Tag: HTTP Status Codes

Redirect to https using URL Rewrite

There's always been reasons for pages to be served using https rather than http, such as login pages, payment screens etc. Now more than ever it's become advisable to have entire sites running in https. Server speeds have increased to a level where the extra processing involved in encrypting page content is less of a concern, and Google now also gives a boost to a pages page ranking in Google (not necessarily significant, but every little helps).

If all your pages work in https and http you'll also need to make sure one does a redirect to the other, otherwise rather than getting the tiny page rank boost from Google, you'll be suffering from having duplicate pages on your site.

Redirecting to https with URL Rewrite

To set up a rule to redirect all pages from is relatively simple, just add the following to your IIS URL Rewrite rules.

<rule name="Redirect to HTTPS" stopProcessing="true">
<conditions>
  <add input="{HTTPS}" pattern="^OFF$" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" appendQueryString="false" />
</rule>

The conditions will ensure any page not on https will be caught and the redirect will do a 301 to the same page but on https.

301 Moved Permanently or 303 See Other

I've seen some posts/examples and discussions surrounding if the redirect type should be a 301 or a 303 when you redirect to https.

Personally I would choose 301 Moved Permanently as you want search engines etc to all update and point to the new url. You've decided that your url from now on should be https, it's not a temporary redirection and you want any link ranking to be transfered to the new url.

Excluding some URL's

There's every chance you don't actually want every url to redirect to https. You may have a specific folder that can be accessed on either for compatibility with some other "thing". This can be accomplished by adding a match rule that is negated. e.g.

<rule name="Redirect to HTTPS" stopProcessing="true">
<match url="images" negate="true" />
<conditions>
  <add input="{HTTPS}" pattern="^OFF$" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" appendQueryString="false" />
</rule>

In this example any url with the word images in would be excluded from the rewrite rule.

Creating a custom 404 Page in Sitecore

Nobody wants to see the standard Sitecore 404 page. Thankfully it's really easy to change the error pages a user is redirected to through some config settings.

Your error pages can be pages in Sitecore or static HTML files. For 404 pages I would normally use a Sitecore page, that way content authors can still manage its content. For an Error Page I would recommend a static html file to avoid issues with the Error page potentially error-ing.

Add these to a patch file and update the urls accordingly:

<configuration xmlns:patch="http://www.sitecore.net/xmlconfig/">
<sitecore>
  <settings>
    <!--  ITEM NOT FOUND HANDLER
          Url of page handling 'Item not found' errors
    -->
    <setting name="ItemNotFoundUrl">
      <patch:attribute name="value">/ErrorPages/404.html</patch:attribute>
    </setting>
    <!--  LINK ITEM NOT FOUND HANDLER
          Url of page handling 'Link item not found' errors
    -->
    <setting name="LinkItemNotFoundUrl">
      <patch:attribute name="value">/ErrorPages/404.html</patch:attribute>
    </setting>
    <!--  LAYOUT NOT FOUND HANDLER
          Url of page handling 'Layout not found' errors
    -->
    <setting name="LayoutNotFoundUrl">
      <patch:attribute name="value">/ErrorPages/404.html</patch:attribute>
    </setting>
    <!--  ERROR HANDLER
          Url of page handling generic errors
    -->
     <setting name="ErrorPage">
      <patch:attribute name="value">/ErrorPages/Error.html</patch:attribute>
    </setting>
  </settings>
</sitecore>
</configuration>

These settings are already defined in the web.config file and changing them here will have the same effect, but I recommend adding patch config files as it will make your solution easier to update in the future.