Yahoo Small Business Stores: What Should I Do With Security Manager?

There has been a lot of talk over the past few weeks since Google had recently made the announcement that starting in October 2017, if your website is not secure, the browser will be displaying errors warning customers that your site is not secure.  If you have not taken steps to migrate your website to SSL, the time is now. With the recent data breaches in the news, the push to a secure web has never in our history been this pronounced.  If you have not yet begun the preparation for SSL, it’s not too late.

Yahoo has added Security Manager underneath your Site Settings, and they are providing you with a complimentary Security Certificate.  The Security Manager also automatically installs the certificate on your behalf, but if you haven’t taken the time to prepare your website for the SSL installation, most likely, your website is not going migrate properly.

From an SEO perspective, moving from a non-secure site to a secure site is in theory a “site move”.  It is normal to see slight fluctuations in your Google rankings for a few days following the installation of your SSL.  It should not cause any major form of traffic or ranking disruption though as all pages are automatically 301 redirected.  There are some things you should do after you turn on your SSL.

Google Search Console

Google Search Console (https://www.google.com/webmasters/tools/) you should list every version of your website, for example:

http://yourstorewizards.com

http://www.yourstorewizards.com

https://yourstorewizards.com

https://www.yourstorewizards.com

Chances are, you have already added both versions of your website to your Google Search Console some-time ago in the past, now you should add the https:// versions.  Once your transition is complete, only the “active” version should be accumulating data (which is HTTPS).  Having all versions of your site listed in Search Console is important for troubleshooting in the future, should anything change (expired certificates, server errors, etc.).  Also, Google will email you if anything out of the ordinary appears.  You should make a habit of checking Google Search Console every so often to see if there are any issues that could be preventing your site from indexing properly.

Yahoo has been rolling out SSL Sitemaps with their latest updates.  If you have Security Manager installed, you can load the new sitemap in your https:// Google Search Console profile.  If you have a sitemap currently loaded in your older http:// Search Console profile, you can disable it, or leave it alone.  It will not cause issues because your site has a site wide 301 redirect to the new SSL install, therefore, when Google goes to crawl your sitemap, and gets to http://www.yourstorewizards.com, it will automatically 301 redirect.

If you also use Bing Webmaster Tools, you should also list all of your websites there as well. Even though Bing doesn’t provide as much web traffic as Google does, their Webmaster Tools are very robust and may provide you with good insights and information about your web traffic.

Changes to Store Variables

For Your Store Wizards merchants that have canonicals installed, in variables, change the YSW-SECURE-CANONICAL variable to YES.  This will ensure that your OG Meta Tags and Canonical Tags are updated to https. Also, change the YSW-URL to https:. Which ensures that any presence of http:// will automatically be updated to https.

If these were missed, you can always double check your site by going to any page, right clicking, view source – then search for canonical.  Should you see “http” instead of “https”, just double check these variables. If for some reason this variable was missed, it is not the end of the world, as your site has a site wide 301 redirect in place, but in the long run for best SEO practices, we want to always make sure we follow protocol to the best of our abilities.

3rd Party Feed Services or Data Providers

Your store will automatically redirect but if you have any key parameters in the urls, then the feeds will need to reflect https.  This is also true if you use any 3rd parties that are not aware and in any way direct you traffic (that doesn’t come from a data feed).

And that’s it in a nutshell.  Please feel free to contact us should you have any questions.

Leave a Reply