent browser caching. So unless users clear their cache, they will get this infinite loop. Does anyone have any advice on how we can get round this? a) index both sites and specify in GSC that the https is the canonical version of the site and hope that Google sees that and removes the http version for the https version b) stick with http as infinite loops will kill the site c) ??????????? Thanks all.
Intermediate & Advanced SEO | | HenryFrance0 -
Http to https what should one look out for
Hi, we are moving our site from http to https and would like to know what should one look out for. What are the things that can go wrong, and what is the best way to go about it. Regards Tai
Intermediate & Advanced SEO | | Taiger0 -
Is a rebranding that calls for a domain change a good time to sneak in a change to HTTPS?
Assumed: The material around good migration/redesign practices recommend, logically enough, to change as few things as possible in any given step, thus giving search engines as little trouble as possible identifying and reindexing changes. So if someone is doing significant changes to content, including uri changes, and a rebranding that requires a domain migration, they are generally better off doing one, than the other. 1) Beyond immediate testing and checking for correct crawl health being reestablished after one change, any thoughts on rules of thumb for when to do the second change? Do you do it as soon as you see your rankings/traffic turn the corner and confirm an upward trend after the drop, or wait till you have it all back (or at least hit a plateau)? In the absence of data or best practice I'm thinking of just letting 1/3rd to 2/3rds come back. Is a change to HTTPS small enough/similar enough from the search engine's perspective that it makes more sense to do that at the same time as the rebrand driven domain change? Does this create any special risks or considerations beyond those that arise from the individual components of the change?
Intermediate & Advanced SEO | | JFA0 -
How do I add https version of site to Bing webmaster tools?
I could add my site to Google Webmaster tools with no problems, but when I try to add it in Bing webmaster tools it just redirects me to what I already have. Everything is staying the same but the switch from http to https. Anyone else experienced this? This is what I just received back from Bing and it doesn't seem right- I understand that you switched to the https version of your site and you're now trying to use the Site Move tool. However, in order to do this, you must verify the https version of your site first. You cannot do this because it just redirects you to the dashboard. We thank you for reporting this to us. We've investigated on this matter and can see that you're already put a redirect from the http to the https version of your site. We also checked the /BingSiteAuth.xml file and this also redirects to the https version. At this point, we suggest that you remove the current website (http version) that is verified through Bing Webmaster Tool and add your https domain. When done, use the Site Move tool. Thoughts?
Intermediate & Advanced SEO | | EcommerceSite1 -
Using a 302 re-direct from http://www to https://www to secure customer data
My website sends Customers from a http://www.mysite.com/features page to a https://www.mysite.com/register page which is an account sign-up form using a 302 re-direct. Any page that collects customer data has an authenticated SSL certificate to protect any data on the site. Is this 302 the most appropriate way of doing this as the weekly crawl picks it up as being bad practise? Is there a better alternative?
Intermediate & Advanced SEO | | Ubique0 -
Best practices for handling https content?
Hi Mozzers - I'm having an issue with https content on my site that I need help with. Basically we have some pages that are meant to be secured, cart pages, auth pages, etc, and then we have the rest of the site that isn't secured. I need those pages to load correctly and independently of one another so that we are using both protocols correctly. Problem is - when a secure page is rendered the resources behind it (scripts, etc) won't load with the unsecured paths that are in our master page files currently. One solution would be to render the entire site in https only, however this really scares me from an SEO standpoint. I don't know if I want to put my eggs in that basket. Another solution is to structure the site so that secure pages are built differently from unsecured pages, but that requires a bit of re-structuring and new SOPs to be put in place. I guess my question is really about best practices when using https. How can I avoid duplication issues? When do I need to use rel=canonical? What is the best way to do things here to avoid heavy maintenance moving forward?
Intermediate & Advanced SEO | | CodyWheeler0 -
Google Indexed the HTTPS version of an e-commerce site
Hi, I am working with a new e-commerce site. The way they are setup is that once you add an item to the cart, you'll be put onto secure HTTPS versions of the page as you continue to browse. Well, somehow this translated to Google indexing the whole site as HTTPS, even the home page. Couple questions: 1. I assume that is bad or could hurt rankings, or at a minimum is not the best practice for SEO, right? 2. Assuming it is something we don't want, how would we go about getting the http versions of pages indexed instead of https? Do we need rel-canonical on each page to be to the http version? Anything else that would help? Thanks!
Intermediate & Advanced SEO | | brianspatterson0