Http:// or HTTPS:// who knows or who cares?

By : Business Owner
Published 1st August 2017 |
Read latest comment - 17th August 2017

having fought and paid Google Adwords to maintain our position at the top of page 1, I am now told that to maintain a secure website our host  (EKM) needed to convert and redirect our web traffic to  https://www.hornseaink.com or we would descend into oblivion. 

We accepted the advice, made the change and descended in. To oblivion anyway. Less traffic,  poorer sales and spending even more money on Adwords protecting our own name and brand. Is this another Google money making scheme? Have we jumped without just cause, am I truly that stupid?

help advice and simplified explanation more Han welcome....

Share this post, email or print
Comments

It is always better to have the HTTPS as it shows you have more security and show it on your website. I only have the important part on https but am wondering if I should change it as people are being urged to only use sites with https   ... I also found adwords a complete waste of money as I was spending 3 or 4 times the amount to sales so have limited my daily source from them , also suppose I am only a small time seller so can't afford the huge costs of google.

These are just my few thoughts , but hopefully someone with more knowledge will be of more help


Hi Ray

Sorry mate, just seen this. Jumping straight to https is very dangerous and the web is littered with big sites that screwed it up and lost their traffic.

HTTPS is the way the world is going and Google is encouraging everyone to go this way as it means your web sessions are secure as any data sent to or from your site is encrypted.

But...

Google also sees http://www.website.com as a completely different website to https://www.website.com.

So you need to run both http and https in parrallel. There is a line of code you add to your web page which tells Google and any other search engine or service which web page you would like indexing. This is called a canonical and looks like this:

 <link rel="canonical" href="https://www.website.com/webpage1.html" >

This simply means that if Google lands on your http page, you are telling them to make the https version the primary one. But the http one will remain in Googles index, preserving any rankings until it is re-indexed as a https.

People will tell you different things, but we did this with MLS which had over 3 million pages at the time, we ran the http and https versions in parallel for 6 months. After that we then redirected the http site to the https one and saw no drop in traffic or rankings.

If your web designer tells you they need to redirect your http to https then say no! Having the canonical tag tells Google that you are pointing traffic to your new https site and not to index any more pages using the http version. This tag also stops you getting any duplicate content penalties.

Basically you don't want to redirect your http website to your https one until Google has re-indexed all of your webpages as https, which is why I give the 6 month rule of thumb. This ensures any rankings you have (and therefore web traffic) is unaffected.

Looking at your site, you have redirected straight to https, while there are still some http pages ie your blog (which looks like it's not being used) - http://www.hornseaink.com/blog/

If you are seeing reduced rankings, then I would ask your hosters to stop redirecting to https.  They have added the canonical tag which is good, so Google will still only index https pages. If you see traffic and enquiries recover, then not all of your pages have been indexed by Google yet, so run in parallel (ie http and https) for a few months.

Hope that makes sense, it is an extremely complex issue, but hosting providers should not be forcing or scaremongering ecommerce sites to cut over to https without giving a clear and thought out plan, explaining the issues, pitfalls and mitigating as much risk as possible.

Feel free to ask any questions.


Steve Richardson
Gaffer of My Local Services
My Local Services | Me on LinkedIn

Jumping in too .. Should I leave my website as it is then with all products being http but sign up, log in and payment sections being https..As despite now having on-site payment I am still getting a few abandoned sales (not as many as before though)  I have often seen website being completely https ,so wasn't 100% sure

thanks


Jumping in too .. Should I leave my website as it is then with all products being http but sign up, log in and payment sections being https..”
 

To be honest Andy, that doesn't make much sense. If you have already gone to the expense of a certificate and are already using https for part of your site, you might as well use it for all of your site and get any associated benefits. But as above don't suddenly just redirect everything.

To make your site www.pewterworld.co.uk fully https, you have a bit of work to do as you are currently in a halfway house. eg you can access your home page as https://www.pewterworld.co.uk/

But the rest of your site isn't ready as you have content on your pages which is pulling from a non secure source eg:

https://www.pewterworld.co.uk/Jewellery/Pendants/Celtic-Heart-Pendant-1

This page is insecure as it it references an image that is specifically coming from a http source:

The source of this is: http://www.pewterworld.co.uk/images/Delivery/4-7days.JPG

To fix this, you would instead just reference: /images/Delivery/4-7days.JPG

So you would need to make sure any absolute paths that point to http sources are changed for all of your product pages and the whole website.

You already have the canonical tag, eg:

<link rel="canonical" href="http://www.pewterworld.co.uk/Jewellery/Pendants/Celtic-Heart-Pendant-1" />

So when ready, change this from http to https.

Once you were happy Google had re-indexed all of your pages as https, you can then redirect all of your pages to https.

Obviously this is my fag packet research, so although I don't think it would be a big deal for you to move fully to https, don't go and implement a site wide https plan based on this post  

Make sure you sit down and plan it properly with your hosting partner/web bod.

Remember the 6 P's - Proper Planning Prevents P*** Poor Performance 


Steve Richardson
Gaffer of My Local Services
My Local Services | Me on LinkedIn

Possibly wrong advice or was OK at the time when I did this as I have had https for a while.

Thank You for the advise though I'll look into moving over completely soon with the help of my hosting site and a bit of advise on how to implement correctly, lucky enough they are very helpful


Found  solution to the image ,albeit a lot of work by adding a S into every product ,already done Bar-ware so it passes why no padlock now  .Have added the https to google to start search for the links ,although not sure if they will , but time will tell 


Found  solution to the image ,albeit a lot of work by adding a S into every product ,already done Bar-ware so it passes why no padlock now  .Have added the https to google to start search for the links ,although not sure if they will , but time will tell ”
 

The reason you don't have a padlock is because you are still referencing unsecured elements in your web page, eg:

Have a chat with your hosting bods. None of it is major, it just needs them to go through your site and remove any http dependencies. 


Steve Richardson
Gaffer of My Local Services
My Local Services | Me on LinkedIn

I would definitely go for https. It gives your customers extra confidence, secures the information that is processed by the website, and, quite frankly, is a must if you sell online!


Fixed Fee Legal Services | Bespoke Document Drafting | Document Templates
The Legal Stop | www.thelegalstop.co.uk

Well, as recommended, I urged caution and a slowly slowly catch the monkey type approach to change. My Wife on the other hand argued that she wanted a padlock on her website when'her' customers were visiting and placing orders. She added that she wont buy anything unless the web site she visited had a padlock visible so she was having one too, she didn't need to understand all of that techno rubbish, she just wanted a padlock 'its not really complicated is it, she said'.... arguably the most analytical approach to business decision making that I have ever seen.

Without delay she set up her own google console to monitor traffic, instructed our providers to make the changes to our site (http to https and (on the advise of my local services removed our blog that was not being used and was an http address). 

Result, slower traffic for a couple of days while we were re indexed by google 'but' we appear to have bounced back and seem to be getting more clicks now?

Not sure if it is relevant but we are getting more 'new' customers now (much of our existing traffic was repeat business).

Guess I will stick to working with the criminals, less complex and by far easier to understand..

We are now https because she wanted a padlock...

Simple


Post Reply Post a new message to this Thread