: Should I force secure access to my web sites? Now that Let's Encrypt is in public beta, I'm adding secure browsing to many of my web sites. But should I force secure access, or allow visitors

Now that Let's Encrypt is in public beta, I'm adding secure browsing to many of my web sites. But should I force secure access, or allow visitors to choose how they access those sites?

In researching this, I've found statements like the following:

Secure browsing does add some overhead, but not enough to worry about.
Google prefers secure sites, and ranks them more highly.
Google sees a page that is available via both HTTP and HTTPS as duplicate content, which may hurt search ranking.

Google's documentation seems to confirm #2 , but not #3 :

Secure your site with HTTPS
Duplicate content
Use canonical URLs

10.01% popularity Vote Up Vote Down

: Moving from 23 separate subdomains to 23 subfolders under the www subdomain Our current GWT setup reflects our current setup of 23 geotargetted individual sites each on its own subdomain of the

@Gretchen104

Posted in: #GoogleSearchConsole #Seo

1 Comments

: Is there SEO value or danger when creating product comparison functionality? I am building a Product comparison web/application into my website. It will compare products by specs, price etc.

@Gretchen104

Posted in: #Seo #WebCrawlers #WebDevelopment

2 Comments

: Unresponsive registrar We have a domain that was bought through www.activeregistrar.com several years ago by a previous employee. All the domain does not expire until late next year, we have moved

@Gretchen104

Posted in: #DomainRegistrar #Domains

1 Comments

: It's bit longer, but still can be important. If you are using Google Analytics, you've already agreed to their policies. You will give your end users proper notice about the implementations

@Gretchen104

0 Comments

Login to post a comment!

1 Comments

Sorted by latest first Latest Oldest Best

@Marchetta884

All three of those points are true. As far as #3 goes, what happens is your site traffic gets diluted by splitting it up between http and https. So it's better to just redirect http to https.

Should you do this? For the slight improvement in search ranking, yes, and to protect from man-in-the-middle attacks, and other potential security attacks, if you need that protection. It does slow down start up due to SSL handshaking but there is not much disadvantage to doing so.

10% popularity Vote Up Vote Down

Feed

: Should I force secure access to my web sites? Now that Let's Encrypt is in public beta, I'm adding secure browsing to many of my web sites. But should I force secure access, or allow visitors

More posts by @Gretchen104

: Moving from 23 separate subdomains to 23 subfolders under the www subdomain Our current GWT setup reflects our current setup of 23 geotargetted individual sites each on its own subdomain of the

: Is there SEO value or danger when creating product comparison functionality? I am building a Product comparison web/application into my website. It will compare products by specs, price etc.

: Unresponsive registrar We have a domain that was bought through www.activeregistrar.com several years ago by a previous employee. All the domain does not expire until late next year, we have moved

: It's bit longer, but still can be important. If you are using Google Analytics, you've already agreed to their policies. You will give your end users proper notice about the implementations

Login to post a comment!

1 Comments

Back to top | Use Dark Theme