ecommunlimited Posted December 26, 2016 Share Posted December 26, 2016 Hello all, I have a full ssl site front and back. My site is listed with google, bing and others as an https domain. The sitemaps I turned in have the https protocol for all links. Is it necessary to have a redirect rule in the .htaccess file for http to https. If so, should it be permanent, temporary or just a plain redirect? The reason I ask is because I don't want google or the others to be confused when they see the the https protocol for all links in my sitemaps and yet have a redirect rule for http to https. Take care Bill Link to comment Share on other sites More sharing options...
Jack_mcs Posted December 26, 2016 Share Posted December 26, 2016 The redirect is for old links, not new ones. Let's say you have a thousand links listed with google. If some were added before your site went full ssl and they haven't looked at the pages yet, then they need to be told to change that. Or maybe someone posted a link to your site on a blog using http. The search engines might follow it. So, yes, you should have that in the ,htaccess file if the site was ever live without being full ssl. The redirect won't cause any problems for the search engines. I suggest you check for sitemap errors in your google search console (webmaster tools) since that would show if there are problems with the links. Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
MrPhil Posted December 26, 2016 Share Posted December 26, 2016 Yes it is necessary to have an HTTP to HTTPS redirect, as Jack said, to take care of old links in the outside world -- not just SE indexes being updated, but also links that customers and bloggers have. Although, most customers will probably never update their bookmarks/favorites entries, so for a very long time you will still see incoming HTTP requests. It should be a 301 permanent redirect, as your site has permanently changed organization. If Google comes in on HTTPS, they'll never see the HTTP->HTTPS redirect rule, because it won't fire. If they come in on HTTP, they will see the redirection (request is bounced back with the new URL and a 301 status code), but there should be very little if any penalty for it (and short-lived). Link to comment Share on other sites More sharing options...
ecommunlimited Posted December 26, 2016 Author Share Posted December 26, 2016 @@Jack_mcs @@MrPhil What you both have said makes good sense. It didn't cross my mind about customers and blogs. Jack I have checked and there isn't any sitemap errors. Would this be an acceptable rewrite rule? RewriteEngine onRewriteCond %{HTTPS} offRewriteRule ^(.*)$ https://my-domain-name.com/$1 [R=301,L] Take care Bill Link to comment Share on other sites More sharing options...
Jack_mcs Posted December 26, 2016 Share Posted December 26, 2016 Yes, that will work. But, for SEO purposes, I suggest RewriteEngine on RewriteCond %{HTTPS} off RewriteCond %{HTTP_HOST} ^www\.domain-name\.com ]NC] RewriteRule ^(.*)$ https://my-domain-na...om/$1 [R=301,L] Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
ArtcoInc Posted December 26, 2016 Share Posted December 26, 2016 I currently have 2 redirects in my .htaccess file ... One to add the www. in front of the URL, and the second to redirect to the /catalog subdirectory. I now want to add a third to add the https to the beginning of the url (currently commented out below) ... RewriteEngine on #First rewrite any request to the wrong domain to use the correct one (here www.) RewriteCond %{HTTP_HOST} !^www\. RewriteRule ^(.*)$ http://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301] #Then, rewrite to /catalog RewriteCond %{REQUEST_URI} !^/catalog [NC] RewriteRule ^(.*)$ /catalog/$1 [L] #Now, rewrite to HTTPS: #RewriteCond %{HTTPS} off #RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] However, gtmetrix.com is already giving me an 'F' score for 'Avoid landing page redirects' for the two existing redirects. Is there a way to include all three into a single redirect? Malcolm Link to comment Share on other sites More sharing options...
ecommunlimited Posted December 26, 2016 Author Share Posted December 26, 2016 @@Jack_mcs Thank you, I appreciate the time you took to help me. Same goes for @@MrPhil. This is the redirect rule I had written for the www: RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]RewriteRule ^(.*)$ https://%1%{REQUEST_URI} [QSA,NC,L] It redirects to https://my-domain.com/ Will that still work for SEO? Take care Bill Link to comment Share on other sites More sharing options...
