|http and https version of the pages of same website|
all about SSL issues in an website
| 10:15 am on Feb 15, 2011 (gmt 0)|
I have an e-commerce website. The main issue is that my developer 302 redirected the non http version of the page to its respective https page. I know that search engines do not like 302 mode of redirection and I need to change it to the 301, but the main issue is almost 80% of my website URLs have been indexed and crawled with the https version including the home page.
I am planning to optimize my website with the https version only. Can anyone please help me out in this regard. Will it be fruitful if I optimize the website with the https pages, or should I first solve the SSL issue and them plan of the optimization on the non http version of the pages.
| 2:19 pm on Feb 15, 2011 (gmt 0)|
It doesn't make any sense at all to do this, some people still haven't turned off the "you are about to view pages over a secure connection" message, so if you're talking about inbound links why potentially prompt a visitor when they click? Just let them in.
Take off the 302, optimize the site for HTTP, and only switch users to pages that actually REQUIRE HTTPS, like the login and checkout. For internal linking, you should just be linking to href="/page.html"> without a domain anyway.
| 4:24 pm on Feb 15, 2011 (gmt 0)|
The only thing that you don't want to do is redirect from a secure page to a non-secure page. In IE, that action triggers a security warning, "You are about to leave an encrypted page", which many shoppers would get antsy over.
There's nothing wrong with serving your entire site via secure (SSL) pages. There's a small performance penalty, but not a show-stopper.
If you do offer your pages via SSL, ensure that *every* item on the page is fetched via SSL, otherwise shoppers receive the warning message, "This page contains both secure and non-secure items", which causes shoppers to get antsy.
EDIT: I almost forgot about Cookies. If you serve up cookies, they must be marked as "Secure", per RFC 2109, or else McAfee will go nutso.