Moz Pro Warning: Redirect Chain
-
I have just signed up to a Moz Pro account, and after it finished crawling my website it gave me a warning about a redirection chain.
http://elementpaints.com >> https://elementpIaints.com >> https://www.elementpaints.com
I'm trying to find some more information about how to fix this problem but I'm not having much luck.
This article I found even says it is not a problem: https://really-simple-ssl.com/knowledge-base/avoid-landing-page-redirects
So now I'm even more confused, do I still need to fix this? If so, how do I do that?
FYI: I have Lets Encrypt SSL cert installed on my server, and I'm using Cloudflare with Full SSL option and HSTS enabled, and "Always Use HTTPS" option is turned on.
-
Thanks for such a detailed reply!
It has helped me a ton with figure that out.
I'm just going to leave the redirect in place
-
tl:dr leave things as they are
This is one of those cases where the ever-changing web makes it hard for the automated tools to keep up, Ben. It's always been best practice to have both the www and non-www version of pages redirect to the canonical HTTPS version in a single hop.
But then the advent of HSTS threw a bit of a wrench into the works, specifically with respect to the HSTS Preload list created by Google and now used by other browsers as well. Just implementing HSTS isn't the main issue, but if you then submit the site for inclusion on the Preload list, the browser is going to care that the HTTPS redirect come first, then the redirect to the correct canonical (www or non-www) version happens after. This is because the Preload list basically commands the browser ahead of time "if you're not directed to the HTTPS connection first, refuse to connect at all".
Current best practice is to run your site under HTTPS with HSTS set for a short TTL for a period of time to insure all is working well. Then when you're sure all is performing as expected, you lengthen the TTL setting out to a year a more ( by adjusting the HSTS header settings), and request submission to the preload list.
The reason you want to do this in stages is that it's very hard to go backwards. Once a browser has received a long-TTL HSTS header or you're on the preload list, it can take a very long time (many months) to try to step back from the HTTPS settings if you encounter a problem, leaving your site full of errors & security warnings. (This can happen with sites that discover unfixable mixed content issues after migrating to HTTPS, for example, such as a real estate site finding out their property listing tools don't support HTTPS yet, a case that came up in another Q&A question just a short time ago)
Bottom line, if you're going to take the final sensible step in the process by getting added to the HSTS Preload list, you're going to want to leave the settings as is and not worry about the extra redirect. Unless there's a significant server issue, the extra redirect will only add milliseconds, and using HSTS and getting added to the preload list actually reduces the server calls by at least one, so will offset the redirect.
Whew! Sorry to be long-winded, but wanted to provide the background so you could understand the reason for the contradictions you are encountering.
Paul
P.S. As long you make sure all links under your control are using the proper canonical HTTPS URLs (especially internal site links - rewrite them in the database, don't make a plugin handle them), only a very small portion of visitors are ever likely to experience the extra redirect anyway.
-
Ah! Sorry about that - I'm not familiar with the best practices with regards to redirects. If you believe that everything is ok, you always have the option to ignore the issue.
Alternatively, perhaps one of our SEO / Web experts on our forum could provide some more specific feedback (more than I can, in any case! ) with regards to this issue.
Let me know if you have any other questions!
Eli
-
Hi Eli,
Thanks for the help.
I'm ok with understanding about how redirection works, and I understand what the suggestion is telling me to do, I'm just unsure about to fix the problem.
Also after researching it seems that redirecting from non secure (http://example.com) to a secure URL (htts://example.com) and then to the www version (https://www.example.com) is standard practice, so it's seems strange that I am told this is an issue. See here: https://really-simple-ssl.com/knowledge-base/avoid-landing-page-redirects
Thanks,
Ben -
Hey!
Thanks for reaching out to us!
Let's say you had three URLs - URL A, B and C. URL A redirects to URL B, which redirects again to URL C. You'd want to remove the redirects for URL B in the middle, so that URL redirects straight to URL C.
For example, you'd want to have http://elementpaints.com redirect directly to https://www.elementpaints.com, likely via a 301 permanent redirect, without including https://elementpIaints.com in the middle.
This minimises moving parts and would fix that redirect chain.
Unfortunately I am not a web developer so I would recommend checking with your website administrator that this is the best move in your case, each site is slightly different and I definitely don't want to point you down the wrong track.
Have a great day!
Eli
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Unsolved Is there anyway to cancel moz local?
Is there anyway to cancel moz local? I can not figure it out. I've tried for hours now.
Getting Started | | SouthBayWebs0 -
Canonical url does not seem to be recognised by Moz
Hey guys, forgive me... brand new user of Moz. Moz is telling me I have duplicate url's - a lot of them. Investigating I see that it is classing http://creativedigital.co.nz/artprints/lake-tekapo-church-of-the-good-shepherd?tag=lake as a duplicate of http://creativedigital.co.nz/artprints/lake-tekapo-church-of-the-good-shepherd even though there is a canonical tag in head as follows I'm not quite sure what I am doing wrong. Any advice would really be appreciated 🙂 Mike
Getting Started | | creative.digital0 -
Correct Moz Settings for Tracked Keywords Summary
Hi,For some reason, on my tracked keywords summary page, the URL shown to the right of each keyword appears to default to my homepage and not the page I want that keyword to rank on. How do I resolve this? I've tried looking around but can't see how to change it so that the correct URL is shown against the correct keyword. Many thanks! Bob
Getting Started | | SushiUK0 -
Moz Analytics Campaign Landing Pages Update
Moz, Any ideas why i am not seeing my landing pages information in my analytics campaign yet ?, It has been a couple of days, i have reconnected my analytics, i have built up the keyword list a little more, But i only get page data from clicking 'Include pages with no tracked keywords' but still no keyword data, Am i miss understanding how this tool works or is there something else i need to setup ? Thanks James
Getting Started | | Antony_Towle1 -
Moz Analytics - Custom Report Question
Hello Moz Forums! I'm having problems building custom reports for my clients. So, i've managed to put together a few reports and I've set these to be scheduled for weekly automated emailing! Now, here's the problem, before sending it to my clients, I was testing this by sending it to myself. This is what I receive: http://www.freelance-seo.co.uk/images/Moz.png I don't really want my clients to see 'By Moz!' everywhere when I send this out, is there a way to change this automated mail? Or a way to just just send the PDF without a link? Alternatively, have I just failed in using this product? Edit: Just to clarify! The 'simply change your report settings' option, just takes me to an option to edit the report title, not the email in any way.
Getting Started | | Paul_Tovey0 -
Is there a difference between Moz Pro and Moz Analytics?
I thought that Moz Analytics was now included with Moz Pro. Is this true? I have Moz Pro and I was using the beta version of Moz Analytics back in October. When I log into Moz Analytics, the latest data stops at October 27th and there is no data after that. Is that an indication of when my trial period ended? I have the basic Moz Pro, does that include Analytics portion? Thanks!
Getting Started | | Symmetri0
