I think that, from what you have said, that my best solution might be to do the server side detection that you detail in 4. JD I hoped that you might pick up on this thread. Vimes I've been through with a fine tooth comb and did find a couple of relative links that were in effect pointing to I've cleaned these out. Many thanks for taking the trouble to reply. This makes determining which protocol should be used to access them very easy using Apache mod_rewrite or ISAPI Rewrite on IIS. Points 3 and 4 are easy if you tag your secure and non-secure page URLs in some way, for example, making them appear to be in separate directories under your site root. HTTPS) access requests to non-secure pages, and redirect them to change the protocol to HTTP.ĥ) If your secure and non-secure pages are actually stored on the server in different filespaces, then use the robots.txt files to tell search engines to stay away from https unless its appropriate. HTTP) access requests to secure pages, and redirect them to change the protocol to HTTPS.Ĥ) Server-side, detect secure (i.e. , rather than page-relative or server-relative links (don't use, or )Ģ) When linking from a non-secure page to a secure page, again use a canonical URL., e.g.
HTTPS is a different protocol than HTTP, and is not related to domains or subdomains at all.ġ) When linking from a secure page to a non-secure page, use a canonical URL, e.g. No matter what Yahoo is displaying or how it is displaying it, is not in any way a subdomain of. The use of the word "subdomain" in this thread is misleading.