48
votes
Accepted
What happens if you don't set cache-control header?
If there is no Cache-Control header and no Expires header, but there is a Last-Modified header (which most web servers send by default for static assets), most browsers will use heuristic freshness to ...
- 4,524
34
votes
What is the need of methods like GET and POST in the HTTP protocol?
Please note the question has changed/been clarified since this answer was first written. A further response to the latest iteration of the question is after the second horizontal rule
What is the ...
- 521
24
votes
Accepted
HTTP Status Code: Respond with 101 or 301?
The correct status code to use here is without a doubt 301 Moved Permanently.
101 Switching Protocols is an internal status code that a server generally uses to automatically negotiate certain types ...
- 16.5k
14
votes
prefer (don't force) https but allow http on Linux (html, or wordpress)
I'm not usually the one to advocate for designing a site with quirks for specific browsers, but in this niche case I think it might be helpful to figure out which specific browsers these stragglers ...
- 16.5k
13
votes
What is the need of methods like GET and POST in the HTTP protocol?
HTTP can be thought of as one specific case of generic principles of Remote Procedure Call: you tell the server what you want with some variable field in the request, the server responds accordingly. ...
- 266
12
votes
How to avoid SSL warnings about certificate not for the current site when redirecting alternate domains?
Cloudflare is a free solution for redirecting your alternate domains with HTTPS support. Here are detailed instructions for setting it up:
Visit Cloudflare
Create an account and verify your email ...
- 99.9k
12
votes
HTTP Status Code: Respond with 101 or 301?
No - 101 Switching Protocols is not appropriate for redirecting to HTTPS, as this status indicates that the current connection should be upgraded to the new protocol, whereas a redirect instructs the ...
- 221
8
votes
Accepted
Forwarding a GoDaddy domain, but HTTPS requests are not forwarding
Godaddy's forwarding services have problems and shouldn't be used:
GoDaddy's 301 redirect/forwarding has some weird random middleman URL, kills link juice?
They don't support HTTPS
One way to solve ...
- 99.9k
7
votes
What is the need of methods like GET and POST in the HTTP protocol?
From my personal point-of-view as a developer, it can make creating API endpoints much easier. For instance if I write a controller that manages products on a website I can use the same URL to do ...
6
votes
Accepted
Is a PHP POST using cURL from HTTPS site to HTTP endpoint encrypted securely?
Short answer: no, it is not encrypted.
The only thing that matters is the URL you are using to send content, what happened before is irrelevant.
If you are sending your content to an HTTP URL then ...
- 8,620
6
votes
Accepted
HTTP webpage is showing "Not Secure" in Chrome
This is a move to make the web more secure. Additionally, it protects all visitors to your site. The long-term solution is to implement SSL on your website(s), as all websites will eventually need to ...
- 1,254
6
votes
What is the need of methods like GET and POST in the HTTP protocol?
What is the need of methods like GET and POST in the HTTP protocol?
It seems that you forgot the old days when HTTP servers were there just to serve files; not running script, CGI, or making dynamic ...
6
votes
Accepted
What headers used in request by google bot?
if ($_SERVER['HTTP_CACHE_CONTROL'] == 'no-cache') {
Also bear in mind that the Cache-Control HTTP request header (as with most request headers) are entirely optional, so may not be present as part of ...
- 43.3k
6
votes
Accepted
What browser is Mozilla/5.0 (Linux; Android 10; SM-A202F) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.120 Mobile Safari/537.36?
Below is the syntax for the User Agent header:
User-Agent: Mozilla/5.0 (<system-information>) <platform> (<platform-details>) <extensions>
In your case we have.
Mozilla/5.0 (...
- 6,670
5
votes
Proper status code for language redirection (301, 302, … 307)?
For users either a 302 or 307 redirect is fine. The only practical difference between those and a 301 redirect is caching. Browsers cache a 301 redirect. If the user changes their browser language ...
