Moz Pro Warning: Redirect Chain
-
I have just signed up to a Moz Pro account, and after it finished crawling my website it gave me a warning about a redirection chain.
http://elementpaints.com >> https://elementpIaints.com >> https://www.elementpaints.com
I'm trying to find some more information about how to fix this problem but I'm not having much luck.
This article I found even says it is not a problem: https://really-simple-ssl.com/knowledge-base/avoid-landing-page-redirects
So now I'm even more confused, do I still need to fix this? If so, how do I do that?
FYI: I have Lets Encrypt SSL cert installed on my server, and I'm using Cloudflare with Full SSL option and HSTS enabled, and "Always Use HTTPS" option is turned on.
-
Thanks for such a detailed reply!
It has helped me a ton with figure that out.
I'm just going to leave the redirect in place
-
tl:dr leave things as they are
This is one of those cases where the ever-changing web makes it hard for the automated tools to keep up, Ben. It's always been best practice to have both the www and non-www version of pages redirect to the canonical HTTPS version in a single hop.
But then the advent of HSTS threw a bit of a wrench into the works, specifically with respect to the HSTS Preload list created by Google and now used by other browsers as well. Just implementing HSTS isn't the main issue, but if you then submit the site for inclusion on the Preload list, the browser is going to care that the HTTPS redirect come first, then the redirect to the correct canonical (www or non-www) version happens after. This is because the Preload list basically commands the browser ahead of time "if you're not directed to the HTTPS connection first, refuse to connect at all".
Current best practice is to run your site under HTTPS with HSTS set for a short TTL for a period of time to insure all is working well. Then when you're sure all is performing as expected, you lengthen the TTL setting out to a year a more ( by adjusting the HSTS header settings), and request submission to the preload list.
The reason you want to do this in stages is that it's very hard to go backwards. Once a browser has received a long-TTL HSTS header or you're on the preload list, it can take a very long time (many months) to try to step back from the HTTPS settings if you encounter a problem, leaving your site full of errors & security warnings. (This can happen with sites that discover unfixable mixed content issues after migrating to HTTPS, for example, such as a real estate site finding out their property listing tools don't support HTTPS yet, a case that came up in another Q&A question just a short time ago)
Bottom line, if you're going to take the final sensible step in the process by getting added to the HSTS Preload list, you're going to want to leave the settings as is and not worry about the extra redirect. Unless there's a significant server issue, the extra redirect will only add milliseconds, and using HSTS and getting added to the preload list actually reduces the server calls by at least one, so will offset the redirect.
Whew! Sorry to be long-winded, but wanted to provide the background so you could understand the reason for the contradictions you are encountering.
Paul
P.S. As long you make sure all links under your control are using the proper canonical HTTPS URLs (especially internal site links - rewrite them in the database, don't make a plugin handle them), only a very small portion of visitors are ever likely to experience the extra redirect anyway.
-
Ah! Sorry about that - I'm not familiar with the best practices with regards to redirects. If you believe that everything is ok, you always have the option to ignore the issue.
Alternatively, perhaps one of our SEO / Web experts on our forum could provide some more specific feedback (more than I can, in any case! ) with regards to this issue.
Let me know if you have any other questions!
Eli
-
Hi Eli,
Thanks for the help.
I'm ok with understanding about how redirection works, and I understand what the suggestion is telling me to do, I'm just unsure about to fix the problem.
Also after researching it seems that redirecting from non secure (http://example.com) to a secure URL (htts://example.com) and then to the www version (https://www.example.com) is standard practice, so it's seems strange that I am told this is an issue. See here: https://really-simple-ssl.com/knowledge-base/avoid-landing-page-redirects
Thanks,
Ben -
Hey!
Thanks for reaching out to us!
Let's say you had three URLs - URL A, B and C. URL A redirects to URL B, which redirects again to URL C. You'd want to remove the redirects for URL B in the middle, so that URL redirects straight to URL C.
For example, you'd want to have http://elementpaints.com redirect directly to https://www.elementpaints.com, likely via a 301 permanent redirect, without including https://elementpIaints.com in the middle.
This minimises moving parts and would fix that redirect chain.
Unfortunately I am not a web developer so I would recommend checking with your website administrator that this is the best move in your case, each site is slightly different and I definitely don't want to point you down the wrong track.
Have a great day!
Eli
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Moz Free
hello guys, is there any way to use Moz free or any well-known company who would like to give me Moz login at a very cheap price. if anyone knows then please guide me shortly. Thanks With Regards, Abert sin.
Getting Started | | seochris172 -
When I crawl my site On Moz it says it can't access the robots.txt file, but crawl is fine on SEM Rush - Anyone know any reason for this?
Hi guys, When I try to run a site crawl on Moz it returns an error saying that it has failed due to an error with the robots.txt file. However, my site can be crawled by SEM Rush with no mention of problems with roots.txt file issues. My developer has looked into it and insists their is no problem with my robots.txt and I've tried the Moz crawl at least 6 times over an 8 week period. Has anyone ever seen such a large discrepancy between Moz and SEM Rush or have any ideas why Moz has this issue with my site?? TIA everyone
Getting Started | | Webreviewadmin0 -
Setting up Moz Pro campaign for a subfolder
Hi, I'm just setting up my first campaign and would like some advice please. I have a website and also within it a a number of pages in a sub folder. These are technically a different business to the main website and I would like to track them separately in Moz so they can have their own keyword lists and competitors etc. How do I do this? Do I set up two separate campaigns www.site.com
Getting Started | | craigramsay
www.site.com/subfolder I understand the first one might still report on the subfolder but I guess I could just ignore this. Thanks0 -
Moz scraper
How often do you Moz do whatever it is they do for me to get up-to-date data?
Getting Started | | infinety0 -
Does anyone know where I can find the Moz Video explaining how to use the Craw Diagnostic Feature? Thank!
I am starting to use the craw diagnostics(specifically duplicate content) and I know there was a very helpful tutorial video i saw earlier but I cant seem to find it now
Getting Started | | John-Francis0 -
My website does not allow all crawler to crawl, Now my question is that whether i need to give permission to moz crawler if yes then whaat is moz bot name?
My website does not permit all crawler to crawl website. Whether ii need to give permission to moz bot to crawl website or not? If yes what is the moz bot name?
Getting Started | | irteam0 -
Why Moz New Users Are Left Alone?
New users when sign up to an application like Moz need concrete support to make them familiarized the basics at least, but Moz seems to be not realizing this hardship of the new users or intentionally ignoring it. There is no chat service or phone numbers to quickly contact the designated agent for some quick help. Mail responses that are received after much time have their limitations -- not much interactive. What the new users should do, because the Moz is not that simple for new users. [edited question for formatting]
Getting Started | | Sequelmed1 -
How do get Moz to spider a Development site PRE LAUNCH?
Hi, Does anyone know how we could get Moz to browse a development site before launch? But without Google and other engines indexing it? Thanks
Getting Started | | bjs20100