Managing Secure Protocol in Apache-Based Websites using PHP - First Potential Problem: Duplicate Content! (
Page 2 of 4 )
If your security certificate is now issued or running and the configuration of the https was done right on your server, the first thing you need to avoid is duplicate content in the https protocol. A lot of websites make this mistake, and Google ends up indexing both protocols (http and https). This is considered a serious duplicate content issue in Google.
If both the http and https versions of your web site can be indexed, you will see serious ranking issues stemming from the duplicate content. These issues arise because Google splits up the link authority between the http and https protocol instead of concentrating it in the http protocol, which is preferable to rank in Google. This weakening of the internal link structure affects the site's search engine optimization efforts.
There are basically two ways to correct this. The first method seems to be the most effective in start up websites (if Google has not yet indexed the https version). The second method will be applicable if Google already indexes the https version aside from the canonical http version, and the https version has some Google Page rank.
FIRST SOLUTION: In all https (secure) pages, place a Meta no index tag.
Wow, what is Meta no index tag anyway? The most recommended format is:
<META NAME="ROBOTS" CONTENT="NOINDEX">
According to Google, when they see this tag on the page, Googlebot will still crawl the page as well as the links, but will not index the site to place it in the search results. This should avoid issues with duplicate content.
So what is the PHP script for the first
solution?
<?php
if (isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on')
{
echo '<META NAME="ROBOTS" CONTENT="NOINDEX">'. "n";
}
else
{
echo '<META NAME="ROBOTS" CONTENT="INDEX, FOLLOW">';
}
?>
This script will check to see if the protocol running is https. If it is a secure protocol, it will return the meta noindex tag; otherwise, the page will be indexable by Googlebot.
To use this script, you must insert it script somewhere in the <head> </head> section of your website template (one is that used by all pages, like header.php in WordPress). To find out if this is working according to plan, open any URL in your website which is not https. Try to view the source code of that page. You should see this:
META NAME="ROBOTS" CONTENT="INDEX, FOLLOW">
Otherwise, if it is a secure protocol, it should have this instead:
<META NAME="ROBOTS" CONTENT="NOINDEX">
/ 5 
