Http and https protocols being indexed for e-commerce website
-
Hi team,
Our new e-commerce website has launched and I've noticed both http and https protocols are being indexed.
Our old website was http with only the necessary pages running https (cart, checkout etc). No https pages were indexed and you couldn't access a https page if you manually typed it into the browser.
We outrank our competition by a mile, so I'm treading carefully here and don't want to undo the progress we made on the old site, so I have a few questions:
1. How exactly do we remove one protocol from the index? We are running on Drupal. We tried a hard redirect from https to http and excluded the relevant pages (cart, login etc from the redirect), but found that you could still access https pages if you we're in the cart (https) and then pressed back on the browser button for example. At that point you could browse the entire site on https.
2. Is the safer option to emulate what we had in place on the old website e.g http with only the necessary pages being https, rather than making the switch to sitewide https?
I've been struggling with this one, so any help would be much appreciated.
Jake S
-
Just checked my GA data and you're right. Referral data from mountainjade.co.nz is there. Thanks for the heads up.
I've decided to make the switch to https, so will be organising that with dev in the coming few weeks. I'll keep you posted!
Cheers for the help again Logan,
I owe ya.
-
Great!
I've decided to make the full switch to https now, rather than wait to do it.
I will report back and let you know how it all goes!
Thanks for your help Laura.
-
I don't know why this didn't cross my mind until now, but having both versions can also mess up your Google Analytics data. Going from one to the other (can't remember which direction) creates a new session. You've probably got a lot of self-referring traffic showing up in your reports.
-
Hey Bas,
My developers share your sentiment!
Both versions of the website can be accessed by both the customer and the bots, but because we use relative urls, it can switch between http and https is a single session. This is one example:
1. Land on the homepage from a google search (http homepage is indexed).
2. Browse site on http. Add something to cart. Go to cart.
3. Cart switches to https. Navigate out of cart back into website.
4. Now urls are all https because the links on our site are relative and don't specify a protocol (e.g customer is in cart and then wants to check contact us page, it's link when clicked is as follows [Contact](/contact us). So it pulls the https protocol as there is not http protocol specified in that contact us link.
Hmmm, it definitely could be effecting UX and conversion.
-
Ideally, you'll migrate the entire site to https, and Cyrus' guide is a good one. Google has some helpful info for an http to https migration at https://support.google.com/webmasters/answer/6073543?hl=en.
The canonical tag solution is for the situation where you can't or don't want to go ahead and switch the whole site over to https right away. Either way, make sure Google knows, either through 301-redirects or canonical tags, that the http and https versions are the same page.
-
Hi Laura,
Wow, when I said we have self referencing canonicals in place (through Drupal Yoast) I hadn't even thought that it could be applying a canonical to the https version of the site aswell.
I just crawled both http and https and as you're right, the following is happening:
http://example.com is canonicalized to http://example.com
https://example.com is canonicalized to https://example.com
But I'm a little confused. In my first post I was looking for help because google was indexing both http and https pages. Are you saying that it's because of these canonicals that google is indexing both? Would it index both even if I didn't have the canonicals in place but still had SSL?
Just to confirm, canonicalizing the http URLs to the https URLs will tell google to fold the http URLs into the https and only index the https version of the site? Would I need to follow the https migration guide by Cyrus when doing this, or is this not really a 'migration' to https as we're not forcing the customer to browse in https?
Bear with me!
-
I agree with the others. I think you should pick a horse and ride it. Indecision is only causing more confusion on Google's part and is going to hurt you in the long run. Google says they prefer HTTPS and I've seen evidence of that. You're already paying for an SSL so you might as well use it to the max.
As Laura said, if you've got self-referring canonical tags on both secure and non-secure URLs, you're setting yourself up for some pretty big issues.
-
Hi Jacob,
I understand the issue. I think that this way you're not making a decision where you really should:
Either you use non-ssl or either you use ssl. To continue with the both is a terrible situation: nobody really knows what the they are supposed to know.For instance: is it possible that someone starts on the thomepage (non-ssl), goes to a product page (ssl) and then to the shopping cart which is again non-ssl? If that is the case you should really check your conversion rate because that in itself might be very damaging as well.
Yours,
Bas -
When you say you currently have self referencing canonicals, is the following happening?
The page http://example.com is canonicalized to http://example.com.
The page https://example.com is canonicalized to https://example.com.
If so, this is the bigger problem because Google sees these as 2 different URLs and may index both of them. Furthermore, you could be splitting backlinks between 2 URLs unnecessarily. This duplicate issue may be part of the reason you saw organic traffic drop when you launched your new site.
If the HTTPS URLs are already being indexed by Google, go ahead and canonicalize the http URLs to the https URLs. In other words, http://example.com will canonicalize to https://example.com.