- 99.9k
5
votes
Accepted
HTTP2 is enabled and working, but PHP $_SERVER['SERVER_PROTOCOL'] still says "HTTP/1.1"
This has to do with how Cloudflare connects to servers. Although it does serve the client via HTTP2 (or HTTP3), it still connects to the server itself via HTTP1.1.
Cloudflare only uses HTTP/1.x ...
- 545
5
votes
Accepted
Redirecting bare domain to www doesn't when specifying http/https scheme
Namecheap does not offer HTTPS for redirects. It would be better to implement the redirect at your hosting company so that they can do HTTPS for the redirect. This page has instructions about half ...
- 99.9k
5
votes
Can a use a masked redirect from an alternate domain using the HTTPS of the main domain?
No. Not the way you describe it. Masking is marketing speak for embedding a site within another site (using an iframe), and its a questionable practice at best. The takeaway point is that the http ...
- 8,579
4
votes
Accepted
How to redirect example.com to http://example.com?
Google Chrome (and possibly other browsers) hide the http:// part in the browser address bar, but it is there. If your site is accessible on example.com then you are accessing it at http://example.com/...
- 4,524
4
votes
How does browser know which HTTP method like GET,POST etc to use?
In short, context.
Type a keyword that isn't a URL into the browser's search bar? Send a GET request to the default search engine with that keyword.
Type a URL into the browser's search bar? Send a ...
- 141
4
votes
Is there any way to remove mixed content warning from my blogger website after adding affiliate banners?
As browsers are more and more frowning upon such cases the only real solution is to make sure that all the content is served over HTTPS (more precisely: if the page is served over HTTPS then ...
- 8,620
4
votes
Force HTTP to HTTPS except one page accessed via HTTP
I agree with Stephen's comment: HTTPS will not break the QR code itself.
There might be some hosting reasons to keep your QR-encoded URL untouched. I guess you may want to avoid any HTTPS issue (old ...
- 616
4
votes
Accepted
"Insufficient HTTPS Coverage" in Google Search Console... for pages that are being redirected to HTTPS
This message means that Google doesn't have enough "field data" collected from users of your website to give you page experience information.
On Twitter Google's John Mueller says that this ...
- 99.9k
4
votes
Accepted
Would text references to unsafe (http) urls negatively affect SEO?
An HTTP anchor itself is not "unsafe content". And Google will not penalise you for this, as the following article states, quoting Google's John Mueller (24-Feb-2020):
Q: Can it be ...
- 43.3k
4
votes
prefer (don't force) https but allow http on Linux (html, or wordpress)
I agree with @MaximillianLaumeister answer - this answer just fleshes out some nuances and expands on his answer.
From the traffic I see, stuff talking on port 80 on my server is bot traffic - ...
- 8,579
4
votes
The Internet Archive's Wayback Machine thinks all my Web site's pages are unreachable: why?
I'm not sure, but may be it's because the Internet Archive is trying to access your site with https. I've tried another http site, and it has been transformed to https. And as your site is not ...
- 41
3
votes
Accepted
When redirecting HTTP to HTTPS, which URLs should be in the sitemaps?
Google says that your sitemap should only contain the version of the URLs you want indexed. So you should take all your redirecting HTTP URLs out of your sitemap and replace them with your canonical ...
- 99.9k
3
votes
Nginx fails to start HTTP/2 server due to error: unknown log format
The main reason for the failure was that I had explicitly commented out log_format main.
Configuring Access Logs in Nginx
Under Nginx, all client requests to the server are recorded in the access log ...
- 331
3
votes
Accepted
Site works ok on HTTP, not on HTTPS
The problem that you have is because you have not abled AllowOverride All within the SSL virtual host which allows the use of .htaccess which I suspect contains the URL rewrite rules and conditions.
...
- 33.1k
3
votes
What is the need of methods like GET and POST in the HTTP protocol?
It is true in theory we could use get all over the place and it would sort of work. Some software even use GET with request body(I'm looking at you elasticsearch/kibana). This of course is a horrible ...
Only top scored, non community-wiki answers of a minimum length are eligible