HTTP & HTTPS
-
what is best recommended when some of the pages on site goes from HTTP to HTTPS: 301 redirection or 302 redirection?
and why?thank you
I was asked to elaborate so:
on my website I have open account pages. users are asked to fill the details. those page are secured and are HTTPS. the problem is that the whole website turned to HTTPS so they redirected most of the pages from HTTPS to HTTP.
the secured pages are redirected from HTTP to HTTPS.I wanted to check if it's correct and what is the best redirection way (301 or 302)
-
It could be this easy
http://kb.sucuri.net/cloudproxy/Configuration/how-to-enable-SSL
-
The answer is 301 redirect however you would ideally like your chosen and page either non-www.or www.so
Or
To be a 200
Here is an example of an HTTPS:// website and the headers it returns when run through this tool that will give you your answer.
http://www.feedthebot.com/tools/headers/test.php
The site I am referencing is using www. so I put the URL with the www.the tool referenced below the headers it will give me a 200 okay
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 17 Jun 2014 15:38:47 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Vary: Accept-Encoding
If I put the same URL from the same website into this tool but do not include www.
I receive this
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 17 Jun 2014 15:39:53 GMT
Content-Type: text/html
Keep in mind you will get a lot more information but you are really should only care about what it says after HTTP/1.1
Useing
http://www.feedthebot.com/tools/headers/test.php
Like the others though I am concerned as to how you are going to make this change.
What company are you buying the SSL certificate from? What is your hosting company? Many times these things are implemented via the hosting, load balancer, WAF etc.
There are so any ways to implement https://
that in less you elaborate a little bit more on your server architecture for instance if you could tell me for using a CMS in your hosting company that would be a big step in the right direction.
Are you using load balancers?
Are using a WAF
or CDN to carry the SSL Cert?
I strongly suggest you reference this information about redirection
http://moz.com/learn/seo/redirection
This great blog post by Cyrus Shepard
http://moz.com/blog/save-your-website-with-redirects
SSL if you are familiar with Regex I would strongly recommend taking a look at this great information provided by WP engine that can be used on WordPress platforms in addition to other platforms as well.
http://wpengine.com/support/regex/#ssl
If you are using a WAF (I do not recommend CloudFlare regardless I know that you would be using a similar tactic shown here depending on the WAF or cloudproxy)
sincerely,
Thomas
-
In my mind the answer is complicated and depends a lot on your site structure and how your cms or website handles https.
Case in point, if you go to a https page on your site and all of the links pointing out from that page are to https pages, but the pages are redirected to http pages I would consider that bad. The way some sites are written, they just use the same protocol that the current page uses no matter what, so you would have to redirect the links on the page to the non secure pages, I would use a 302 in that instance. At the same time if it is possible I would see if this can be corrected, because it is not proper. The same happens a lot going from non-secure to secure with some platforms as well.
This site has an example of what I mean. http://junglejumparoo.com/product/jungle-jumparoo/ If you add the product to the cart, then hover over the checkout button, it is http, but clicking it redirects you to https. Then on the next page, if you mouse over the menu, you will notice that all of the links are https now. That is handling ssl incorrectly, but in that case I would use a 302 redirect I guess.
Doing the redirect is a quick fix, but as a long game I would try to fix the issue itself and not do a redirect.
-
I think you may need to elaborate a little on your question as to why the page goes from http to https ie for a cart checkout etc?
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
I want to set different price type for India and USA through schema. for eaxmple website is abc.com & there is no cookie/country level redirection.
I am currently working on a website (Ed tech) that is doing business in India as well as USA. The courses are same. Content being served is also same. There is no cookie level redirection. The only difference is in the price range and price type. In schema we have set price type as $. We want to set different price type for India and USA through schema. How can we do this? For example given below website ranks for India & USA with the same domain name but prince range that we can setup either in INR or USA
Technical SEO | | DJ_James0 -
Amp page development issue
Hi everyone currently developing an amp version of my website it validates with no errors, however my <a name="blah"></a>some blah does not work for amp any ideas
Technical SEO | | livingphilosophy0 -
Bigcommerce only allows us to have https for our store only, not the other pages on our site, so we have a mix of https and http, how is this hurting us and what's the best way to fix?
