301 and 302 redirections (server-type redirections) are preferable for SEO. These are redirections visible to users, not hidden. This means visitors will see the URL change in their browser.
This differs from frame redirection, which is hidden and not visible to visitors. This means visitors will see the exact URL they entered in their browser, while they are actually on a different page. Moreover, as its name suggests, Frame Redirection does not redirect to a specific web page but displays a frame of it.
Definitions:
• 301 Redirection: A 301 redirection is a permanent redirection. If you move a page on your site permanently and definitively, you must use a 301 redirection. Search engines interpret this redirection correctly and automatically update their index by replacing the old URL with the new one. This is perfect for the SEO of your site and pages. It is a redirection visible to visitors who will therefore see the URL change in their browser.
• 302 Redirection: A 302 redirection is a temporary redirection. If temporarily a page, directory, or even a website is inaccessible (for maintenance, for example), it may be useful and interesting to temporarily set a 302 redirection to another page (or another site) until the issue is resolved or maintenance is complete. In this case, you should always use a 302 type redirection. It is a redirection visible to visitors who will therefore see the URL change in their browser.
• Frame Redirection or Frame: Frame Redirection is a hidden redirection, not visible to visitors, unlike the two previous types. This means your visitors will see the exact URL they entered in their browser while in reality they are visiting another URL; the address bar continues to display the initially entered address, not redirected. Moreover, as its name indicates, Frame Redirection does not redirect to a specific web page but displays a frame of it. It is important to note that this type of redirection does not allow proper SEO of your site. The same content being found on two distinct URLs constitutes duplicate content. Search engines will then choose one URL over another, without you being able to choose, which may not be your preference for your site's SEO.
Search engines interpret the 301 redirection correctly and automatically update their index by replacing the old URL with the new one. That said, it may take several weeks before this is taken into account.
Search engines do not all interpret 302 redirection in the same way. Generally, they do not remove the redirected page from their index; however, they associate the characteristics of the original page with the target page. This can have unfortunate consequences since a malicious webmaster can set up a 302 redirection on their site to a popular page, wait for search engines to consider that the two URLs correspond to the same page, then remove the redirection to set up a standard page, sometimes benefiting from the PageRank and backlinks (incoming links) of the "hijacked" page.
This "page hijacking" problem is well known by SEO experts and search engines. Since summer 2005, Yahoo has used a workaround by considering that a 302 redirection between two pages of different domains must be interpreted as a 301 redirection (which removes all interest for hijackers).
Many webmasters use 302 redirections thinking they are doing the right thing, while they should use a 301 redirection. This is the case, for example, with many directories, which instead of making "hard" links to listed sites (a hard link is a classic link and not a redirection), make 302 redirections. There are sometimes confusions on some search engines between the redirection page on the directory and that of the listed site (in search results, the URL of the directory site can replace that of the listed site).
(Source: webrankinfo.com)
Configuration on the BrandShelter Portal via DNS
You can easily set up these 3 types of redirections on your SafeBrands Client Portal from your domain's DNS configuration (Domains tab > Portfolio > relevant domain > DNS).
Click on "New resource record" > Select the record type "Web redirection" > then choose the desired redirection type "301 permanent", "302 temporary", or "Frame".
More information: Configure a URL web redirect
On a hosting server
You can use this article to configure your 301 redirects on your hosting server, but we encourage you to contact your hosting provider if needed.
Configure a 301 Redirection via PHP (index.php)
To configure a 301 redirection to another URL via an index.php file, you must have a hosting server and follow this procedure. This article explains how to create a 301 web redirection (permanent redirection) from one URL to another URL.
The redirection to another URL is done very simply by using a server instruction (or PHP directive) to insert into an index.php file. This procedure is done in 2 steps:
Create the index.php file
Add the PHP redirection instructions
Below you will find all the detailed explanations for creating a permanent 301 redirection via an index.php file. This procedure can only be applied on a hosting server.
1. Create the index.php file:
The server instruction (more commonly called directive) allows you to define the web redirection you want, via an index.php file.
Create an index.php file (if it does not already exist) in the "httpdocs" folder of your file manager on your web hosting, then proceed to step 2.
NB: if an index.html file already exists, simply delete it, or rename it for example to index.html.old if you want to keep it.
2. Implement / enter the instructions for the redirection in PHP:
You must click on the index.php file you just created at step 1 in the "httpdocs" directory of the domain for which you want to define the redirection.
This opens the code editor.
