SEO Know How | Http vs Https

Wednesday, February 17th, 2010

Today a DEV team reached out to me with an interesting question.
The question was phrased along the lines of:

“For security reasons, we want the new site we are building to reside entirely on HTTPS vs on HTTP. Are there any SEO concerns with this approach?”

This was a bit of a new question for me because generally I have had to deal with issues regarding having both HTTP and HTTPS, and had actually never considered having built a site from the ground up on HTTPS only from the get go.

I am working through gathering all the pros and cons and other considerations that I need to make them aware of from an SEO perspective.

Here are a few of my recommendations so far:

HTTP and HTTPS
If both types of URLs are allowed on the website, we will need to watch out for URL Confusion. Canonical URL’s, so proper implementation will be key.

  • All internal links to and from HTTPS pages need to be 100% consistent and specify HTTP or HTTPS (so no relative path).
  • We may have to setup smaller numbers of 301 redirects for specific pages which need to go HTTPS, or we may have to setup a global redirect to HTTP, with some pages excluded from the rule so they resolve as HTTPS.
  • We may have to setup separate XML Sitemaps for the HTTP and HTTPS pages.

    • HTTPS Only
    If the vast majority of pages have to be secure but indexed, it may make more sense to setup a global 301 redirect to push all requests for HTTP to their HTTPS versions.
    We could also add in a consistent Canonical Tag and launch a single XML Sitemap consisting of only HTTPS URLs to help reinforce to the Search Engines which is the preferred URL format.

    Some other SEO notes and considerations to keep in mind are that HTTPS pages tend to be slightly slower than HTTP pages, and we all know that site speed is an important factor for many reasons including SEM quality score and also for UX as well as SEO.
    Also Google does not appear to have any issues with indexing HTTPS, and many sites such as banking sites where security is a big concern, have both HTTP and HTTPS with 301 or 302’s in place.

    Other concerns that should be discussed internally are expired certificates or server reboots which can cause issues with certificates functioning properly and produce pop up warnings to visitors directly in their browsers which is also a definite a UX consideration.

    Written by Warren Lee.