Recently my host went ahead and activated free SSL certificates for all my hosted sites without even informing me of the same. This certificate was provided by Letsencrypt.org.
Great, a free certificate! That's amazing right? Well, it is, but it can also lead to a drop in your SEO rankings because it gives rise to content duplication.
Here's how,
You see, without proper redirection, each page on your site will now have a HTTPS and a HTTP version.
For example, http://sitename.com and https://sitename.com
And as expected, I did see a traffic drop. I also found both versions of pages indexed in Google.
Now I had two ways to fix this. One was to redirect all HTTP links to HTTPS and the other was the reverse - redirect all HTTPS to HTTP.
Since, my site does not sell anything directly, I did not see a need to use HTTPS. Plus if I were to change hosts in the future, I will have to either buy a new certificate (since not all hosts support free SSL) or redirect back to HTTP. So I decided to 301 redirect all HTTPS links to HTTP.
Here's the code I added to my HTAccess file to make this happen:
RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
You can also use this same code to do the reverse, which is redirect all HTTP to HTTPS. Here's the reversed code:
RewriteEngine On
RewriteCond %{HTTP} on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
Is it safe to use Letsencrypt.org free SSL certificate?
Yes, it's perfect safe to use the certificate. In-fact, you could even get some SEO advantage for servicing your pages via HTTPS. Just make sure that your properly redirect all files, change internal links and make necessary changes to your search console for a smooth transition.
Code credit: https://stackoverflow.com/questions/12999910/https-to-http-redirect-using-htaccess