Redirect for SEO and Security



In this lesson, we'll redirect all traffic to a primary domain via HTTPS, which is a best practice for security and SEO. This means if you choose www.example.com as your primary domain, then if a visitor types in example.com into their browser (or any other domain you have connected to your site), they will end up on https://www.example.com.

Note

Make sure HTTPS has been successfully provisioned before adding any code (like the sample below) that will redirect traffic to HTTPS.

  1. Navigate to Code in the Dev tab of your Site Dashboard. Confirm your Connection Mode is set to SFTP.
  2. Click SFTP Connection Info to access the credentials for connecting to your preferred SFTP client.
  3. Click Open in your default SFTP client, and enter your User Dashboard password when prompted.

    If you run into issues, please refer to this documentation.

  4. Now open the code folder in your SFTP client, and download your site's settings.php (Drupal) or wp-config.php (WordPress) file.

  5. Edit your configuration file by adding the following snippet for the desired redirect (replace example.com):

    Add the following to wp-config.php (replace www.example.com):

    if (isset($_ENV['PANTHEON_ENVIRONMENT']) && php_sapi_name() != 'cli') {
      // Redirect to https://$primary_domain in the Live environment
      if ($_ENV['PANTHEON_ENVIRONMENT'] === 'live') {
        /** Replace www.example.com with your registered domain name */
        $primary_domain = 'www.example.com';
      }
      else {
        // Redirect to HTTPS on every Pantheon environment.
        $primary_domain = $_SERVER['HTTP_HOST'];
      }
    
      if ($_SERVER['HTTP_HOST'] != $primary_domain
          || !isset($_SERVER['HTTP_USER_AGENT_HTTPS'])
          || $_SERVER['HTTP_USER_AGENT_HTTPS'] != 'ON' ) {
    
        # Name transaction "redirect" in New Relic for improved reporting (optional)
        if (extension_loaded('newrelic')) {
          newrelic_name_transaction("redirect");
        }
    
        header('HTTP/1.0 301 Moved Permanently');
        header('Location: https://'. $primary_domain . $_SERVER['REQUEST_URI']);
        exit();
      }
    }

    Add the following to the end of your settings.php file (replace www.example.com):

    if (isset($_ENV['PANTHEON_ENVIRONMENT']) && php_sapi_name() != 'cli') {
      // Redirect to https://$primary_domain in the Live environment
      if ($_ENV['PANTHEON_ENVIRONMENT'] === 'live') {
        /** Replace www.example.com with your registered domain name */
        $primary_domain = 'www.example.com';
      }
      else {
        // Redirect to HTTPS on every Pantheon environment.
        $primary_domain = $_SERVER['HTTP_HOST'];
      }
    
      if ($_SERVER['HTTP_HOST'] != $primary_domain
          || !isset($_SERVER['HTTP_USER_AGENT_HTTPS'])
          || $_SERVER['HTTP_USER_AGENT_HTTPS'] != 'ON' ) {
    
        # Name transaction "redirect" in New Relic for improved reporting (optional)
        if (extension_loaded('newrelic')) {
          newrelic_name_transaction("redirect");
        }
    
        header('HTTP/1.0 301 Moved Permanently');
        header('Location: https://'. $primary_domain . $_SERVER['REQUEST_URI']);
        exit();
      }
      // Drupal 8 Trusted Host Settings
      if (is_array($settings)) {
        $settings['trusted_host_patterns'] = array('^'. preg_quote($primary_domain) .'$');
      }
    }

    Add the following to the end of your settings.php file (replace www.example.com):

    if (isset($_ENV['PANTHEON_ENVIRONMENT']) && php_sapi_name() != 'cli') {
      // Redirect to https://$primary_domain in the Live environment
      if ($_ENV['PANTHEON_ENVIRONMENT'] === 'live') {
        /** Replace www.example.com with your registered domain name */
        $primary_domain = 'www.example.com';
      }
      else {
        // Redirect to HTTPS on every Pantheon environment.
        $primary_domain = $_SERVER['HTTP_HOST'];
      }
    
      if ($_SERVER['HTTP_HOST'] != $primary_domain
          || !isset($_SERVER['HTTP_USER_AGENT_HTTPS'])
          || $_SERVER['HTTP_USER_AGENT_HTTPS'] != 'ON' ) {
    
        # Name transaction "redirect" in New Relic for improved reporting (optional)
        if (extension_loaded('newrelic')) {
          newrelic_name_transaction("redirect");
        }
    
        header('HTTP/1.0 301 Moved Permanently');
        header('Location: https://'. $primary_domain . $_SERVER['REQUEST_URI']);
        exit();
      }
    }

  6. Upload the configuration file to Pantheon using your SFTP client.

  7. Return to the Dev tab of your Pantheon Site Dashboard. The files you just changed will be highlighted in yellow.

  8. Add a commit message, then click Commit to add these files to your Dev environment.

  9. Deploy your changes to the Test environment and then up to the Live environment.

  10. Navigate to the Live environment and click Visit Live Site to test the redirect logic.

Ready to launch like the pros?

Now that you're redirecting requests to a single, primary domain, it's the perfect time to setup a availability monitoring service to watch over it like an automated hawk.

Send an HSTS Header for Increased Security

Install a plugin or module to prevent cookie hijacking and get an A+ rating from SSL Labs.

Setup Availability Monitoring

New Relic provides a free availability monitoring service that sends a request to designated URLs from configured locations at given intervals and alerts you via email when a response fails.