Http and https protocols being indexed for e-commerce website
-
Hi team,
Our new e-commerce website has launched and I've noticed both http and https protocols are being indexed.
Our old website was http with only the necessary pages running https (cart, checkout etc). No https pages were indexed and you couldn't access a https page if you manually typed it into the browser.
We outrank our competition by a mile, so I'm treading carefully here and don't want to undo the progress we made on the old site, so I have a few questions:
1. How exactly do we remove one protocol from the index? We are running on Drupal. We tried a hard redirect from https to http and excluded the relevant pages (cart, login etc from the redirect), but found that you could still access https pages if you we're in the cart (https) and then pressed back on the browser button for example. At that point you could browse the entire site on https.
2. Is the safer option to emulate what we had in place on the old website e.g http with only the necessary pages being https, rather than making the switch to sitewide https?
I've been struggling with this one, so any help would be much appreciated.
Jake S
-
Just checked my GA data and you're right. Referral data from mountainjade.co.nz is there. Thanks for the heads up.
I've decided to make the switch to https, so will be organising that with dev in the coming few weeks. I'll keep you posted!
Cheers for the help again Logan,
I owe ya.
-
Great!
I've decided to make the full switch to https now, rather than wait to do it.
I will report back and let you know how it all goes!
Thanks for your help Laura.
-
I don't know why this didn't cross my mind until now, but having both versions can also mess up your Google Analytics data. Going from one to the other (can't remember which direction) creates a new session. You've probably got a lot of self-referring traffic showing up in your reports.
-
Hey Bas,
My developers share your sentiment!
Both versions of the website can be accessed by both the customer and the bots, but because we use relative urls, it can switch between http and https is a single session. This is one example:
1. Land on the homepage from a google search (http homepage is indexed).
2. Browse site on http. Add something to cart. Go to cart.
3. Cart switches to https. Navigate out of cart back into website.
4. Now urls are all https because the links on our site are relative and don't specify a protocol (e.g customer is in cart and then wants to check contact us page, it's link when clicked is as follows [Contact](/contact us). So it pulls the https protocol as there is not http protocol specified in that contact us link.
Hmmm, it definitely could be effecting UX and conversion.
-
Ideally, you'll migrate the entire site to https, and Cyrus' guide is a good one. Google has some helpful info for an http to https migration at https://support.google.com/webmasters/answer/6073543?hl=en.
The canonical tag solution is for the situation where you can't or don't want to go ahead and switch the whole site over to https right away. Either way, make sure Google knows, either through 301-redirects or canonical tags, that the http and https versions are the same page.
-
Hi Laura,
Wow, when I said we have self referencing canonicals in place (through Drupal Yoast) I hadn't even thought that it could be applying a canonical to the https version of the site aswell.
I just crawled both http and https and as you're right, the following is happening:
http://example.com is canonicalized to http://example.com
https://example.com is canonicalized to https://example.com
But I'm a little confused. In my first post I was looking for help because google was indexing both http and https pages. Are you saying that it's because of these canonicals that google is indexing both? Would it index both even if I didn't have the canonicals in place but still had SSL?
Just to confirm, canonicalizing the http URLs to the https URLs will tell google to fold the http URLs into the https and only index the https version of the site? Would I need to follow the https migration guide by Cyrus when doing this, or is this not really a 'migration' to https as we're not forcing the customer to browse in https?
Bear with me!
-
I agree with the others. I think you should pick a horse and ride it. Indecision is only causing more confusion on Google's part and is going to hurt you in the long run. Google says they prefer HTTPS and I've seen evidence of that. You're already paying for an SSL so you might as well use it to the max.
As Laura said, if you've got self-referring canonical tags on both secure and non-secure URLs, you're setting yourself up for some pretty big issues.
-
Hi Jacob,
I understand the issue. I think that this way you're not making a decision where you really should:
Either you use non-ssl or either you use ssl. To continue with the both is a terrible situation: nobody really knows what the they are supposed to know.For instance: is it possible that someone starts on the thomepage (non-ssl), goes to a product page (ssl) and then to the shopping cart which is again non-ssl? If that is the case you should really check your conversion rate because that in itself might be very damaging as well.
Yours,
Bas -
When you say you currently have self referencing canonicals, is the following happening?
