Https & http
-
I have my website (HTTP://thespacecollective.com) marked on Google Webmaster Tools as being the primary domain, as opposed to https. But should all of my on page links be http?
For instance, if I click the Home button on my home page it will take the user to http, but if you type in the domain name in the address bar it will take you to https.
Could this be causing me problems for SEO?
-
Thank you!
-
Yes, you should have both active in Search Console, but set the HTTPS to the preferred.
-
You will continue to have both http and https variants active in Google Search Console (you should also add the non www variants and set www as your preferred version).
You do not set anything up within GSC to direct HTTP to HTTPS (to tell Google that you are changing protocols), this is all done via redirects as Logan suggests. Here's a great page which should help clarify this for you:
http://webmasters.stackexchange.com/questions/68435/moving-from-http-to-https-google-search-console
-
Thanks for the additional info but I think you missed my question. Please see the attached image.
I have HTTP and HTTPS set up on Google Search Console. Which one should I be using, or should both be active?
-
Yea, as the bots hit the URLs on your sitemap, it forces them to step through the redirect, which is what you want. They won't notice the new location if you don't point it out to them, and this is the most efficient way to do so.
*To be clear, since this gets confusing in, the URL of the location of your XML should be HTTPS://thespacecollective.com/sitemap.xml, but the URLs listed in it should be HTTP.
Also, add this line to your robots.txt file, as the first line or last line, doesn't really matter:
-
Thanks Logan. Now I have two sites set up in the Google Search Console, http and https. The http version has the sitemap and pretty much everything set up, should I just keep using this even though the site will now be https?
-
When you set up the 301 redirect rule that sends HTTP requests to HTTPS, Google will notice that. Leave your XML sitemap the way it is (with HTTP URL references) for 30 days. This will give them sufficient time to crawl your XML sitemap and learn your new protocol as they hit the redirects. Once most of your indexed pages have switched to HTTPS, you can update your XML to include the secure URLs.
-
Thank you for the links, I have read through each and have decided to change to HTTPS as you advise. I've done everything with the exception of informing Google that the new site is https as opposed to http. How do I make them aware?
I have set up http and https in Webmaster Tools, but how do I tell Google which one is relevant in order to stop any duplicate content issues?
-
From what I understand, you're already decided to split your traffic between HTTP and HTTPS. If this is correct, I would urge you to reconsider and redirect all traffic toward HTTPS versions as there are more issues to consider other than duplicate content, particularly as you are an e-commerce store. The latest (and future) versions of Chrome and Firefox will more clearly highlight unsecured connections. This is from Google's security blog: (https://security.googleblog.com/2016/09/moving-towards-more-secure-web.html?m=1)
"In following releases, we will continue to extend HTTP warnings, for example, by labelling HTTP pages as “not secure” in Incognito mode, where users may have higher expectations of privacy. Eventually, we plan to label all HTTP pages as non-secure, and change the HTTP security indicator to the red triangle that we use for broken HTTPS."
Chrome is the world's most popular browser, used by over 50% of all internet users. If your site is displaying a red triangle with the words 'Not Secure' next to it on ANY page on your site is going to turn visitors away. If over half you your visitors are receiving such a message the consequences will not be good.
Google are pushing users toward HTTPS (https://moz.com/blog/https-tops-30-how-google-is-winning-the-long-war) so I would suggest that it's a mis-step to swim against the tide.
There are also other minor benefits to serving all of your pages via HTTPS; it's a minor ranking signal and better support for browser compression, among others.
Here's another article that covers the recent changes.
https://www.searchenginejournal.com/google-is-requiring-https-for-secure-data-in-chrome/183756/
However you proceed, I hope this goes smoothly for you.
Good luck.
-
Perfect, thank you. I'm doing this as we speak!
-
Rolling back to HTTP for non-checkout pages is an option as well. The main point I was trying to make was to not have both versions of your URLs accessible/indexable.
-
Thanks for this Logan. Surely it makes more sense for me to simple change my website to HTTP and just keep Cart/Checkout, etc. as HTTPS? I see changing to HTTPS as a big risk and a lot of unnecessary work for very little benefit.
-
Hi,
Both versions HTTP and HTTPS of your site will render, that's a problem. Since you've got an SSL and it's been applied to the home page, you should make your entire site secure. Once you've done that, you'll want to apply a redirect rule that sends all HTTP requests to the HTTPS version. Because you're not currently doing that, you're running the risk of duplicate content issues. Once you've done that, yes, you should set the primary domain in Google Search Console (WMT) as HTTPS. There's a few other steps you'll want to take as well - Cryus Shepard wrote a great post detailing all necessary steps for secure migration, I highly recommend reading that.
Additionally, when people on your site are bouncing back and forth between HTTP and HTTPS, it's destroying your data integrity in Google Analytics. Going from a HTTP page to a HTTPS page breaks the session, and starts a new one that will be attributed to direct traffic. You can see how this would quickly become a nightmare for accurate analysis and measurement. If you follow the steps in Cyrus' post, your GA data should return to normal because users won't be going back and forth from secure to non-secure.