By setting up the canonical this way, Google will fold the two URLs together and correctly treat them as the same page.
-
Good morning Laura,
Thanks for the advice.
I've replied below to Logan giving a little context. If you could take a look and let me know your thoughts it would be a huge help.
-
Hi again Logan,
I've tossed up whether or not to make the full switch to https for a while now. I'll give you a little background so you understand my position:
When our new website launched, our organic search traffic took a dip of around 15%. It has taken around two months for it to recover (almost). We changed site structure out of necessity but followed best practise to ensure we didn't undo alot of the work we had done with the old website. With the 15% organic rankings dip we saw a corresponding dip in revenue, so what I don't want to do is muddy the waters anymore than they already are by adding more moving parts to the mix (migration / redesign / http to https). And we cannot risk another dip in revenue so close to the first which may come with a full https migration (do you think?).
This is why I'm leaning toward replicating what we had in place on the old website and only forcing https on the necessary pages.
Now that you understand my position, would you still recommend the switch to https? I would love to know your thoughts.
The catch with all of this is I'm not sure exactly how the http https was implemented on the old website. At that point in time I had no need to know.
We currently have self referencing canonicals which you know we need to maintain, particularly on product pages which use URL parameters. We are also using relative links across the entire website.
Therefore, what would be the best solution here? Down the rabbit hole we go...
Thanks for your time,
-
Hi Jacob,
Cyrus Shepard put together a great guide on HTTPS migrations. Since you've already got an SSL, you may as well apply it to the whole site and set your preferred domain as HTTPS (as Laura and Bas mentioned). In the guide, he details the best ways to ensure search engines index the version you want via 301 redirect rules, canonical tags, and XML sitemaps. Don't forget to set up Search Console properties for HTTPS - www and non-www versions and set your preferred domain there as well.
Run this query in Google to monitor what they've got in their index as the canonical domain: info:mountainjade.co.nz
-
Agree with Laura: better to let the https be indexed. Nice links by the way for this topic.
Bas
-
In your case, the best thing to do is set up canonical tags to let Google know which version of the URL should be indexed. That way, it doesn't matter if Google can access the https page, and you won't have the duplicate content problem that you have now.
I can't advise you on the best way to set this up with Drupal, but you'll need to be wary of any type of automatic canonical tags. You may end up with an "http" canonical link on the http page and an "https" canonical link on the https page. That doesn't solve the problem at all.
If you are not already familiar with canonical tags, you can learn more at the links below.
- https://support.google.com/webmasters/answer/139066?hl=en
- https://moz.com/learn/seo/canonicalization
- https://webmasters.googleblog.com/2013/04/5-common-mistakes-with-relcanonical.html
By the way, I would set it up so that Google indexes the https version of your pages rather than the http version.
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
If my website uses CDN does thousands of 301 redirect can harm the website performance?
Hi, If my website uses CDN does thousands of 301 redirect can harm the website performance? Thanks Roy
Intermediate & Advanced SEO | | kadut1 -
Recovery from a HTTP to HTTPs migration using 302s ?
If a website did an HTTP to HTTPS migration using 302 re-directs, that were corrected to 301s about 4 months later, what is the expected impact? Will the website see a full recovery or has the damage been done? Thanks to anyone who can shed some light on this...
Intermediate & Advanced SEO | | yaelslater0 -
Website Indexing Issues - Search Bots will only crawl Homepage of Website, Help!
Hello Moz World, I am stuck on a problem, and wanted to get some insight. When I attempt to use Screaming Spider or SEO Powersuite, the software is only crawling the homepage of my website. I have 17 pages associated with the main domain i.e. example.com/home, example.com/sevices, etc. I've done a bit of investigating, and I have found that my client's website does not have Robot.txt file or a site map. However, under Google Search Console, all of my client's website pages have been indexed. My questions, Why is my software not crawling all of the pages associated with the website? If I integrate a Robot.txt file & sitemap will that resolve the issue? Thanks ahead of time for all of the great responses. B/R Will H.
Intermediate & Advanced SEO | | MarketingChimp100 -
Lazy Loading of products on an E-Commerce Website - Options Needed
Hi Moz Fans. We are in the process of re-designing our product pages and we need to improve the page load speed. Our developers have suggested that we load the associated products on the page using Lazy Loading, While I understand this will certainly have a positive impact on the page load speed I am concerned on the SEO impact. We can have upwards of 50 associated products on a page so need a solution. So far I have found the following solution online which uses Lazy Loading and Escaped Fragments - The concern here is from serving an alternate version to search engines. The solution was developed by Google not only for lazy loading, but for indexing AJAX contents in general.
