Redirect HTTP to HTTPS
-
Hello,
Simple question - Should we be redirecting our HTTP pages to HTTPS? If yes, why, if not, why?
Thanks!
-
Yes - for the simple reason that from January 2017, Google Chrome will start marking all sites that do not have https active on sensitive pages as insecure - this is a very important step.
As is the way with Google, this 'gentle' shepherding is surely a forewarning of a move to 'https is mandatory' before long...
https://security.googleblog.com/2016/09/moving-towards-more-secure-web.html
"Eventually, we plan to label all HTTP pages as non-secure, and change the HTTP security indicator to the red triangle that we use for broken HTTPS."
So really, you have no choice, and honestly, it's not so bad. We just moved our entire site to https without any issues.
-
Thanks for your opinions and experiences. Just a question.. did you 301 redirect all your http pages to https? If so, you still lost indexed pages? Thanks for your help.
-
Hi Harry,
If you already did implant HTTPS on your website you should definitely start redirecting since you will otherwise have a duplicated version on your website.
But I suppose you’re still in to process of making that decision. In that case I would read this post on Moz which can give you a great overview of what HTTPS can and cannot do for your website (and your SEO).
http://moz.com/blog/seo-tips-https-ssl
SEO wise the main point is that this is just a small rankings factor which might not be worth the time and hassle. Personally I would implant it in a new website, but wouldn’t (solely based on the SEO benefits) change an existing website to HTTPS. In that situation the security, privacy and trust reasons should be important to you as well to justify the decision.
I hope this helps!
-
I assume your referring to implementing SSL? Let me give you some personal advice here. Forget about it. there was huge hype last year about Google giving reward to https domains so I immediately went ahead. In doing so I lost a ton of indexed URL's which took about 2 months to recover from. So, I would say forget about making any changes, not worth the effort.
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Redirect Chains
Hi There, I have had conducted a few migrations recently and have a common issue which is this: HTTP (old site) -> HTTPS (old site) -> (HTTPS) (new site) Which causes a redirect chain. How should you prevent this before migration or fix it after migration? Cheers.
Intermediate & Advanced SEO | | kayl870 -
301 redirects
One of our employees took an SEO class recently. She was told that having too many 301 redirects can hurt SEO. I have never heard of 301 redirects as having a negative impact. Any thoughts?
Intermediate & Advanced SEO | | Smart_Start0 -
301 redirects cross domains
Hi Moz Community. We have a client that has Website A and Website B. Website A is going to be replaced by Website C, a new website and brand. Some products sold on Website A are going to be split out to Website B & C. i.e. Say Website A sells eight products - then four will go to Website B and four to Website C. OUR QUESTION Technically we know we can 301 redirect the Website A products to the relevant Website B & Website C products. 1. Given this convoluted structure, will there be any negative ramifications for SEO? and; 2. Which website would you redirect the homepage to, B or C?
Intermediate & Advanced SEO | | WCR0 -
Converting to HTTPS
I have a 10 yr old website that we are just now adding a Symantec SSL with Extended Validation. I've seen some older posts about whether switching to URL's to HTTP effects Google ranking and I understand it may in the short run, but I wondered if anyone had any updated info about how best to go about this. Are there any step by step articles that could walk me through this? Our certificate is already installed now, but we haven't forced it out there yet. If I understand right, we will use the HTTPS on the entire site. I am not very experienced with 301's, but I believe I can set this up in Godaddy.com where our domain is reigstered so that our old HTTP forwards to HTTPS. Also, I don't think this effects anything within GWT so I don't think I have to make any changes there. Am I missing anything? FYI, the prices for this on the Symantec site are pretty high for a small business like ours. I looked around and found https://www.thesslstore.com/, an SSL reseller, had cheaper prices listed on their site. As it turns out, I called to ask a technical question and the sales person offered to email me a custom quote that was even cheaper than what was listed on their site. So if you are dealing with a limited budget, I might recommend you call The SSL Store and get a quote from them. I am not an affiliate and having nothing to do with them, I was just happy with their service and I believe it cost me about 1/2 of the price on the Symantec site. Hope that helps someone.
