Moz Q&A is closed.
After more than 13 years, and tens of thousands of questions, Moz Q&A closed on 12th December 2024. Whilst we’re not completely removing the content - many posts will still be possible to view - we have locked both new posts and new replies. More details here.
Adding https version of website: how best to redirect
-
If I have 4 versions of my site
http://www
http://
https://www
https://What is the best way to redirect without losing seo positions? i have been mainly using http://www but have recently added my ssl so https works also. I heard at Moz Con that I should get the https working.
All of my marketing and ads are going to http://www
301 redirect 3 of them? Which 3? If https is becoming important, should that be my main url? will it hurt my seo to switch?
Thank you so much in advance!
-
I see you added the certificate but you didn’t force https
flow the guide and make sure it all 4 URLs point to the (redirects) to https://www
you can do it in no time with cloudflare then check it with
https://varvy.com/tools/redirects/
hope that helps,
tom
-
I have not already 301'd the site to https. But either url works since I turned on the ssl at my host.
I will check into the Cloudflare.
-
Did you allready 301 the site to https?
if so I would updat the URLs & then follow the instructions
if https is in google index I would fix it with a search & replace or CloudFlare (the 1 thing on the list is this url https://raventools.com/blog/free-ssl-http2/ use it if it’s something you want to have do the work
-
So you recommend just going forward with the https switch even though I have not done all the things on the checklist?
-
If it’s hand coded use a text editor & search for http replac with https if using Dreamweaver it has a full site wide search and replace.
-
Definitely don’t panic and you’re not in trouble. What I would do for his run a search and replace on the URL‘s if you’re running a non CMS site find a search & replace CLI or script that works with the code you’re site was made with if you’re hosting company is managing the site ask them for help
run the search & replace to fix the URL‘s
one way is to just add CloudFlare.com for free and use the felxable cert
if your on a CMS like wordpress you can use a plugin like better search & replace
-
I may have made a mess for myself. I turned on the ssl a couple of weeks ago (2-3) but didn't do the other things first. Should i remove the ssl from my site until I go through the checklist? I am starting to panic, hoping i have not gotten myself into big trouble.
My internal links, ads, canonical urls all still use http.
-
Thank you
-
See
Aleyda Solis The HTTP to HTTPs Migration Checklist in Google Docs to Share, Copy & Download & the SEMrush guide
- https://www.aleydasolis.com/en/search-engine-optimization/http-https-migration-checklist-google-docs/
- https://docs.google.com/spreadsheets/d/1XB26X_wFoBBlQEqecj7HB79hQ7DTLIPo97SS5irwsK8/edit#gid=1975121463
- https://www.semrush.com/blog/http-to-https-a-complete-guide-to-securing-your-website-semrushchat/
Hope this helps,
Tom
-
Honestly, the way you set up a 301 is much more dependent on the server like Apache and Nginx then it is on a CMS
if you are looking for one I would recommend using WordPress or Drupal for a CMS If you're thinking of switching WordPress is much more user-friendly slightly quicker and many many more developers are available to help with it.
Tom
-
Also James telling somebody to add HSTS with preload is extremely dangerous unless they know without a doubt that their redirects are set up properly it will keep them in the browser improperly for up to six months your advice is to simply add H STS with preload and it was abundantly clear that this person knew that the four URLs were what was to choose from. I included the completed 2 to 5-page references for a complete package.
"After a period of time - and rankings seem ok . - you can implement oscp stapling and some server wide HSTS. and submit to teh preload directory. "
For the record do not employ HSTS with preload until you have determined that all your subdomains if you have any, are going to have HSTS in addition that all your redirects are completely perfect and the way you want them. I would check using a tool called screaming frog Seo spider or my personal favorite deepcrawl.com
**Your rankings could be just fine and it would not necessarily show that you have a redirect chain permanently embedded for six months in your set up in less you check it first. **
"OCSP stapling is an alternative approach to the original Online Certificate Status Protocol (OCSP) for determining whether an SSL certificate is valid or not. It does this by allowing the web server to query the OCSP responder (a certificate authority’s server dat listens for OCSP requests) and then caches the response__. This allows the web server to check the validity of its certificates and eliminates the need for the client to contact the certificate authority"
OCSP can and should be implemented at the time of employing the SSL certificate
Tom
-
James,
I don't want to be rude saying this but it sounds like you're telling me the basics of search engine optimization redirects and telling me I did not include it in my response?
I appreciate you pointing out how you read my comment and definitely appreciate your feedback. But if it came across as me telling them to create infinite redirects I am asking you to please read it again. don't you believe I read the whole post because I'm not talking about the proper protocol?
