RE: For URLs that require login, should our redirect be 301 or 302?

Thanks - so the 302 redirect suggests the page has moved temporarily, which it has not. It simply cannot be accessed until a login. Is that considered "moved temporarily?" Since it will be accessible with a login, is that considered a temporary move? I will absolutely make pages that require login noindex. Should I make them nocrawl as well?

We have a login required section of our website that is being crawled and reporting as potential issues in Webmaster Tools. I'm not sure what the best solution to this is - is it to make URLs requiring a login noindex/nocrawl? Right now, we have them 302 redirecting to the login page, since it's a temporary redirect, it seems like it isn't the right solution. Is a 301 better?

Looks to me like someone added some kind of SEO tracker to the footer at some point that no one else was aware of. Have you tried installing Ghostery and seeing if it shows up as a tracker? I agree with the other commenter that it is almost certainly not an SEO issue, and that you should be safe removing it.

I'm not a netsec expert or a technical SEO expert, but I'm running SEO for my company and have been looking into this for a while now. The tips I can give you are: add rel="canonical" tags to all the http:// versions of your site pointing to the https:// version. Once you get an SSL certificate, make sure to claim all 4 variations of your URL (http://, http://www., https://, https://www.) in webmaster tools and designate which is canonical (this will just make sure the Googlebot knows which is canonical, you'll still want to add the tag to your site pages). Finally, make sure that if you do decide to switch to HTTPS:// (which I highly recommend - some people, myself included, now instinctively use https:// over http:// and if someone points a link at https:// when you aren't using it, Chrome will display a yellow warning interstitial and a red X over the https:// in the address bar), get an SHA-2 certificate, rather than SHA-1, as Google is sunsetting it in the next year. To the comment on page load speed - Https:// slows page load down, but generally not by a substantial amount (also, there are plenty of other ways to address page load time that can offset the hit, and if you've already done all that, the page load hit won't hurt you, since you're in better shape than everyone else). Also, while Google's incorporation of https:// as a signal so far has not seemed to impact results much, it's a near certainty that, based on Google's current behavior, it will become less of a signal and more of a necessity, and as more websites adopt it, the less the slight page load hit will matter. Websites are essentially required to adopt it sometime in their lifecycle, as growth makes security much more of a concern.

Further reading on SHA-1 and SHA-2:

https://konklone.com/post/why-google-is-hurrying-the-web-to-kill-sha-1

http://googleonlinesecurity.blogspot.com/2014/09/gradually-sunsetting-sha-1.html

For SEO purposes, either structure will work so long as it's clear where in the site navigation the page is, since it will just be making it easier for the site to be crawled. For optimizing for sales, the other commenters are right in that you are getting bogged down in things that aren't going to substantially impact customer behavior. Really the only thing you should be worried about with your URL in terms of conversion is whether you are using SHA-2 (people trying to come to an https:// version of your site will get a warning and no green reassurance in the address bar, and a red warning in the address bar if you aren't using SSL at all) and whether a visitor could look at the URL and have a good idea of what the content of that page is. Beyond that, you're optimizing at the extreme margins.

However, if you really do want to attempt to optimize your URLs to an extreme, it really depends on your site structure. If the entirety of the website is a store, then the /shop/ subdirectory is unnecessary. If you have a store as a part of your website, a subdirectory of /shop/ or /store/ or something like that would be helpful in indicating where in the site the URL is pointing. Similarly, having a product subdirectory makes sense if you have multiple categories of products (in your case, say you had both vitamins and paleo cooking ingredients, each with multiple SKUs within the product category). However, if your store only has 9 SKUs, all of which are vitamins, /products/vitamins is unnecessary for indicating where in the site you are (or, you could use /products/ to direct to a page listing all 9 SKUs, in which case the /products/keyword would ultimately turn into products/nameOfProduct).

If you have a site that has a store with multiple product categories all with multiple SKUs, you could consider /store/products/keyword as a format, although that starts to get a bit long. Have you considered using a store.website.com subdomain?

My URL process is: Is it the best indicator of where in the site navigation the visitor is? In most cases, this should mean it indicates that they are in a store, where in the stores navigation they are, and what item they are looking at (keyword). If that's true, then it's a good URL. Secondary concern is keeping the URL from being too long, aim for the most concise but clear indication of where in your sites navigation the user is. The final piece of the URL string (that indicates the specific page the visitor is on) is where you can add the keyword you care about.