Jack_mcs Posted December 26, 2016 Share Posted December 26, 2016 @@ArtcoInc It is fine the way you have it. Redirects add to the total time it takes for a page to load so GTMetrix is saying you could avoid that if possible. But you need the redirects so removing them isn't an option. You can combine two of them like this RewriteCond %{HTTPS} off RewriteCond %{HTTP_HOST} ^www\.domain-name\.com/catalog/ ]NC] RewriteRule ^(.*)$ https://my-domain-na...om/catalog/$1 [R=301,L] Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
Jack_mcs Posted December 26, 2016 Share Posted December 26, 2016 @@ecommunlimited I think that is OK. I suggest testing it with a url like www.domain_name/index.php?cPath=1. The idea is to tell the search engines to only use the one form of the url, www or not www. Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
MrPhil Posted December 26, 2016 Share Posted December 26, 2016 What happens when someone comes in with http://www.domain.com -> RewriteCond https off AND www. -> RewriteRule output https://domain.com http://domain.com -> RewriteCond https off AND no www. -> RewriteRule output https://domain.com https://www.domain.com -> RewriteCond https on AND www. -> RewriteRule output https://domain.com That's only one 301 issued, and one round trip to the browser. Link to comment Share on other sites More sharing options...
ArtcoInc Posted December 26, 2016 Share Posted December 26, 2016 @@MrPhil What happens when someone comes in with http://www.domain.com -> RewriteCond https off AND www. -> RewriteRule output https://domain.com http://domain.com -> RewriteCond https off AND no www. -> RewriteRule output https://domain.com https://www.domain.com -> RewriteCond https on AND www. -> RewriteRule output https://domain.com That's only one 301 issued, and one round trip to the browser. Can the addition of the /catalog sub-directory redirect be included? Or, would that make 6 possible combinations to test for? Malcolm Link to comment Share on other sites More sharing options...
ecommunlimited Posted December 26, 2016 Author Share Posted December 26, 2016 @@Jack_mcs @@MrPhil I tried this as Jack suggested: http://www.my-domain.com/index.php?cPath=1 It redirects to this: https://my-domain.com/index.php?cPath=1 Also tried this: http://my-domain.com And it redirects to this: https://my-domain.com I'm using two separate redirects. This is how my conditions and rules are written: RewriteEngine onRewriteCond %{HTTPS} offRewriteRule ^(.*)$ https://my-domain.com/$1[R=301,L] RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]RewriteRule ^(.*)$ https://%1%{REQUEST_URI} [QSA,NC,L] In my case, all seems to work correctly. Take care Bill Link to comment Share on other sites More sharing options...
ArtcoInc Posted December 26, 2016 Share Posted December 26, 2016 So, is it better to use the .htaccess file to redirect to the /catalog sub-directory, or to include an index.php file in the root directory to call the /catalog/index.php file? Malcolm Link to comment Share on other sites More sharing options...
♥kymation Posted December 26, 2016 Share Posted December 26, 2016 @@ArtcoInc Neither. The best way to handle this (if you only have osCommerce installed and want it to be at the root of your site) is to point your URL to the catalog directory. This removes any problems with redirects that might occur for various reasons. If you don't want to do that, the .htaccess is your best bet. Google hates HTML redirects. Regards Jim See my profile for a list of my addons and ways to get support. Link to comment Share on other sites More sharing options...
MrPhil Posted December 26, 2016 Share Posted December 26, 2016 Can the addition of the /catalog sub-directory redirect be included? Or, would that make 6 possible combinations to test for? Rewriting from / to /catalog should be a silent redirect (200), not a 301, and done after the 301's. Therefore, it would not be seen by Google (except possibly as a "soft 404"). It's best to install your shop into /shop or /catalog, unless you are absolutely 100% cross your heart hope to die confident that you will never install any other applications on this site, and that you're bright enough to keep track of what are system/host provided files and what came with osC. In its own directory, you can be sure that osC will never step on other applications, and vice-versa (e.g., WordPress having to pass through osCommerce's .htaccess first, or osCommerce having to pass through WordPress's .htaccess). The root .htaccess can then simply be common stuff like www/no-www, and always https. With only osCommerce installed, you do an .htaccess rewrite (200) from / to /shop to seamlessly transfer visitors to your root over to your shop. Later, when you add another application, you can install a "splash page" with links to your various applications (and remove the / to /shop rewrite). Deep links into the store will always be /catalog, so they won't be invalidated. Link to comment Share on other sites More sharing options...
ArtcoInc Posted December 26, 2016 Share Posted December 26, 2016 @@MrPhil So, if I use @@Jack_mcs 's code (to add the .www and add the https) for the initial 301 redirect ... #First rewrite any request to the wrong domain to use the correct one (here www.) #And, rewrite to HTTPS: RewriteCond %{HTTPS} off RewriteCond %{HTTP_HOST} ^www\.domain-name\.com/catalog/ ]NC] RewriteRule ^(.*)$ https://my-domain-name.com/catalog/$1 [R=301,L] (do I need to include the www. in line three above? Remember, I am trying to ADD the www. if it isn't included) *THEN*, I add something like this after it .. #Then, rewrite to /catalog RewriteCond %{REQUEST_URI} !^/catalog [NC] RewriteRule ^(.*)$ /catalog/$1 [L] Thank you! Malcolm Link to comment Share on other sites More sharing options...
