switching between http and https - how to inform google - http

My site is deployed on amazon aws and I have two listeners on the load balancer.
One for http and one for https.
Google links to the http url, however I'd like it to link to the https listener as I am about to disable the http listener on port 80.
Can anyone recommend an approach which will result in the smoothest transition from the perspective of people finding my site through google?

You'll need a redirect. This means, that for now, you can't turn of the listener on http, but need to put the permanent redirect there instead. When google next checks, it'll spot the permanent redirect, drop the old link and create the new.
You could try submitting a new site map, but you'd lose any ranking your old links had gained as they would all appear as new links, plus there's no telling how long it would take Google to use the site map.
And there's also Bing and Yahoo and other search engines. Probably not as common, but best to hits a solution that gets them all.
Redirect using .htaccess - google it or reply here if you're stuck and I'll add to the answer

Related

having "https" at the beginning of URL without having to manually add it

I have a Comodo SSL certificate on my host plan, however when accesing my site from google, it sends me automatically to
http://example.com, Where the green lock doesn't appear.
If I manually add "https", like: https://example.com it does show up!
Is there a way to access my website always with the green lock showing up? instead of manually having to write it everytime?
You can easily redirect to the https version of any page using rewrite rules/rewrite module of your web server (the exact way to do this depends on the webserver used). Ask your provider, this is a common case so there may even be a UI option in your console to do this.
Regarding google see this: https://webmasters.stackexchange.com/questions/67212/how-to-convince-google-to-list-https-version-of-website
It may also be good form to verify the protocol used to access the site in your authentication module and refuse authentication if the wrong protocol is used. Assuming web rules are used to redirect traffic this would to prevent leaking information due to a misconfiguration/bug.

W3 Total Cache, HTTPS and Goog Analytics

I have a website, I've implemented the SSL functionability a few days ago.
Now the website is correctly reachable at HTTPS url.
However...
When I visit any page of my website, the URL shown in the navigator address bar is correct... example: https://domain.com/post/.
That's fine.
However, Google Analytics is registering those visits as webpages with another URL. Google analytics shows another url where the visit was done, and that url is in this example: /wp-content/cache/page_enhanced/domain.com/post/_index.html_gzip
How can I resolve that problem? Where is the issue?
Things I've done:
1) 301 redirect from all old http url to all new https url.
2) Google Analytics property was configured, the url of the website was changed to HTTPS.
Thanks all for reading and hope to find a solution for this problem.
Regards,
Pablo
This depends on how you included Analytics.
1) If the WordPress framework send the 'click' to Analytics in the back-end code, then there might be a problem with sending the wrong 'url' that is visited. (Have a look at PHP's $_SERVER variables; probably the SCRIPT_FILENAME is sent instead of REQUEST_URI.)
2) If you manually insterted the embed code from Analytics in your template, the url detection is all done based on the url in the browser, so you would never see your own filepath info there, unless it's being sent.

How can Https links from Google search be redirected to Http after the SSL was removed from site?

