Categories
Web Development

301 redirect requests lacking subdomain and/or https with htaccess

Part of the reason I set up this blog was as a dumping ground of things I learn, so I don’t need to do research from scratch in the future. In line with that theme is something that came up while setting up this very blog.

The Problem

I had just set up WordPress, selected the “www” sub-domain as canonical, and had my SSL certificate set up to support requests over HTTPS. The next step, naturally, is to 301 redirect to the https:// version with the “www” subdomain, i.e. https://www.midnightravings.com/. For anyone wondering why this is important, for SEO purposes you want to pick one version of site, with or without the “www.” pre-fix and stick to it consistently. Whether to settle on one version or another is a subject of some debate, but I decided to use the “www” version. With that decision made, I wanted to set up my redirects. At the time I set this up, I was hosting my site with Bluehost (affiliate link). Depending on who your hosting provider is, they might provide a human-friendly interface for doing this. In my case I have the following requirements from my product manager (a.k.a. myself):

  1. Requests without https:// get redirected to https://
  2. Requests without any sub-domain get redirected to the “www.” version
  3. The request URI must be preserved so the user’s request for a given page with certain parameters in the URL don’t get lost, i.e. http://midnightravings.com/somepage?somearg=1 must go to https://www.midnightravings.com/somepage?somearg=1
  4. Avoid all unnecessary redirects

If you’re wondering why I wanted a solution that would redirect requests without any sub-domain to the “www.”-prefixed domain instead of simply checking if the request doesn’t start with “www.”, it’s because I didn’t want to have to revisit this if I end up setting up other sub-domains in the future, e.g. api.midnightravings.com.

The reason I want to avoid unnecessary redirects is because:

  1. They slow down the load time of your site
  2. You lose about 10% domain authority per redirect (SEO)

This might seem like a trivial job for a lot of people, but I don’t play with Apache much anymore and that’s the only web server supported by Bluehost. Out of curiosity I tried using Bluehost’s supplied cPanel, but that added rules to my .htaccess file that didn’t meet all of my requirements.

The Solution

In the end, what worked for me was appending the following block into the root .htaccess for my project:

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} ^midnightravings\.com$ [NC]
RewriteRule ^ https://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</IfModule>

The first condition covers the cases where both https:// and www. are missing. The second condition will cover the cases where only https:// was omitted.

Of course, if anyone else wants to use this, make sure to replace “midnightravings\.com” with your own domain.

If there’s a more elegant way of achieving the same thing, I’d love to hear it in the comments.