The page http://example.com is canonicalized to http://example.com.
The page https://example.com is canonicalized to https://example.com.
If so, this is the bigger problem because Google sees these as 2 different URLs and may index both of them. Furthermore, you could be splitting backlinks between 2 URLs unnecessarily. This duplicate issue may be part of the reason you saw organic traffic drop when you launched your new site.
If the HTTPS URLs are already being indexed by Google, go ahead and canonicalize the http URLs to the https URLs. In other words, http://example.com will canonicalize to https://example.com.
By setting up the canonical this way, Google will fold the two URLs together and correctly treat them as the same page.
-
Good morning Laura,
Thanks for the advice.
I've replied below to Logan giving a little context. If you could take a look and let me know your thoughts it would be a huge help.
-
Hi again Logan,
I've tossed up whether or not to make the full switch to https for a while now. I'll give you a little background so you understand my position:
When our new website launched, our organic search traffic took a dip of around 15%. It has taken around two months for it to recover (almost). We changed site structure out of necessity but followed best practise to ensure we didn't undo alot of the work we had done with the old website. With the 15% organic rankings dip we saw a corresponding dip in revenue, so what I don't want to do is muddy the waters anymore than they already are by adding more moving parts to the mix (migration / redesign / http to https). And we cannot risk another dip in revenue so close to the first which may come with a full https migration (do you think?).
This is why I'm leaning toward replicating what we had in place on the old website and only forcing https on the necessary pages.
Now that you understand my position, would you still recommend the switch to https? I would love to know your thoughts.
The catch with all of this is I'm not sure exactly how the http https was implemented on the old website. At that point in time I had no need to know.
We currently have self referencing canonicals which you know we need to maintain, particularly on product pages which use URL parameters. We are also using relative links across the entire website.
Therefore, what would be the best solution here? Down the rabbit hole we go...
Thanks for your time,
-
Hi Jacob,
Cyrus Shepard put together a great guide on HTTPS migrations. Since you've already got an SSL, you may as well apply it to the whole site and set your preferred domain as HTTPS (as Laura and Bas mentioned). In the guide, he details the best ways to ensure search engines index the version you want via 301 redirect rules, canonical tags, and XML sitemaps. Don't forget to set up Search Console properties for HTTPS - www and non-www versions and set your preferred domain there as well.
Run this query in Google to monitor what they've got in their index as the canonical domain: info:mountainjade.co.nz
-
Agree with Laura: better to let the https be indexed. Nice links by the way for this topic.
Bas
-
In your case, the best thing to do is set up canonical tags to let Google know which version of the URL should be indexed. That way, it doesn't matter if Google can access the https page, and you won't have the duplicate content problem that you have now.
I can't advise you on the best way to set this up with Drupal, but you'll need to be wary of any type of automatic canonical tags. You may end up with an "http" canonical link on the http page and an "https" canonical link on the https page. That doesn't solve the problem at all.
If you are not already familiar with canonical tags, you can learn more at the links below.
- https://support.google.com/webmasters/answer/139066?hl=en
- https://mza.seotoolninja.com/learn/seo/canonicalization
- https://webmasters.googleblog.com/2013/04/5-common-mistakes-with-relcanonical.html
By the way, I would set it up so that Google indexes the https version of your pages rather than the http version.
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Same URL-Structure & the same number of URLs indexed on two different websites - can it lead to a Google penalty?
Hey guys. I've got a question about the url structure on two different websites with a similar topic (bith are job search websites). Although we are going to publish different content (texts) on these two websites and they will differ visually, the url structure (except for the domain name) remains exactly the same, as does the number of indexed landingpages on both pages. For example, www.yyy.com/jobs/mobile-developer & www.zzz.com/jobs/mobile-developer. In your opinion, can this lead to a Google penalty? Thanks in advance!