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
No Follow & Rel Canon for Product Filters
Our site uses Canonicals to address duplicate content issues with product/facet filtering. example: www.mysite.com/product?color=blue Relcanon= www.mysite.com/product However, our site is also using no follow for all of the "filters" on a page (so all ?color=, etc. links are no follow). What is the benefit of utilizing the no follow on the filters if we have the rel canon in place? Is this an effort to save crawl budget? Are we giving up possible SEO juice by having the no follow and not having the crawler get to the canonical tag and subsequently reference the main page? Is this just something we just forget about? I hope we're not giving up SEO juice by
Technical SEO | | Remke0 -
Fundamental HTTP to HTTPS Redirect Question
Hi All I'm planning a http to https migration for a site with over 500 pages. The site content and structure will be staying the same, this is simply a https migration. Can I just confirm the answer to this fundamental question? From my reading, I do not need to create 301 redirect for each and every page, but can add a single generic redirect so that all http references are redirected to https. Can I just double check this would suffice to preserve existing google rankings? Many Thanks
Technical SEO | | ruislip180 -
Drupal, http/https, canonicals and Google Search Console
I’m fairly new in an in-house role and am currently rooting around our Drupal website to improve it as a whole. Right now on my radar is our use of http / https, canonicals, and our use of Google Search Console. Initial issues noticed: We serve http and https versions of all our pages Our canonical tags just refer back to the URL it sits on (apparently a default Drupal thing, which is not much use) We don’t actually have https properties added in Search Console/GA I’ve spoken with our IT agency who migrated our old site to the current site, who have recommended forcing all pages to https and setting canonicals to all https pages, which is fine in theory, but I don’t think it’s as simple as this, right? An old Moz post I found talked about running into issues with images/CSS/javascript referencing http – is there anything else to consider, especially from an SEO perspective? I’m assuming that the appropriate certificates are in place, as the secure version of the site works perfectly well. And on the last point – am I safe to assume we have just never tracked any traffic for the secure version of the site? 😞 Thanks John
Technical SEO | | joberts0 -
Desktop in http and mobile in https
Any experience or advice you can share of having a mix set of pages/urls in one site/domain https and http e.g. mobile in https and desktop in http , (desktop version) http://mydomain/product1 (mobile version)https://m.mydomain.com/product1 att the same time some mobile pages still in http://m.mydomain.com/sectionA/ thanks
Technical SEO | | arnoldcr0 -
Google how deal with licensed content when this placed on vendor & client's website too. Will Google penalize the client's site for this ?
One of my client bought licensed content from top vendor of Health Industry. This same content is on the vendor's website & my client's site also but on my site there is a link back to vendor is placed which clearly tells to anyone that this is a licensed content & we bought from this vendor. My client bought paid top quality content for best source of industry but at this same this is placed on vendor's website also. Will Google penalize my client's website for this ? Niche is HEALTH
Technical SEO | | sourabhrana1 -
URL Structure & SEO - Should we be using sub-folders?
Hi all, As part of our content marketing efforts we have run a number of initiatives in the past and created pages on the website to go along with them (also where the links for these particular projects point to). However, the URL structure isn't actually a reflection of where the pages sit on the site. Unfortunately I'm unable to provide a URL for reasons I won't bore you with, but here's an example: We recently ran a competition that was very successful in generating links. The URL for this is www.domain.co.uk/competition. However, the page actually sits within the About Us section - which is where all of our news and content marketing pages go - and uses a URL override. How much of an issue is this in regards to A) Our SEO in general?; and B) Ensuring we receive as much equity from the links we earn as possible? A brief explanation of what URL overrides actually are would also be useful! (We have a digital marketing agency who handle most of our SEO) Thanks in advance guys! John
Technical SEO | | NAHL-14300 -
YouTube & Google + Pages
Hello, Has anyone had luck associating their Google + business page with their YouTube channel? Our YouTube page is associated with our Google + profile (and we would like it to be associated with the Google + business page.) There are numerous articles out there that Google is working on an update to allow the Channel/Google+ business page association but I am wondering if there is news we might have missed. Or if there is a way to get around it? We want to implement video on some site pages and would rather use YouTube code as opposed to customizing a solution. Do most folks think Google will have an easy solution once it at arrives? Meaning if you upload videos to your channel that is currently associated with the profile page, do you think there will be a way to convert everything over to a Google + business page once they unveil an update. Thank you!
Technical SEO | | SEOSponge0 -
Iframes & SEO
I've got a client that wants a site with all content in iFrames. They saw another site they liked & asked if we could do it. Of course we can technically. How big a negative hit would they take with SEO? Is there anything we can do to mitigate it, such as redirects, etc? Thanks for the help!
Technical SEO | | wcksmith0