1. No Profile Picture
    SEO Chat Explorer (0 - 99 posts)

    Join Date
    Dec 2016
    Rep Power

    Duplicate sites: HTTP and HTTPS

    I've taken over a site that seems to have both HTTP and HTTPS versions - both live. Whenever I do a crawl on the site using one of the crawling tools (Screaming Frog / Website Auditor) everything comes up as duplicate content.
    However, when I queried the developer about this, this is the reply I got:

    "While it is possible make the site inaccessible by HTTP, there is no duplication of data. Some areas of the site require encrypted data. (logins etc.) disabling HTTP on the site would simply mean that the site takes longer to load, and that the server has to work harder to send the data.Rest assured there is not two copies of the site, and all the content and metadata is being sent from the same source."

    Is that correct? I'm partly in the mind to ask them to redirect the whole site to HTTPS regardless.

    Can anybody help?
  2. #2
  3. Not An Expert
    SEO Chat Hero (2000 - 2499 posts)

    Join Date
    Jan 2015
    Rep Power
    Hello and welcome,

    I think this is out of my depth, but I do have some questions...

    How is this site actually set up? You say at the beginning that both the HTTP and HTTPS versions are active at the same time. That implies to me that the entire site - every single page - exists as both an HTTP and an HTTPS version. But in the client's message to you, they seem to be implying that their site is mostly HTTP...and only a few pages that matter (ones with log-in or credit card fields, I imagine) are HTTPS.

    Which is it?

    If it's the former (entire site exists in both HTTP and HTTPS versions) then:

    Originally Posted by MThoma15
    I'm partly in the mind to ask them to redirect the whole site to HTTPS regardless.
    this should be easy for them, because they already have every page set up in HTTPS. Of course, if it isn't done properly they might experience a temporary decrease in rankings. We get a lot of newbies here who post saying they lost rankings for a few weeks/months/etc.

    If it's the latter (most of site is HTTP and only the pages that need extra security are HTTPS), then they're probably fine as they are...but then I don't understand why every page they have is showing up as duplicated.

    Another thought occurs to me - maybe the client doesn't actually know how their site is set up. Your contact may believe that only a few pages exist as HTTPS and are redirected properly, when in fact the site exists in two distinct versions and they aren't hooked up properly. I can see this happening if they've used a lot of freelancers in the past, and maybe communication between them wasn't the best. It could be worth investigating how the site is really set up, or seeking further clarification from the client. I could be wrong, it's just a random thought that occurs to me.

    But like I said, I feel a little out of my depth here so hopefully someone else will reply too!
  4. #3
  5. Dinosaur
    SEO Chat Mastermind (5000+ posts)

    Join Date
    Jun 2011
    Rep Power
    can you get to http://domain.com and https://domain.com without being redirected ?
    If the anwser is yes then yes the site is duplicated and the developer dont understand how internet procals work.

    I bet I know how this has come about.
    They added an area maybe a shopping basket that is https, all links to that area are https. However if within the checkout area there are links that are relative i.e. /products then it will use the current protocol.
    If that is the case, they will have to implement absolute urls back to the unsecure areas or move over to https completly.

    Mixing the 2 really only causes problems really it would make their life a lot easier converting over.

    Comments on this post

    • Will-O-The-Wisp agrees
  6. #4
  7. No Profile Picture
    SEO Chat Scholar (3000 - 3499 posts)

    Join Date
    Sep 2016
    Rep Power
    To redirect http to https on a IIS server, add the the following lines to your web.config in the following section....

    <httpRedirect enabled="true"
    httpResponseStatus="Permanent" />

    On a linux system.... add the follow lines to your htaccess file

    #Next fix it so all traffic is re-routed to https version of site
    RewriteCond %{HTTPS} off
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

    These snippets will, depending on which server you use, IIS or Linux redirect all traffic to the https version of site permanetly.
    Besides if you have pages password protected or a shopping cart and take credit cards you need to do this anyway. Or Google
    will label your site as unsecure. Google I thinks will be starting this behavior Jan 2017 if I remember correctly.

    Also you get a small boost in SERPS if your site is https. Just another reason to do it. Also if you complain about the cost, LOL
    read the post here -->> SSL Certificate. It contains 3 Places if I recall correctly to get FREE SSL

    Also if you use GSC, make sure you include the https version of the site as well... you would be surprised how many forget to do this... LOL

    Comments on this post

    • Will-O-The-Wisp agrees

Similar Threads

  1. Which converts better? http,https, http://www, https://www
    By ThomasHarvey in forum Search Engine Optimization
    Replies: 7
    Last Post: Jul 26th, 2017, 03:14 PM
  2. https and http - Spider Simulator not crawling the https website
    By travelauto in forum New User SEO Questions and Answers
    Replies: 1
    Last Post: Aug 25th, 2015, 12:27 PM
  3. HTTP and HTTPS
    By Hilary in forum Google Optimization
    Replies: 2
    Last Post: Apr 1st, 2009, 10:04 PM
  4. Https vs http
    By purse9644 in forum Google Optimization
    Replies: 1
    Last Post: Feb 10th, 2009, 10:57 AM
  5. HTTP vs HTTPS & Duplicate Content
    By sef165 in forum Search Engine Optimization
    Replies: 5
    Last Post: Apr 11th, 2008, 01:22 PM

IMN logo majestic logo threadwatch logo seochat tools logo