Intermediate & Advanced SEO | | vde130 -
Development/Test Ecommerce Website Mistakenly Indexed
My question is - relatively speaking, how damaging to SEO is it to have BOTH your development/testing site and your live version indexed/crawled by Google and appearing in the SERPs? We just launched about a month ago, and made a change to the robots text on the development site without noticing ... which lead to it being indexed too.So now the ecommerce website is duplicated in Google ... each under different URLs of course (and on diff servers, DNS etc) We'll fix it right away ... and block crawlers to the development site. But again, may general question is what is the general damage to SEO ... if any ... created by this kind of mistake. My feeling is nothing significant
Intermediate & Advanced SEO | | estampe1230 -
2 Duplicate E-commerce sites Risk vs Reward
Hi guys I have a duplicate content question I was hoping someone might be able to give me some advice on? I work for a small company in the UK and in our niche we have a huge product range and an excellent website providing the customer with a very good experience. We’re also backed up by a bespoke warehouse/logistic management system further enhancing the quality of our product. We get most traffic through PPC and are not one of the biggest brands in the industry and have to fight for marketshare. Recently we were approached by another company in our industry that have built up a huge and engaged audience over decades but can’t logistically tap into their following to sell the products so they have suggested a partnership. They are huge fans of what we do and basically want a copy of our site to be rebranded and hosted on a subdomain of their website and we would then pay them a commission of all the sales the new site received. So 2 identical sites with different branding would exist. Based on tests they have carried out we could potentially double our sales in weeks and the potential is huge so we are excited about the possibility. But…..how would we handle the duplicate content, would we be penalised? Would just one of the sites be penalised? Or if sales increase as much as we think they might, would it be worth a penalty as our current rankings aren’t great? Any advice would be great. Cheers Richard
Intermediate & Advanced SEO | | Rich_9950 -
Now that Google will be indexing Twitter, are Twitter backlinks likely to effect website rank in the SERPs?
About a year (or 2) ago, Matt Cutts said that Twitter and FB have no effect on website rank, in part because Google can't get to the content. Now that Google will be indexing Twitter (again), do we expect that links in twitter posts will be useful backlinks for improving SERP rank?
Intermediate & Advanced SEO | | Thriveworks-Counseling1 -
Removing pages from index
My client is running 4 websites on ModX CMS and using the same database for all the sites. Roger has discovered that one of the sites has 2050 302 redirects pointing to the clients other sites. The Sitemap for the site in question includes 860 pages. Google Webmaster Tools has indexed 540 pages. Roger has discovered 5200 pages and a Site: query of Google reveals 7200 pages. Diving into the SERP results many of the pages indexed are pointing to the other 3 sites. I believe there is a configuration problem with the site because the other sites when crawled do not have a huge volume of redirects. My concern is how can we remove from Google's index the 2050 pages that are redirecting to the other sites via a 302 redirect?
Intermediate & Advanced SEO | | tinbum0 -
Removing index.php
I have question for the community and whether or not this is a good or bad idea. I currently have a Joomla site that displays www.domain.com/index.php in all the URLs with the exception of the home page. I have read that it's better to not have index.php showing in the URL at all. Does it really matter if I have index.php in my URL? I've read that it is a bad practice. I am thinking about installing the sh404SEF component on my site and removing the index.php. However, I rank pretty high for the keywords I want in Google, Bing and Yahoo. All of the URLs that show up in the searches have index.php as part of the URL. Has anyone ever used sh404SEF to remove the index.php and how did you overcome not loosing your search engine links? I don't want an existing search showing www.domain.com/index.php/sales and it not linking to the correct page which would now be www.domain.com/sales. I guess I could insert the proper redirects in the htaccess file. But I was hoping to avoid having every page of my site in the htaccess file for redirecting. Any help or advice appreciated.
Intermediate & Advanced SEO | | MedGroupMedia0 -
How are you taking you e-commerce site forward in 2014
Hi MOZland, With a new (our first e-commerce) client, we're going through a massive learning curve in handling a site of substantial size and complexity for the first time. While we've weeded out most of the on-page stuff that needed sorting, and we're in the process of dumping poor links implemented by previous SEO/online marketing efforts, do you have any suggestions about how to take a big e-commerce site forward in 2014, especially concerning technical pitfalls and link building efforts (and given that guest blogging has become something of a faux pas). Cheers, M
Intermediate & Advanced SEO | | Martin_S0 -
E- commerce websites - Best method for earning links ?
Hello everyone, Lots of my clients are e-commerce websites and I would like to know if some of you would like to share a good method to earn backlinks so I can share with them all some sort of roadmap. Thank you Regards
Intermediate & Advanced SEO | | Amadeus_eBC0