Intermediate & Advanced SEO | | jacksghost0 -
301 Redirect htaccess
Hi Guys, I have a website that has plenty of links with parameters. For example:
Intermediate & Advanced SEO | | UrbanMark
http://www.domainname.co.uk/index.php?app=ecom&ns=catshow&ref=Brandname-Golf-Shorts&sid=201v04gxs2hlozv161tfo43qk98583el I want to place a wildcard redirect on the .htaccess but don't know what exactly code for this. Ideally I want the URLs above to be: http://www.domainname.co.uk/Category/Brandname-Golf-Shorts Any help pls. Thanks,
Brucz0 -
Best practices for handling https content?
Hi Mozzers - I'm having an issue with https content on my site that I need help with. Basically we have some pages that are meant to be secured, cart pages, auth pages, etc, and then we have the rest of the site that isn't secured. I need those pages to load correctly and independently of one another so that we are using both protocols correctly. Problem is - when a secure page is rendered the resources behind it (scripts, etc) won't load with the unsecured paths that are in our master page files currently. One solution would be to render the entire site in https only, however this really scares me from an SEO standpoint. I don't know if I want to put my eggs in that basket. Another solution is to structure the site so that secure pages are built differently from unsecured pages, but that requires a bit of re-structuring and new SOPs to be put in place. I guess my question is really about best practices when using https. How can I avoid duplication issues? When do I need to use rel=canonical? What is the best way to do things here to avoid heavy maintenance moving forward?
Intermediate & Advanced SEO | | CodyWheeler0 -
Redirect of just one internal page
If I have 2 domains with different content that are in same topic, and each one lives on its own IP-address, what could be the result if I do permanent redirect of just one internal page from one domain to counterpart page of another? What if I use rel=canonical instead of R301? Thank you!
Intermediate & Advanced SEO | | kolio_kolev0 -
Push for site-wide https, but all pages in index are http. Should I fight the tide?
Hi there, First Q&A question 🙂 So I understand the problems caused by having a few secure pages on a site. A few links to the https version a page and you have duplicate content issues. While there are several posts here at SEOmoz that talk about the different ways of dealing with this issue with respect to secure pages, the majority of this content assumes that the goal of the SEO is to make sure no duplicate https pages end up in the index. The posts also suggest that https should only used on log in pages, contact forms, shopping carts, etc." That's the root of my problem. I'm facing the prospect of switching to https across an entire site. In the light of other https related content I've read, this might seem unecessary or overkill, but there's a vaild reason behind it. I work for a certificate authority. A company that issues SSL certificates, the cryptographic files that make the https protocol work. So there's an obvious need our site to "appear" protected, even if no sensitive data is being moved through the pages. The stronger push, however, stems from our membership of the Online Trust Alliance. https://otalliance.org/ Essentially, in the parts of the internet that deal with SSL and security, there's a push for all sites to utilize HSTS Headers and force sitewide https. Paypal and Bank of America are leading the way in this intiative, and other large retailers/banks/etc. will no doubt follow suit. Regardless of what you feel about all that, the reality is that we're looking at future that involves more privacy protection, more SSL, and more https. The bottom line for me is; I have a site of ~800 pages that I will need to switch to https. I'm finding it difficult to map the tips and tricks for keeping the odd pesky https page out of the index, to what amounts to a sitewide migratiion. So, here are a few general questions. What are the major considerations for such a switch? Are there any less obvious pitfalls lurking? Should I even consider trying to maintain an index of http pages, or should I start work on replacing (or have googlebot replace) the old pages with https versions? Is that something that can be done with canonicalization? or would something at the server level be necessary? How is that going to affect my page authority in general? What obvious questions am I not asking? Sorry to be so longwinded, but this is a tricky one for me, and I want to be sure I'm giving as much pertinent information as possible. Any input will be very much appreciated. Thanks, Dennis
Intermediate & Advanced SEO | | dennis.globalsign0