How to Troubleshoot Http to Https Redirects
Making certain that you redirect Http:// to Https:// correctly is very important.
Because you want Google to correctly understand that there is exactly one official version of your content.
If you have SSL set up so that you can go to your site using Https:// (meaning that your site is secure and communication is encrypted) then it’s in your best interest (and your visitor's interest) that all traffic with your pages is secure.
To do that you have to make certain that the Http:// version of your pages are redirecting permanently to your Https:// version of your pages.
Notice that I said “permanently” above.
With the HTTP protocol, there are various status codes, without getting into all the technical BS, just understand that there are multiple ways to redirect.
Some are considered temporary – You might use that to redirect to a temporary page while you are fixing some stuff on your permanent page, for example.
A permanent redirect tells Google and everyone else that the page that was there has been moved forever to a new place.
This is called a 301 redirect because the status code that the server sends back is the code 301.
Do I Have a Problem with My Redirects from Http:// to Https://?
Let’s find out!
Go to this site: http://redirectcheck.com
Enter your URL, I’m going to use my own as an example.
I know, it’s too long, that was a mistake because, well, I’m no more perfect than you are.
I don't want to change it now because it's indexed, otherwise I'd have to redirect that page I denoted above to another page with a different URL, and I just don't feel like doing that.
Getting back to the point, I used Http at the front of the URL so that the tool is going to attempt to go to my NON-secure (Http) version of that URL.
Here are the results:
Notice the "HTTP/1.1 301 Moved Permanently" followed by the exact same URL but with the Https:// instead of the Http:// at the front.
The server side redirect Http:// to Https:// was successful.
Now let’s look at another site that I think may have a problem as I write this.
Let’s look at
Here are the results:
Notice that it shows no redirect, and instead shows that the status is simply HTTP/1.1 200 OK.
That tells me that there is no server-side redirect occurring even though I know that this domain has a secure socket layer (SSL) installed.
So, if this is my site, or rather, my URL I know I have some more work to do.
Another Strategy that CAN Indicate a Problem is to Use Google
Using the sample domain from above, you can do a “site search” in Google to see what’s coming up in the results.
Go to Google and enter: site:holistichealthhacks.net
As of this writing what I see is:
Notice that throughout the results (I’ve put a red box around two examples) there is a combination of both Https:// and Http:// (indicated by nothing to the left of the domain).
This can indicate a problem, though it should not be the only test you use because sometimes Google takes a while to reflect new realities.
You can tell for certain by clicking on each link and making sure that it is showing the word “Secure” in the address bar (in Chrome).
The example on the right is what you want.
If you click on the Https:// version of a link, you likely will get what is pictured above on the right.
If you click on the Http:// (non-secure) you’ll get what is pictured above on the left.
Unless things are set up right, in which case you should get the right-hand picture.
But there’s one more hurdle you have to get through to make sure you’re looking at reality in your Chrome browser.
But When I Go To My Site it Always Shows the Https:// Version!
This could be that things are working right, or it could be a “feature” of the Chrome web browser.
Chrome has taken it upon itself to make sure it always does a redirect for you (and only you – not your visitors) if it’s aware of an Https:// version of your site.
Check out Google Chrome Redirect Http to Https - HSTS to find how to stop Google Chrome from automatically redirecting on your computer for a single domain (yours).
You Can Use this Opportunity to Test Your Google Webmaster Tools Console
Another thing that you want to make certain is that your Google Webmaster Tools Console is set up correctly.
It is generally advised that you want to have all the versions of the primary domain combinations set up in your console.
In the example I used above, you would want to make certain that the following were all registered with Google Webmaster Tools.
To do this use the instructions from Google.
In my opinion, even though Google says to register both www versions of your domain and non-www versions of your domain, I typically just make sure that www always redirects to the non-www (or the reverse if you prefer the www version of your site) on my server.
However, Google themselves are telling you what they recommend - so you do what feels right.
Once you’ve gone through this process, make certain you choose your preferred domain in Google Webmaster Tools Console.
That tells Google which domain version is the authoritative version of your domain.
It also means that Google will redirect you if, for some reason, the other versions end up in its index.
Let’s bring this back to the topic at hand.
In the case of our sample domain, it seems like this would be the preferred domain: https://holistichealthhacks.net
Notice that it is the Https:// version without the www sub-domain.
How to Fix the Problem When Your Site Doesn’t Redirect from Http:// to Https://
If you have access to your .htaccess file and know what you are doing you can fix it yourself.
However, if you do not know what you are doing you should consider calling your hosting provider and asking them for help, even if it costs you some cash.
It’s that important!
The following examples are using our example domain from above (holistichealthhacks.net).
In order to fix it yourself in your .htaccess file you need to make sure the following lines are in place:
If you wanted to only force a specific domain then you’d use something like:
What this is telling the server to do is to take any requests for http://holistichealthhacks.com and redirect them to https://holistichealthhacks.com.
Notice I linked one of those and did NOT link the other (the non-secure). That's because I don't want to add to her problems, always try to link to Https external links when available.
Chances are you already have a .htaccess file and some of those lines are already in there, the above is only an example and you should only add the lines that are missing.
Again, do not do this if you are not sure of what you are doing!
A mistake here can cause your entire site to go offline!
I Hope this has Helped You Overcome Your Redirect Http:// to Https:// Issue
Redirection issues can be a pain, but it’s a necessary pain because doing it right means that you only have one piece of authoritative content.
It helps so that all your links credit one page, and only one page.
It also helps to ensure that Google doesn’t get confused by thinking you have duplicate content.
Be Fearless, and Engage!
Let me know if you have any questions regarding when you redirect Http:// to Https://.
What challenges have you had around redirecting requests to your pages?