Delete any predefined code elements, and enter your lines based on the following example models, replacing the example URL ("https://www.exemple.net/repertoire/page.php" or "https://domaine.com") with the URL of your choice (http://example.com):
Example 1:
<?php
header("Status: 301 Moved Permanently", false, 301);
header("Location: https://www.exemple.net/repertoire/page.php");
exit();
?>
Example 2:
<?
header ("HTTP/1.1 301 Moved Permanently");
header ("Location: https://domaine.com");
header ("Connection: close");
?>
Example 3:
<?php
header ("Status: 301 Moved Permanently", false, 301);
header ("Location: https://domaine.com");
exit();
?>
That’s it, the redirection is complete!
Configure a 301 Redirection via .htaccess
The .htaccess files provide a method to modify the server configuration at the directory level.
To configure a 301 redirection to another URL via a .htaccess file, you must have a hosting server and follow this procedure. This article explains how to create a 301 web redirection (permanent redirection) from one URL to another URL.
The redirection to another URL is done very simply by using a server instruction (or Apache directive) to insert into a .htaccess file. This procedure is done in 2 steps:
Create the .htaccess file
Implement the .htaccess file
Below you will find all the detailed explanations for creating a permanent 301 redirection via a .htaccess file. This procedure can only be applied on a hosting server.
1. Create the .htaccess file:
The server instruction (more commonly called directive) Apache Redirect allows you to define the web redirection you want, via a .htaccess file.
Create a .htaccess file (if it does not already exist) at the root directory of your hosting account, then enter the following:
Step 1
Open a text editor (such as Notepad, TextEdit, GNU nano, etc.).
Step 2
Copy the code below into the text editor (or use the text editor to edit the file directly in your Plesk or cPanel hosting space):
Redirect 301 / https://www.domain.com/Note: https://www.domain.com/ should be replaced by your target (sub)domain. For example: https://domain.com or https://example.domain.com
Another possibility / example:
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Note: {HTTP_HOST} should be replaced by your target (sub)domain. For example: domain.com or example.domain.com
This is an example of code for the server instruction (Apache directive) to implement in your .htaccess file, but you can of course edit it or use code of your choice, depending on your specific needs.
Step 3
Save the file and name it: ".htaccess".
NB: On Windows, the Notepad application may not allow you to use the name .htaccess. In this case, save it under another name and rename it using the file explorer.
2. Implement the .htaccess file:
You must put the .htaccess file created in the directory where you want to define the redirection. To redirect your domain and all associated URLs, add the .htaccess file to the root of your site.
Transfer your files using an FTP client (FileZilla, WinSCP...).
Or use the Plesk or cPanel File Manager.
You can also define and modify an access control password for directories of the hosting using the .htaccess file.
Use a .htpasswd file to set up a username and password (see below the section Protect a directory with a password for more info).
NB: If a .htaccess file already exists in the root directory of your hosting space, retrieve it and add the desired code to the content of the existing file.
Learn more about the .htaccess file and its management - Apache HTTP Server Tutorial: .htaccess files: https://httpd.apache.org/docs/2.4/fr/howto/htaccess.html
Best Practice for 301 Web Redirection: Redirect HTTP to HTTPS
Here is what you want to do:
http://domain.tld/ → https://domain.tld/
http://www.domain.tld/ → https://domain.tld/
https://www.domain.tld/ → https://domain.tld/
Use the code below:
RewriteEngine on
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www\. [NC]
RewriteRule ^ https://domain.tld/%{REQUEST_URI} [R=301,L,NE]
or another possibility:
RewriteEngine on
RewriteCond %{HTTPS} !=on
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
The condition %{HTTPS} !=on means "the URL is requested without the HTTPS protocol". You can also test RewriteCond %{HTTPS} off as in the first example.
Note: On some servers/hosts, this variable does not work. You then have to use the port number, knowing that HTTP is on port 80 and HTTPS is on port 443.
You can then try to use the following codes:
RewriteEngine on
RewriteCond %{SERVER_PORT} 80
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
RewriteEngine on
RewriteCond %{REQUEST_SCHEME} =http
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
In summary, with this domain example.com, to redirect:
http://example.com to https://example.com
AND http://www.example.com to https://example.com
AND https://www.example.com to https://example.com
The following code:
RewriteEngine On
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www\. [NC]
RewriteRule ^ https://example.com%{REQUEST_URI} [R=301,L,NE]
Redirect Visitors from One Website to Another (URL a to URL b)
To go further than the previous redirection, you can redirect visitors coming from URL a to another URL b.