So we aren't interested in paying a thousand dollars a month just to have https when we feel it's the only selling point of that package, so we have https for our store and the rest of the site blogs and all are http. I'm wondering if this would count as duplicate content or give us some other unforeseen penalty due to the half way approach of https being implemented. If this is hurting us, what would you recommend as a solution?
Technical SEO | | Deacyde0 -
Google dropping pages from SERPs even though indexed and cached. (Shift over to https suspected.)
Anybody know why pages that have previously been indexed - and that are still present in Google's cache - are now not appearing in Google SERPs? All the usual suspects - noindex, robots, duplication filter, 301s - have been ruled out. We shifted our site over from http to https last week and it appears to have started then, although we have also been playing around with our navigation structure a bit too. Here are a few examples... Example 1: Live URL: https://www.normanrecords.com/records/149002-memory-drawings-there-is-no-perfect-place Cached copy: http://webcache.googleusercontent.com/search?q=cache:https://www.normanrecords.com/records/149002-memory-drawings-there-is-no-perfect-place SERP (1): https://www.google.co.uk/search?q=memory+drawings+there+is+no+perfect+place SERP (2): https://www.google.co.uk/search?q=memory+drawings+there+is+no+perfect+place+site%3Awww.normanrecords.com Example 2: SERP: https://www.google.co.uk/search?q=deaf+center+recount+site%3Awww.normanrecords.com Live URL: https://www.normanrecords.com/records/149001-deaf-center-recount- Cached copy: http://webcache.googleusercontent.com/search?q=cache:https://www.normanrecords.com/records/149001-deaf-center-recount- These are pages that have been linked to from our homepage (Moz PA of 68) prominently for days, are present and correct in our sitemap (https://www.normanrecords.com/catalogue_sitemap.xml), have unique content, have decent on-page optimisation, etc. etc. We moved over to https on 11 Aug. There were some initial wobbles (e.g. 301s from normanrecords.com to www.normanrecords.com got caught up in a nasty loop due to the conflicting 301 from http to https) but these were quickly sorted (i.e. spotted and resolved within minutes). There have been some other changes made to the structure of the site (e.g. a reduction in the navigation options) but nothing I know of that would cause pages to drop like this. For the first example (Memory Drawings) we were ranking on the first page right up until this morning and have been receiving Google traffic for it ever since it was added to the site on 4 Aug. Any help very much appreciated! At the very end of my tether / understanding here... Cheers, Nathon
Technical SEO | | nathonraine0 -
Implementation of rel="next" & rel="prev"
Hi All, I'm looking to implement rel="next" & rel="prev", so I've been looking for examples. I looked at the source code for the MOZ.com forum, if anyone one is going to do it properly MOZ are. I noticed that the rel="next" & rel="prev" tags have been implemented in the a href tags that link to the previous and next pages rather than in the head. I'm assuming this is fine with Google but in their documentation they state to put the tags in the . Does it matter? Neil.
Technical SEO | | NDAY0 -
Does img src="http: count as a link?
Hi All I have looked in WMT and it says I am getting a lot of links from 1 affiliate - they have 100,000 pages on their site but GWT is showing me 200,000 links from their domain - each of their pages has the following code. Mysite I think we have Nofollowed the link but does the img src="http://www.site.co.uk/affiliate/affiliation-images/470x80.gif also act as a link and if so do I need to Nofollow that too? The image is stored on our server so the affiliate is linking to the banner image on our server. Would something such as this affect my rankings in a negative way? Thanks
Technical SEO | | MotoringSEO1 -
Photography Sites with Same Developer - Why Is One Ranking & Other Not?
I'm currently confused about the difference in ranking between two competing sites, created by the same agency. http://jmayphoto.com/index2.php#!/home (302 redirected from http://jmayphoto.com...yeah) is not ranking well, and I'm not surprised. However, competitor http://www.shanrenee.com/ is ranking within the top 5 spots for a primary target keyword (dallas wedding photographer) and I don't understand how it's doing so well. I definitely see differences, but not enough to explain how Shan Renee is one page. What am I missing?
Technical SEO | | BrittanyHighland0 -
Websites being hacked & duplicated, what should we do?
Hi, please help! Our website was hacked and being totally duplicated. They even injected codes to intercept our orders. Although the codes issue had been solved, still there're two mirror sites out there. When search for some of our key words, they even have good ranks. What exactly can we do to let Google ban those two sites. Thanks in advance!
Technical SEO | | Squall3150