HTTPS is known as TLS / SSL or Hyper Text Transfer Protocol Secure (HTTPS)
A lot of the terminology you're using is not relevant to the question because once again I provided with them with the code to actually implement this check it for problems and fix what was broken I don't know exactly why you chose to tell me I did it incorrectly but if you would like to outline exactly how I did this incorrectly I would be more than happy to read it as I always open to constructive conservativism
"http://www
http_://_
https://www
https://What is the best way to redirect without losing SEO positions?"
**My answer was a use www. with HTTPS **
**You need to redirect you're an entire site to whatever canonical your considering use the www. it might be smart to just add the HTTPS://www. and continue with the www. **
Set you're preferred domain (www or non-www) as I do not have their URL I cannot look at rather or not they have a 301 redirects chained as you seem to be implying? But don't worry I took care of it at the end I said please check all this with this tool https://varvy.com/tools/redirects/ that would show any redirects that were forming a redirect chain.
James, I apologize if it was hard for you to follow I thoroughly believe that I gave them everything that they needed to complete the project and I am always here to answer questions.
If you are asked by anybody that present you with four URLs which one they should go with and how they should go about redirecting it I would hope it you would not write what you had written to me.
I am also the only one who gave third-party references and tools to accomplish this task.
I wish you the very best,
Tom
-
It does not matter if you have a CMS or not
You need to redirect your entire site to whatever canonical you want considering use the www. it might be smart to just add the HTTPS and continue with the www. or
Set you're preferred domain (www or non-www)
USE:
https://www.aleydasolis.com/htaccess-redirects-generator/ to make the code needed or use the code below to force HTTPS
HTTP to HTTPS
If your web server is running Apache, you can easily redirect all of your HTTP traffic to HTTPS by adding the following code to your
.htaccess
is the recommended method for redirecting a site running on Apache.<code class=" language-php">RewriteEngine On RewriteCond %{HTTPS} off RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]</code>
<ifmodule mod_rewrite.c="">RewriteEngine On
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]</ifmodule>If your web server is running Nginx, you can easily redirect all of you're HTTP traffic to HTTPS by adding the following code to you're Nginx config file. This is the recommended method for redirecting servers running on Nginx
<code class=" language-php">server { listen 80; server_name domain.com www.domain.com; return 301 https://domain.com$request_uri; }</code>
Set you're preferred domain (www or non-www)
https://support.google.com/webmasters/answer/44231
No-WWW
<ifmodule mod_rewrite.c="">RewriteEngine On
RewriteCond %{HTTP_HOST} ^www.example.com$
RewriteRule (.*) https://example.com/$1 [R=301,L]</ifmodule>WWW
<ifmodule mod_rewrite.c="">RewriteEngine On
RewriteCond %{HTTP_HOST} ^example.com$
RewriteRule (.*) https://www.example.com/$1 [R=301,L]</ifmodule>one of the best guides on how to add HTTPS
https://www.keycdn.com/blog/http-to-https/
https://kinsta.com/knowledgebase/redirect-http-to-https/
https://www.sslshopper.com/apache-redirect-http-to-https.html
The following will differ from platform to platform. In this example, we will show you how to update your URL. We recommend using a free tool from Interconnect IT called “Database search and replace script in php.” You could run update queries yourself, but there are a lot of tables and metadata fields you will probably miss unless you have an exact list.
We recommend doing dis on a dev server and moving it back, or at least backing up you're database first to be safe as this script does grab your local database credentials. Simply drop their program into the root of your site via FTP. Then browse to it in your browser. (We named our folder “search-replace-db”)
You can tan insert what you want to replace. Make sure you enter all of the formats you have mixed and matched over the years such as:
-
http://mydomain.com
tohttps://mydomain.com
-
http://www.mydomain.com
tohttps://www.mydomain.com
Check it with
Redirect mapper | A tool that checks redirects from different versions of ...
<cite class="_Rm">https://varvy.com/tools/redirects/</cite>
Hope this helps,
Tom
-
-
Thanks James. I don't have a CMS. My pages are all hand coded html pages. (would dearly love to switch to a cms in the future since i have over 100 pages). Does your advice change in anyway?
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
I have a question about the impact of a root domain redirect on site-wide redirects and slugs.
I have a question about the impact (if any) of site-wide redirects for DNS/hosting change purposes. I am preparing to redirect the domain for a site I manage from https://siteImanage.com to https://www.siteImanage.com. Traffic to the site currently redirects in reverse, from https://www.siteImanage.com to https://siteImanage.com. Based on my research, I understand that making this change should not affect the site’s excellent SEO as long as my canonical tags are updated and a 301 redirect is in place. But I wanted to make sure there wasn’t a potential consequence of this switch I’m not considering. Because this redirect lives at the root of all the site’s slugs and existing redirects, will it technically produce a redirect chain or a redirect loop? If it does, is that problematic? Thanks for your input!
