Web General

1. Google and HTTPS Compliance

2. How to Avoid Indexing your Website Development Version

On January 31st 2017, version 56 of the Chrome web browser was released. There is a significant change in the way it displays websites that are not using HTTPS, also known as SSL. This change may confuse your site visitors or surprise you if you are not expecting it.

Google is really pushing HTTPS for all websites now.  Not only that but they are beginning to insist on every page being HTTPS compliant - not just contact form or checkout pages!

Any website that is not running HTTPS will have a message appear in the Google Chrome location bar that says “Not Secure” on pages that collect passwords or credit cards. It will look like this:

If it's only Google Chrome, it's No Big Deal, Right?

Wrong!  There's two reasons why, as web designers and web administrators with businesses to run, we must take this very seriously.

Firstly, according to current Browser Market Share statistics, Google Chrome accounts for 60% of all website traffic.  So, if you're not playing nice with Chrome, you're taking a pretty big risk.

Secondly, since Google is the single biggest search engine (and we mean biggest by far!) it will ultimately hurt your SEO and therefore your web page rankings if you don't comply with the HTTPS protocol.

How Do I Comply?

Firstly, purchase and implement an SSL certificate for your website.  The prices for certificates vary, with the more expensive ones giving extra validation for your website.  SSL certificates need to be renewed annually, so consider this when making your purchasing decision.

Secondly,  ask your developer to switch your site over to the 'HTTPS' protocol.  This involves some changes to how your site serves pages and rewrites URLs.

Thirdly, eliminate any 'mixed content' issues.  These issues are bound to arise on at least some of your website pages.  You can learn more about mixed content here.  Your web developer can assist with this also.

Finally, don't forget to let Google know that the HTTPS version of your website is the only one you want it to crawl and assess for SEO purposes. 

If you are working on your new website in an online development environment, or if you have a copy of your live site for staging / development purposes, it is imperative that you don't inadvertently let Google (or any Search Engine, for that matter) crawl your development site.

Allowing search engines to crawl both the live and development version of your site will harm your SEO, sometimes significantly.  This happens because of a number of factors, but not least due to splitting your SEO score across two sites and falling foul of duplicate content issues.

Block All Agents in Your Robots.txt File

The easiest way to impede Search Engines from indexing your development site is to add a robots.txt file to the primary domain directory (i.e. the parent web directory for your website).  This robots file should contain the single directive, given below:

User-agent: *
Disallow: /

Blocking Search Engines on WordPress

On a WordPress site, you don't need to trouble yourself with manually editing and uploading the robots.txt file.  You can simply visit the settings->reading management page and tick the box that says: discourage search engines from indexing this site.

Don't Forget to Remove the Directive when Going Live

If, ultimately, your development site will be deployed as the live website, then don't forget to edit the robots.txt file accordingly and / or deselect the setting on WordPress.