Does This Code Qualify as OK for 301 Redirect --> Positive Google SEO?

Need to get our website to resolve to our secure pages.

Seems like the best way, in terms of SEO, is via a 301 redirect.

Would this code be a 301 redirect?

if($_SERVER['HTTP_X_FORWARDED_PROTO']=="http"){
header('Location:https://'.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']);
exit;
}

Open in new window


Or, will this be looked at as, not only NOT 301, but somehow seemingly the WRONG way to achieve our goal and result in a SEO penalty?

Many thanks!

OT
oaktreesAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Scott Fell, EE MVEDeveloper & EE ModeratorCommented:
You need to use 301 for the response code http://php.net/manual/en/function.header.php

// 301 Moved Permanently
header("Location: /foo.php",TRUE,301);

Open in new window

2
Scott Fell, EE MVEDeveloper & EE ModeratorCommented:
Are you trying to force https, it would be better to do this in iis/webconfig if windows or with your htaccess if linux.
0
oaktreesAuthor Commented:
Hi Scott,

You're right: trying to force HTTPS.  

Any examples of ways to do that via

iis/webconfig if windows & htaccess-linux

Pretty sure we are linux but, it is Saturday in Asia where I am now and can't ask.

Many thanks,

OT
0
Cloud Class® Course: Microsoft Exchange Server

The MCTS: Microsoft Exchange Server 2010 certification validates your skills in supporting the maintenance and administration of the Exchange servers in an enterprise environment. Learn everything you need to know with this course.

oaktreesAuthor Commented:
Hi Scott,

Got it.  Thanks!  

How does the method below look to you?  We've been using it while we were trying to get the best method figured out.

It's working.  Does it seem to you to have any negative implications vis-a-vis SEO & Google ranking?

if($_SERVER['HTTP_X_FORWARDED_PROTO']=="http"){
header('Location:https://'.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']);
exit;
}

Open in new window


Thanks!

OT
0
Scott Fell, EE MVEDeveloper & EE ModeratorCommented:
no, make sure to use the 301 response code.  also make sure to redirect to just one domain. By one domain I mean all traffic should go through the www or naked, not both.  You will ant to test for that as well.
0
oaktreesAuthor Commented:
Hi Scott,

When you say "response code" which one do you mean?

Thanks!

OT
0
Scott Fell, EE MVEDeveloper & EE ModeratorCommented:
301 just like I showed you in my first post
0
Scott Fell, EE MVEDeveloper & EE ModeratorCommented:
This is a good article from moz.com that explains the different types of redirects. https://moz.com/learn/seo/redirection
0
oaktreesAuthor Commented:
Hi Scott,

Yes.  Forgive me.  My engineering team and I speak different languages.

I'm clear on the difference on 301s versus other types.  Was assured that the code I posted was a 301.  Seems like it's not.

So, need something that will get us from any HTTP pages to HTTPS via 301.

How does this look?

RewriteEngine On 
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www\. [NC] 
RewriteRule ^ https://example.com%{REQUEST_URI} [R=301,L,NE] 

Open in new window


Thanks!

OT
0
Scott Fell, EE MVEDeveloper & EE ModeratorCommented:
I think it looks ok, but I don't use linux.   I will ask somebody else to verify.
0
oaktreesAuthor Commented:
Hi Scott,

Got it.  Thanks!  

I can imagine you're flooded with folks querying.  When I see your detailed answers and kind replies I feel grateful.  Thanks, Scott!

Sincerely,

OT
2
Julian HansenCommented:
Go with what works.
Your solution appears to come from the link below ( there are two solutions on that link)
https://stackoverflow.com/questions/29029049/best-practice-301-redirect-http-to-https-standard-domain
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule ^ https://%1%{REQUEST_URI} [R=301,L]

Open in new window

     
RewriteEngine On 
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www\. [NC] 
RewriteRule ^ https://example.com%{REQUEST_URI} [R=301,L,NE] 

Open in new window

This site gives the method as
https://www.inmotionhosting.com/support/website/ssl/how-to-force-https-using-the-htaccess-file
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteEngine On 
RewriteCond %{SERVER_PORT} 80 
RewriteRule ^(.*)$ https://www.example.com/$1 [R=301,L]

Open in new window

And here is another one
https://www.aleydasolis.com/htaccess-redirects-generator/https-vs-http/
RewriteEngine On
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Open in new window

Pick the one that works for you - try it - if it works great - if not try the next solution.
0
oaktreesAuthor Commented:
Hi Julian,

You're right.  Got that one from there.

Ok!  These look great.  Detailed.  We should be able to get one of them to work.  Thank you for identifying the other 3.

Need to leave this question open as we wont have a chance to start checking for about 36 more hours.

Thanks to you both! :)))))

OT
1
oaktreesAuthor Commented:
Hello!

Local engineers have provided me this.  How does it look to you?

if($_SERVER['HTTP_X_FORWARDED_PROTO']=="http"){
header('HTTP/1.1 301 Moved Permanently'); 
header('Location:https://'.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']);
exit;
}

Open in new window


Thanks!

OT
0
Julian HansenCommented:
You can do it with script ... but why?
.htaccess is the right way to do this - not sure why script needs to be involved.
1
oaktreesAuthor Commented:
Hi Julian,

I'm told that the reason is so we can limit the redirect.  Rather than redirect EVERY page of the website.  We've got some pages that can't be run securely - articles where the links and or images are not our own, or are sourced from sites which are themselves unsecure.

I'm being told that this method allows us to discriminate between which pages can use HTTPS.  If this is the rationale, then how does it look to you?

Then, for me, the key question is...will Google detect this type of redirect as somehow "not right" and apply a negative bias against us for SEO?  This is the heart of my question.  My main concern.  

Many thanks,

OT
0
Julian HansenCommented:
You can discriminate using .htaccess. Depending on which falls into the greater set you either create a rule to redirect the https files or you make https the default and exclude the http files you don't want redirected.

To your second question - no - the redirect by script or .htaccess makes no difference to Google.
0
oaktreesAuthor Commented:
Hi,

Sounds good.

I'm confused.  When you say via .HTACCESS is the right way to do it, what do you mean?  How does executing the redirect via .HTACCESS systemically differ.  I know that's getting into the weeds, but I can't figure out the difference.

Many thanks,

OT
0
Julian HansenCommented:
Functionally there is no difference. The reason is that the .htaccess is an obvious goto. It is usually first in the file listing and its presence tells you immediately that there is potential manipulation of routing going on.
When you put it in a script - it becomes decentralised.
From a management perspective it is neater for the redirects to be managed in one place.
1

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
oaktreesAuthor Commented:
Thanks, again! :)))))))))))))))))))))))))))))!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
1
Julian HansenCommented:
You are welcome.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Web Development

From novice to tech pro — start learning today.