Jack_mcs Posted December 27, 2016 Share Posted December 27, 2016 @@MrPhil Rewriting from / to /catalog should be a silent redirect (200), not a 301, and done after the 301's. Therefore, it would not be seen by Google (except possibly as a "soft 404"). It shouldn't be hidden from the search engines. If they end up in the root and are redirected to another location, they might consider that a problem. It is something hackers do quite frequently. I'm sure the search engines are smart enough to figure out it is a legitimate redirect but I prefer not to poke the bear when it isn't necessary. :) Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
MrPhil Posted December 27, 2016 Share Posted December 27, 2016 So, if I use @@Jack_mcs 's code (to add the .www and add the https) for the initial 301 redirect ... #First rewrite any request to the wrong domain to use the correct one (here www.) #And, rewrite to HTTPS: RewriteCond %{HTTPS} off RewriteCond %{HTTP_HOST} ^www\.domain-name\.com/catalog/ ]NC] RewriteRule ^(.*)$ https://my-domain-name.com/catalog/$1 [R=301,L](do I need to include the www. in line three above? Remember, I am trying to ADD the www. if it isn't included) Jack's code removes the www. If you want to add www, you would remove "www\." from the RewriteCond and change "my-domain-name" to "www.domain-name" in the RewriteRule. I'm also not sure that "/catalog/" will be seen in HTTP_HOST. At least, I've never seen it used that way. Also, this code works to remove www. only if the incoming URL is http. It should not work if it's already https. Jack, have you tested this code and confirmed it works? *THEN*, I add something like this after it .. #Then, rewrite to /catalog RewriteCond %{REQUEST_URI} !^/catalog [NC] RewriteRule ^(.*)$ /catalog/$1 [L] That should work to silently rewrite / to /catalog. Link to comment Share on other sites More sharing options...
MrPhil Posted December 27, 2016 Share Posted December 27, 2016 It shouldn't be hidden from the search engines. If they end up in the root and are redirected to another location, they might consider that a problem. It is something hackers do quite frequently. I'm sure the search engines are smart enough to figure out it is a legitimate redirect but I prefer not to poke the bear when it isn't necessary. :) Such things are done all the time in the name of SEO/SEF. I have heard complaints that it's treated as a soft 404, but never that it caused major problems. If it does, Google is in a lot of trouble. Besides, if it's a silent 200 rewrite (not redirect), the search engine should not see that the URI has changed. How can it? Link to comment Share on other sites More sharing options...
Jack_mcs Posted December 27, 2016 Share Posted December 27, 2016 @@MrPhil Jack, have you tested this code and confirmed it works? No, I didn't. If I had a shop where it was in a subdirectory, I would just use individual pairs of statements to accomplish the redirect. What I posted was to try to combine them. I think it should work but I doubt that it is worth the bother. Such things are done all the time in the name of SEO/SEF. I have heard complaints that it's treated as a soft 404, but never that it caused major problems. If it does, Google is in a lot of trouble. Besides, if it's a silent 200 rewrite (not redirect), the search engine should not see that the URI has changed. How can it? Both Ultimate SEO and SEO 5 return 301's, unless that option is turned off. And, you are correct, soft 404's won't cause a problem. But that isn't what was mentioned. Redirecting from the root directory to a subdirectory is different. I think I mentioned somewhere above that if this is a new shop it won't matter. But if this is a shop with links that go to the root directory, google will follow those links to check the pages. When they are redirected and not told to change their link with a 301, it can become suspect to them. Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
ArtcoInc Posted December 27, 2016 Share Posted December 27, 2016 @@MrPhil Would this work? RewriteEngine On # add www and turn on https in same rule RewriteCond %{HTTP_HOST} !^www\. [NC,OR] RewriteCond %{HTTPS} off RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC] RewriteRule ^ https://www.%1%{REQUEST_URI} [R=301,L,NE] #Then, rewrite to /catalog RewriteCond %{REQUEST_URI} !^/catalog/ [NC] RewriteRule ^(.*)$ /catalog/$1 [L] Malcolm Link to comment Share on other sites More sharing options...
