Google: You Should Redirect HTTP Even With HSTS Configured

Jul 19, 2018 - 7:36 am 4 by

Green Tech Google 1900px

Google's John Mueller said this morning on Reddit that even if you have HSTS (HTTP Strict Transport Security) which kind of by default forces a domain to go from HTTP to HTTPS, that you should still set up the 301 redirects from HTTP to HTTPS as well.

John said "Yes, always redirect if you can." He added:

HSTS is great to add on top of redirecting & HTTPS, but I'd recommend not doing that if you're just moving the site over for the first time. It's hard to roll back & fix issues, and you really need time to make sure that you have everything set up properly first. Take your time to get HTTPS right first, then think about the implications of HSTS.

So when migrating to HTTPS, first do redirects and then after a few months or so when everything is set you can set up HSTS, but no need to remove the redirects you set in place already.

Back in 2015, we reported that Google treats HSTS as a redirect of some sorts. But Google has warned folks about taking it slow with HSTS configurations in the past.

Hat tip to:

Forum discussion at Reddit.

 

Popular Categories

The Pulse of the search community

Search Video Recaps

 
- YouTube
Video Details More Videos Subscribe to Videos

Most Recent Articles

Search Forum Recap

Daily Search Forum Recap: December 17, 2024

Dec 17, 2024 - 10:00 am
Google Search Engine Optimization

Google Site Reputation Abuse: Treating Some Sites Within A Site

Dec 17, 2024 - 7:51 am
Google Search Engine Optimization

Google: Disavowing Toxic Links Is A Billable Waste Of Time

Dec 17, 2024 - 7:41 am
Google Search Engine Optimization

Google Adds Faceted Navigation To Help Documentation

Dec 17, 2024 - 7:31 am
Google Ads

New Google Merchant Center Promotion For First Order Discount

Dec 17, 2024 - 7:21 am
Other Search Engines

OpenAI Opens ChatGPT Search To All Logged In Users

Dec 17, 2024 - 7:11 am
Previous Story: Google Tests New Location Tab & Scores For Hotel Listings