Here is the code to use:
#Redirect visitors from one URL to another URL
RewriteEngine on
RewriteCond %{HTTP_REFERER} sitesource\.com/
RewriteRule ^(.*)$ http://www.sitedestination.com [R=301,L]
or
#Redirect to another website without reference to HTTP and the original site (301 HTTP > HTTPS redirections already in place elsewhere)
RewriteEngine on
RewriteRule ^ https://sitedestination.com%{REQUEST_URI} [R=301,L,NE]
Replace the source site and the destination site with those of your choice.
The final NE flag is necessary to pass elements such as GET parameters and similar to the new URI which remains unchanged.
For more details: http://httpd.apache.org/docs/2.4/rewrite/flags.html
Protect a Directory with a Password
This is one of the most useful applications of the .htaccess file as it allows you to securely define (using a login and password) access rights to files for certain users. The syntax is as follows:
AuthUserFile {location of the password file}
AuthGroupFile {location of the group file}
AuthName "Protected Access"
AuthType Basic
Require valid-user
The command AuthUserFile allows you to define the location of the file containing the usernames and passwords of users authorised to access a given resource.
The command AuthGroupFile allows you to define the location of the file containing the user groups authorised to authenticate. It is possible to override this declaration by declaring the following file: /dev/null.
Here is an example of a .htaccess file:
ErrorDocument 403 https://developers.google.com/open-source/gci/help/403
AuthUserFile /directory/of/your/file/.PasswordFile
AuthGroupFile /dev/null
AuthName "Secure access to the CCM site"
AuthType Basic
Require valid-user
The password file is a text file that must contain on each of its lines the name of each user followed by a colon (:), then the encrypted password (recommended solution) or in clear text (not recommended).
Here is an example of an unencrypted password file (here .PasswordFile)
Hercule_user1:Tata503
Robert_user2:Thor(38)
Charles_user3:Joe_le-Taxi]
Here is the same file containing encrypted passwords:
Hercule_user1:$apr1$Si0.....$teyL5Y7BR4cHj0sX309Jj0
Robert_user2:$apr1$TD1.....$sfPTHjoufoNsda4HsD1oL0
Charles_user3:$apr1$zF1.....$wYKqRu2aVYlAEQnxVkly8.
.PasswordFile is a simple text file containing user names followed by a colon and then the encrypted (or not) password of that user. This password file should not be placed in a web-accessible directory (but how else to do it if you do not have your own web server and your site is hosted by a third party?). Furthermore, precautions should be taken to mix uppercase, lowercase, numbers and symbols in the file name.
Encrypt Passwords
Apache provides a tool to easily generate encrypted passwords (both on Windows and Unix), it is the htpasswd utility accessible in the Apache bin subdirectory.
The syntax of this utility is as follows:
• To create a new password file:
htpasswd -c {path to password file} user
• To add a new user/password to an existing file:
htpasswd {path to password file} userThe password will be requested on the command line with confirmation.
Here is an example:
htpasswd -c /www/secure/.htpasswd Hercule_user1
This utility allows you to easily encrypt your passwords online: http://www.htaccesstools.com/htpasswd-generator/
Useful Links - More Information and Support:
• Generation tool (.htaccess Generator): https://www.htaccessredirect.net/
• Testing tool (.htaccess tester): https://htaccess.madewithlove.com/
• Stack Overflow / Best Practice: 301 Redirect HTTP to HTTPS (Standard Domain): https://stackoverflow.com/questions/29029049/best-practice-301-redirect-http-to-https-standard-domain
• Learn more about the .htaccess file and its management - Apache HTTP Server Tutorial: .htaccess files: https://httpd.apache.org/docs/current/fr/howto/htaccess.html
• Configure and Test your web redirections and HTTP(S) responses: https://www.redirection-web.net/redirection-301.php
• How to make a permanent 301 redirection via .htaccess? (with copyable examples): https://www.leptidigital.fr/webmarketing/seo/comment-faire-redirection-301-htaccess-exemples-13824/
• Google Search and URL redirections: https://developers.google.com/search/docs/crawling-indexing/301-redirects?hl=fr
• Malekal - Create an NGINX redirect: https://www.malekal.com/nginx-faire-une-redirection-301-302-http-vers-https-url/
If you want more details on all types of redirections and how to implement them, we invite you to consult the articles from Webrankinfo dedicated to this topic:
• Redirect Tutorial - The guide to redirections for SEO
• Different types of redirections
• HTTP - HTTPS Redirections