Last week at SES Chicago, we were sitting in some site review panels and came across an identical problem on two completely different sites: duplicate content on both secure and non secure pages.
Here’s a summary of how the problem occurs. Your shopping cart exists at https://example.com/cart/ Instead of building all of your links with absolute URL’s, you build them with relative links. Once a spider comes across a secure page with relative internal links, it will follow them. The problem is all of these links lead to secure pages, so search engines now have two versions of your website, and you have a potential internal duplicate content problem. While this isn’t a defcon 1 catastrophic failure issue, it’s an easy one to prevent and solve. Remember that everything you do to make your site easier for search engine spiders to understand will always work in your favor and that you never want to rely on band aid solutions to solve bad architecture problems.
- Use absolute URL’s if at all possible. Use a server side variable to build the domain so you can move files easily from development to production without worrying about creating issues.
- Use a server side programing solution to force pages to be secure/non secure. Don’t give someone the ability to checkout without being secure. By the same token, don’t let someone browse in secure mode.
- Use a “noindex/nofollow” meta tag on all of your cart/checkout pages.
- Use “disallow/noindex” directives in your robots.txt files. Sure it’s redundant if used with the meta tags, but it’s better to be safe than sorry in this case.
- Use the “nofollow” tag on the shopping cart/checkout link. You aren’t trying to sculpt page rank here but implement bot herding. Shopping cart, checkout, login, and admin pages are some of the few internal links where I still recommend using this tag.
You might also want to check out a previous article I did with some Shopping Cart SEO Tips.