Recently I added SSL to my WordPress site but it started causing some problems (conflicts with Woocommerce and WP Super Cache plugins). The problem the I was having because of SSL was that the the Woocommerce cart was sometimes showing empty even after adding a product ans sometime the cart was not proceeding to checkout page. Do you think it had something to do with WP Super Cache or SSL or both? Anyway, I couldn't get it solved and removed the SSL after 2 days. But meanwhile Google had indexed the HTTPS URLs of my site and was showing them in the search results and they were returning SSL connection error. Now my question is how can I redirect all those HTTPS URLs to the HTTP ones? I asked my web host for help but said the redirection is not possible through htaccess or any other method. Was he right? How long will Google take to 'forget' these HTTPS links and show the HTTPS links again in search Results?
There are two standard ways to redirect:
At the DNS level
At the HTTP level
The DNS level can't help you because it just changes hostname. You want to keep the same hostname but change the scheme. This means you need an HTTP server to do the redirect.
In order to redirect from https to http you need to have an HTTPS service running on the computer with the IP address that the hostname resolves to.
Without that, there is nothing the receive the HTTP request over SSL and response with "Oh, this has moved to plain HTTP".
If the SSL service isn't running, then there is nothing that can do that.
(.htaccess is just a (suboptimal) means to configure an HTTP server, that does no good if you don't have the HTTP server listening on SSL).
Personally I'd fix the https issues. The world is going more https everyday so it's a backwards step to go from https to http. If you elaborate on what issues you had someone might be able to help.
However if you really want to do this then you need to run both http and https and redirect all traffic from https to http. How you do this depends on your set up (in Apache you'd do it using htaccess config).
How long it takes Google to fronded your site depends on many factors including the size and popularity of your site - which governs how often Google crawls your website. Give it a month at least for a small site. You can give it a kick by submitting your site to Google Search Console (the new name for Google Webmaster Tools).
Btw StackOverflow is primarily for programming questions so questions like this might be better asked on the http://webmasters.stackexchange.com sister site.

Should a whole site be https or just key pages (and how to keep pages http from https)

I've just put an ssl on a WP site and was wondering if all pages should be https, or just the key ones (checkout, etc).
It's about 1500 pages and posts. So going through and finding all non secure assets could take a while.
1) Is it worth making the whole site https?
2) Is the speed an issue these days (from the research I've been doing, it appears it's not so much of an issue anymore)
3) If only key pages are https, is it possible to make the links on the page http (ie After ordering on a secure page, the customer is redirected to a secure confirmation page. But let's say they then click through to the blog... the blog shows up as https... but because it has unsecure elements, it shows error messages in the browser. So, is it possible to click from a https page to a non https page.
(I am using the "Wordpress Https Plugin", which has a "Force SSL Exclusively" function, but, this causes problems with the shopping cart on there, so it can't be used.) Thanks
You kow, honestly, at this point if you're making any page secured with https -- which means you somehow deal with the cert issue -- just make them all. The performance hit is less noticeable if the first SSL/TLS handshake happens when first finding the landing page, and there aren't many advantages to sticking with HTTP.
Update
I guess that wasn't clear enough, or I Hm, I think I just got tl;dr on a one paragraph answer.
IF "you're going to use HTTPS at all"
THEN
"You might as well just use it everywhere."
ELSE
"Don't."
FI
Yes, you should definitely make your entire website https is you are able. However, mixing non-https content inside the same page will make most browsers give users warnings, which might confuse them into thinking your site has security problems.
Linking to non-https sites is not a problem, but using assets (javascript, css, images) from non-https sites is.
Unless your site is visited daily by millions of users, you probably shouldn't worry about the performance hit and make the whole thing https. Remember that nowadays Google takes https as a signal for better ranking your site, so it's good for SEO as well.

Google Analytics: cross domain tracking without URL parameters

Just had a quick question: right now when you are doing cross domain tracking with Analytics, the URL has parameters added to them to track it. I was just wondering, is there a way to use something like POST or any other method to pass the cookie info from one domain to the next so the URL does not seem so messy with all the URL parameters being added.
E.g. going from google.com to yahoo.com/lots_of_paramters, could we go to just yahoo.com/gclid=123
Cheers,
Yuri
The parameters are read on the other domain to recreate the same Google Analytics cookies.
Data sent on POST is not available on the posted page through Javascript only on the back end. So you would need the backend to actually store this data and send back to the interface, maybe through AJAX to recreate the cookies there.
Another idea is probably to try to parse the cookies server side and send them as new cookies, so the Javascript code on the destination domain wouldn't need to recreate the cookies, they would be normal HTTP Header set cookies.
Still it's a lot of work and fuzz just to pass the cookies on. Urls are ugly but are still the easiest and portable way to handle the problem.

Resources