Moz Pro Warning: Redirect Chain
-
I have just signed up to a Moz Pro account, and after it finished crawling my website it gave me a warning about a redirection chain.
http://elementpaints.com >> https://elementpIaints.com >> https://www.elementpaints.com
I'm trying to find some more information about how to fix this problem but I'm not having much luck.
This article I found even says it is not a problem: https://really-simple-ssl.com/knowledge-base/avoid-landing-page-redirects
So now I'm even more confused, do I still need to fix this? If so, how do I do that?
FYI: I have Lets Encrypt SSL cert installed on my server, and I'm using Cloudflare with Full SSL option and HSTS enabled, and "Always Use HTTPS" option is turned on.
-
Thanks for such a detailed reply!
It has helped me a ton with figure that out.
I'm just going to leave the redirect in place
-
tl:dr leave things as they are
This is one of those cases where the ever-changing web makes it hard for the automated tools to keep up, Ben. It's always been best practice to have both the www and non-www version of pages redirect to the canonical HTTPS version in a single hop.
But then the advent of HSTS threw a bit of a wrench into the works, specifically with respect to the HSTS Preload list created by Google and now used by other browsers as well. Just implementing HSTS isn't the main issue, but if you then submit the site for inclusion on the Preload list, the browser is going to care that the HTTPS redirect come first, then the redirect to the correct canonical (www or non-www) version happens after. This is because the Preload list basically commands the browser ahead of time "if you're not directed to the HTTPS connection first, refuse to connect at all".
Current best practice is to run your site under HTTPS with HSTS set for a short TTL for a period of time to insure all is working well. Then when you're sure all is performing as expected, you lengthen the TTL setting out to a year a more ( by adjusting the HSTS header settings), and request submission to the preload list.
The reason you want to do this in stages is that it's very hard to go backwards. Once a browser has received a long-TTL HSTS header or you're on the preload list, it can take a very long time (many months) to try to step back from the HTTPS settings if you encounter a problem, leaving your site full of errors & security warnings. (This can happen with sites that discover unfixable mixed content issues after migrating to HTTPS, for example, such as a real estate site finding out their property listing tools don't support HTTPS yet, a case that came up in another Q&A question just a short time ago)
Bottom line, if you're going to take the final sensible step in the process by getting added to the HSTS Preload list, you're going to want to leave the settings as is and not worry about the extra redirect. Unless there's a significant server issue, the extra redirect will only add milliseconds, and using HSTS and getting added to the preload list actually reduces the server calls by at least one, so will offset the redirect.
Whew! Sorry to be long-winded, but wanted to provide the background so you could understand the reason for the contradictions you are encountering.
Paul
P.S. As long you make sure all links under your control are using the proper canonical HTTPS URLs (especially internal site links - rewrite them in the database, don't make a plugin handle them), only a very small portion of visitors are ever likely to experience the extra redirect anyway.
-
Ah! Sorry about that - I'm not familiar with the best practices with regards to redirects. If you believe that everything is ok, you always have the option to ignore the issue.
Alternatively, perhaps one of our SEO / Web experts on our forum could provide some more specific feedback (more than I can, in any case! ) with regards to this issue.
Let me know if you have any other questions!
Eli
-
Hi Eli,
Thanks for the help.
I'm ok with understanding about how redirection works, and I understand what the suggestion is telling me to do, I'm just unsure about to fix the problem.
Also after researching it seems that redirecting from non secure (http://example.com) to a secure URL (htts://example.com) and then to the www version (https://www.example.com) is standard practice, so it's seems strange that I am told this is an issue. See here: https://really-simple-ssl.com/knowledge-base/avoid-landing-page-redirects
Thanks,
Ben -
Hey!
Thanks for reaching out to us!
Let's say you had three URLs - URL A, B and C. URL A redirects to URL B, which redirects again to URL C. You'd want to remove the redirects for URL B in the middle, so that URL redirects straight to URL C.
For example, you'd want to have http://elementpaints.com redirect directly to https://www.elementpaints.com, likely via a 301 permanent redirect, without including https://elementpIaints.com in the middle.
This minimises moving parts and would fix that redirect chain.
Unfortunately I am not a web developer so I would recommend checking with your website administrator that this is the best move in your case, each site is slightly different and I definitely don't want to point you down the wrong track.
Have a great day!
Eli
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Unsolved If you had to prioritize Moz features for those just getting started, what would be your top three?
If you had to prioritize Moz features for those just getting started, what would be your top three? I have my own thoughts here, but I am keen to hear what other Mozers believe.
Getting Started | | CAYK0 -
Moz can't crawl my site.
Moz cannot carry out the site crawl on my online shop. Not really sure what the issue is, it has no problem getting onto my site when you use www. before the address, but it needs to be able to access bluerinsevintage.co.uk Stuck as what to do, we are a shopify store. Anyone else had this problem, or know what i need to change so they can crawl the site? thjis is the page they are getting when trying to get on bluerinsevintage.co.uk but if they use www.bluerinsevintage.co.uk the site comes up.
Getting Started | | bluerinsevintage
Adam
0 -
Remove moz team conversation bubble
That little notification bubble on the bottom right corner of my account has finally gotten well beyond the point of irritation. Is there any way that I can permanently disable this?
Getting Started | | cslattery1 -
MOZ Removes WWW
I just signed up for Moz... Created my campaign. I'm noticing Moz is removing the www* from my domain. When they do analysis its wrong. when i go to google and type site:www.domain.com i have 350,000 + pages. MOZ is telling me i have 1,277 pages because its getting the external links by using *domain.com and not www.domain.com how do i force MOZ to read my domain as www.domain.com and not *.domain.com
Getting Started | | CarlosJaa0 -
Need to Add Moz code?
Do i need to add tracking code in my website, for Moz tool to analyze my website. Please someone let me know.
Getting Started | | TOBOC0 -
MOZ cannot connect to GA
As I went thru the process of setting up my campaign, MOZ could not connect to my GA account. Any idea why?
Getting Started | | selectlocks0
