[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[users@httpd] HSTS and double redirect

Hello Users, I was testing my website here https://hstspreload.org and I received this error:

Error: HTTP redirects to www first

http://example (HTTP) should immediately redirect to https://example (HTTPS) before adding the www subdomain. Right now, the first redirect is to https://www.example. The extra redirect is required to ensure that any browser which supports HSTS will record the HSTS entry for the top level domain, not just the subdomain.

As far as I can understand, the redirect, to be valid, should be done this way:

  1. http://example (this is what the user enters in the address bar)
  2. https://example (first redirect, to HTTPS)
  3. https://www.example (second redirect, to subdomain www)

At the moment, this is my htaccess code causing the redirect (the htaccess is the ONLY thing I can edit because I'm in a very restrictive shared hosting environment):

RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]

Is it possible to insert another redirect here? Is it advisable? How could I do?

Thanks anybody