ArtcoInc Posted December 27, 2016 Share Posted December 27, 2016 I just noticed that I have this in the .htaccess file in the root directory ... RewriteEngine on RedirectMatch ^/$ /catalog/ And this is my current .htaccess file in the /catalog directory ... RewriteEngine on #First rewrite any request to the wrong domain to use the correct one (here www.) RewriteCond %{HTTP_HOST} !^www\. RewriteRule ^(.*)$ http://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301] #Then, rewrite to /catalog RewriteCond %{REQUEST_URI} !^/catalog [NC] RewriteRule ^(.*)$ /catalog/$1 [L] #Now, rewrite to HTTPS: #RewriteCond %{HTTPS} off #RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] Is that a redirect in the root directory file? If so, do I need the redirect from / to /catalog in both places? Can/should the redirects that are currently in the .htaccess file in the /catalog directory be moved to the .htaccess file in the root directory? And if so, what happens if a user actually types in the URL including the /catalog directory (either without the .www (needed for the SSL certificate) or without the https)? Thanks! Malcolm Link to comment Share on other sites More sharing options...
MrPhil Posted December 27, 2016 Share Posted December 27, 2016 It makes no sense to rewrite to /catalog when you're already in /catalog! Note that "/catalog" won't be seen in the URI when you're already in /catalog. I'm kind of surprised that you didn't get into a loop. You would have the rewrite to /catalog only in the root .htaccess. Unless there is some reason that you want a non-www domain for other parts of your site, or https only for the shop, those should be moved into the root .htaccess. Note that if you redirect non-www to www with http:, and then http: to https: (both 301s), you'll get two separate 301 redirects. That is inefficient (slow) and search engines may slap you. But it's legal, if it's easier for you to keep them as separate rules. I haven't looked into it, but I think it may be possible to omit the [L] flag, and at the end of the 301 section, do a test of the current status flag to see if it's 301, and if so, do just one combined redirect. Has anyone tried this sort of thing before? There's a reason that .htaccess and rewriting/redirecting are considered voodoo! /catalog/.htaccess should contain entries only applicable to osCommerce, such as SEO handling. Entries common to the whole site (add/remove www, force https, move / to /catalog, etc.) would go in the root. I also recommend doing 301s first, and 200s after, so the visitor doesn't see the /catalog jump on any of the 301s. Link to comment Share on other sites More sharing options...
ArtcoInc Posted January 4, 2017 Share Posted January 4, 2017 @@MrPhil It makes no sense to rewrite to /catalog when you're already in /catalog! Note that "/catalog" won't be seen in the URI when you're already in /catalog. I'm kind of surprised that you didn't get into a loop. You would have the rewrite to /catalog only in the root .htaccess. I *think* that this says ... #Then, rewrite to /catalog RewriteCond %{REQUEST_URI} !^/catalog [NC] RewriteRule ^(.*)$ /catalog/$1 [L] *If* you are not in /catalog, redirect to /catalog. Since this is *in* /catalog, the IF condition is not met, and hence no looping. I *think* :wacko: But, I agree ... this can/should be dropped from the .htaccess file *within* the /catalog directory. Unless there is some reason that you want a non-www domain for other parts of your site, or https only for the shop, those should be moved into the root .htaccess. Note that if you redirect non-www to www with http:, and then http: to https: (both 301s), you'll get two separate 301 redirects. That is inefficient (slow) and search engines may slap you. But it's legal, if it's easier for you to keep them as separate rules. I haven't looked into it, but I think it may be possible to omit the [L] flag, and at the end of the 301 section, do a test of the current status flag to see if it's 301, and if so, do just one combined redirect. Has anyone tried this sort of thing before? There's a reason that .htaccess and rewriting/redirecting are considered voodoo! /catalog/.htaccess should contain entries only applicable to osCommerce, such as SEO handling. Entries common to the whole site (add/remove www, force https, move / to /catalog, etc.) would go in the root. I also recommend doing 301s first, and 200s after, so the visitor doesn't see the /catalog jump on any of the 301s. While I have no currently plans to have anything else under this domain, to my mind, it makes sense to have the addition of the www. to the URL (needed for the SSL certificate) and the https: in the .htaccess file in the /catalog directory, so that anything I add to the domain in another directory besides the /catalog directory can have it's own control. But, I'm willing to be wrong :- Malcolm Link to comment Share on other sites More sharing options...
MrPhil Posted January 5, 2017 Share Posted January 5, 2017 Well, maybe I could have worded that a little more clearly. My point was that if you're already in /catalog, what is the point of rewriting to send you to /catalog? If the intent is to redirect a visitor to / to /catalog, that would belong in the root .htaccess. Since you already have something similar to that there, the one in /catalog/.htaccess would seem to be redundant. %{REQUEST_URI} seems to be an odd fellow... at least in my testing, it seems to be what you would see in /.htaccess, even when in a deeper directory (i.e., the first part of the path doesn't get trimmed off, unlike what's fed to the RewriteRule's pattern matching). I'm not sure now whether it gets updated during rewriting (I would think it would). Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.