Intermediate & Advanced SEO | | JBGlobalSEO
Here's the official page: Making AJAX Applications Crawlable. The documentation is simple and clear, but in a few words the solution is to use slightly modified URL fragments.
A fragment is the last part of the URL, prefixed by #. Fragments are not propagated to the server, they are used only on the client side to tell the browser to show something, usually to move to a in-page bookmark.
If instead of using # as the prefix, you use #!, this instructs Google to ask the server for a special version of your page using an ugly URL. When the server receives this ugly request, it's your responsibility to send back a static version of the page that renders an HTML snapshot (the not indexed image in our case). It seems complicated but it is not, let's use our gallery as an example. Every gallery thumbnail has to have an hyperlink like: http://www.idea-r.it/...#!blogimage=<image-number></image-number> When the crawler will find this markup will change it to
http://www.idea-r.it/...?_escaped_fragment_=blogimage=<image-number></image-number> Let's take a look at what you have to answer on the server side to provide a valid HTML snapshot.
My implementation uses ASP.NET, but any server technology will be good. var fragment = Request.QueryString[``"_escaped_fragment_"``];``if (!String.IsNullOrEmpty(fragment))``{``var escapedParams = fragment.Split(``new``[] { ``'=' });``if (escapedParams.Length == 2)``{``var imageToDisplay = escapedParams[1];``// Render the page with the gallery showing ``// the requested image (statically!)``...``}``} What's rendered is an HTML snapshot, that is a static version of the gallery already positioned on the requested image (server side).
To make it perfect we have to give the user a chance to bookmark the current gallery image.
90% comes for free, we have only to parse the fragment on the client side and show the requested image if (window.location.hash)``{``// NOTE: remove initial #``var fragmentParams = window.location.hash.substring(1).split(``'='``);``var imageToDisplay = fragmentParams[1]``// Render the page with the gallery showing the requested image (dynamically!)``...``} The other option would be to look at a recommendation engine to show a small selection of related products instead. This would cut the total number of related products down. The concern with this one is we are removing a massive chunk of content from he existing pages, Some is not the most relevant but its content. Any advice and discussion welcome 🙂0 -
4 questions about a paragraph of SEO friendly text in my e-com websites header.
Hi guys, I'm trying to understand the SEO behind our websites header. www.mountainjade.co.nz As you can see we have a paragraph of relevant introductory text that is also SEO friendly in our header. What I would like some help with is understanding how google views and assigns 'juice' to information like this in the header or footer of a website. Usually certain pages have content specific to a given topic, and google ranks these pages accordingly. But with a websites header / footer its content appears on every page as the header is always at the top and footer at the bottom. 1. In what way does my website benefit from the paragraph of text in the header? e.g at the domain level? Just the home page? etc etc 2. How does google assign 'juice' to the paragraph of text? (similiar to Q1). 3. How would my website be effected if I moved the text to the footer? (Aesthetic change) 4. When I 'inspect element' on the paragraph, it is labelled 'div id=site description.' Can someone please explain the relevance of a sites description to SEO for me. This paragraph of text was in the websites header before I came onboard, and I've been too concerned to change / move it as I don't know enough about it. Any help would be appreciated! Thanks team, Jake
Intermediate & Advanced SEO | | Jacobsheehan0 -
How correcttly redirect to http://m.mobile.com website
Hi everyone, I will appreciate if you will drop here a piece of script ( or link to ) for CORRECT redirection for our http://m.mobile.com website. We are confused what type of redirection should we use java script, htaccess, php, 301, 302....? in order not to damage any rankings and etc... Thanks
Intermediate & Advanced SEO | | Webdeal
webdeal0 -
Websites with same content
Hi, Both my .co.uk and .ie websites have the exact same content which consists of hundreds of pages, is this going to cause an issue? I have a hreflang on both websites plus google webmaster tools is picking up that both websites are targeting different counties. Thanks
Intermediate & Advanced SEO | | Paul780 -
Is there a FastTrack to re-index? a site?
Hello... i just started with a new client this week, before working with us his last domain-hosting-webdev provider cancel their account and took off the entire site and left them with a nice "under construction page" (NOT) and added the noindex, nofollow tags. 4 weeks after that, we come into the scene and of course our client it's expecting us to reinsert at least for branded terms the site, and he wants it done on a matter of hours... I tried my best to explain that it's not possible and we are doing everything we can't.... now i ask you guys.. I already created de GWT account, Created a well structured Sitemap and submitted it to google and bing, did the onpage optimizitation at least the basics... there is a way to speed up the process? kind of like "hey you! google bot, forget about the noindex nonsense a come crawl again?" Any help would be great Daniel
Intermediate & Advanced SEO | | daniel.alvarez0