Weblog entry #333 for simonw
See all weblog entries made by simonw.
#333
HTTPS / Apache / Google
Posted by simonw on Tue 16 Jun 2009 at 13:09
Discovered Google indexing content for a secure server using a weird domain name.
On inspection Google is indexing content using the domain name supplied, and ignoring the certificate (and the certificate mismatch).
So it seems if you want the secure content of www.example.com indexed only under www.example.com, you need to add:
RewriteCond %{HTTP_HOST} !^www\.example\.com [NC]
ReWriteRule ^/(.*) https://www.example.com/$1 [L,R]
Since otherwise someone could create duplicate content in Google merely by pointing an A record at you and creating a link for Google to follow.
Surely there is a better way of doing this in Apache?
On inspection Google is indexing content using the domain name supplied, and ignoring the certificate (and the certificate mismatch).
So it seems if you want the secure content of www.example.com indexed only under www.example.com, you need to add:
RewriteCond %{HTTP_HOST} !^www\.example\.com [NC]
ReWriteRule ^/(.*) https://www.example.com/$1 [L,R]
Since otherwise someone could create duplicate content in Google merely by pointing an A record at you and creating a link for Google to follow.
Surely there is a better way of doing this in Apache?