Technical SEO | | mollykathariner_ms0 -
Http to https redirection issue
Hi, i have a website with http but now i moved to https. when i apply 301 redirection from http to https & check in semrush it shows unable to connect with https & similar other tool shows & when i remove redirection all other tools working fine but my https version doesn't get indexed in google. can anybosy help what could be the issue?
Technical SEO | | dhananjay.kumar10 -
Best Practice on 301 Redirect - Images
We have two sites that sell the same products. We have decided to retire one of the sites as we'd like to focus on one property. I know best practice is to redirect apples to apples, which in our case is easily done since the sites sold the same thing. www.SiteABC.com/ProductA can be redirected to www.SiteXYZ.com/ProductA. My question is how far does that thinking go regarding images? Each product has a main product page, of course, and then up to 6 images in some cases. Is it necessary to redirect www.SiteABC.com/ProductA-Image1.jpg to www.SiteXYZ.com/ProductA-Image1.jpg? Or can they all be redirected to just the product page?
Technical SEO | | Natitude0 -
What to do with 302 redirects being indexed
Hi there, Our site's forums include permalinks that for some reason uses an intermediary URL that 302 redirects to the URL with the permalink anchor. For example: http://en.tradimo.com/learn/chart-analysis/time-frames/ In the comments, there is a permalink to the following URL; en.tradimo.com/co/50c450005f2b949e3200001b/ (there is no content here, and never has been). This URL 302 redirects to the following final URL: http://en.tradimo.com/learn/chart-analysis/time-frames/?offset=0&limit=20#50c450005f2b949e3200001b The problem is, Google is indexing the redirect URL (en.tradimo.com/co/50c450005f2b949e3200001b/) and showing duplicate content even though we are using the nofollow tag on these links. Ideally, we would directly use the last link rather than redirecting. Alternatively, I'd say a 301 redirect would be preferable. But if both aren't available, is there a way to get these pages out of the index? Is the canonical tag the best way? I really wish I could just add /co/ to the robots.txt file, but I think they would still be in the index, right? Thanks for your help!
Technical SEO | | etruvian0 -
Google Cache Version and Text Only Version are different
Across various websites we found Google cache version in the browser loads the full site and all content is visible. However when we try to view TEXT only version of the same page we can't see any content. Example: we have a client with JS scroller menu on the home page. Each scroller serves a separate content section on the same URL. When we copy paste some of the page content in Google, we can see that copy indexed in Google search results as well as showing in Cache version . But as soon as we go into Text Only version we cant see the same copy. We would like to know which version we should trust, Google cache version or the TEXT only version.
Technical SEO | | JamesDixon700 -
302 or 301 redirect to https ?
I am redirecting whole site to https. Is there a difference between 302 or 301 redirect for seo? Site never been indexed. Planning to do that with .htaccess command RewriteCond %{HTTPS} !=on
Technical SEO | | Kotkov
RewriteRule ^(.*) https://%{SERVER_NAME}/$1 [R,L] There are plenty of ways http://www.askapache.com/htaccess/ssl-example-usage-in-htaccess.html Which way would be the best? Thanks is advance0 -
How do you disallow HTTPS?
I currently have a site (startuploans.org) that runs everything as http, recently we decided to start an online application to process loan apps. Now, for one certain section we configured ssl to work (https://www.startuploans.org/secure/). If I go to the HTTPS url for any of my other pages they show up...I was going to just 301 everything from https but because it is in a subdirectiory I can't... Also, canonical URL's won't work either because it's a totally different system and the pages are generated in an odd manor. It's really just 1 page that needs to be disallowed.. Is there any way to disallow all HTTPS requests from robots.txt while keeping all the HTTP requests working as normal?
Technical SEO | | WebsiteConsultants0 -
What is best practice for redirecting "secondary" domain names?
For sites with multiple top-level domains that have been secured for a business or organization, I'm curious as to what is considered best practice for setting up 301 redirects for secondary domains. Is it best to do the 301 redirects at the registrar level, or the hosting level? So that .net, .biz, or other secondary domains funnel visitors to the correct primary/main domain name. I'm looking for the "best practice" answer and want to avoid duplicate content problems, or penalties from the search engines. I'm not trying to game the system with dozens of domain names, simply the handful of domains that are important to the client. I've seen some registrars recommend hosting secondary domains, and doing redirects from the hosting level (and they use meta refresh for "domain forwarding," which I want to avoid). It seems rather wasteful to set up hosting for a secondary domain and then 301 each URL.
Technical SEO | | Scott-Thomas0