#1
  1. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2013
    Posts
    78
    Rep Power
    0

    301 and 404 code on same page


    Hi, not sure if this goes in here or in other section.
    I have a redirection onpage as I had duplicate indexing http and https on some pages.

    so the pages starts like this:
    PHP Code:
    <?php header('Content-type: text/html; charset=utf-8'); 
    if (
    $_SERVER['SERVER_PORT'] == 443)
            {
                    
    $host $_SERVER['HTTP_HOST'];
                    
    $request_uri $_SERVER['REQUEST_URI'];
                    
    $good_url "http://" $host $request_uri;

                    
    header"HTTP/1.1 301 Moved Permanently" );
                    
    header"Location: $good_url);
                    exit;
            }
    ?>
    This works perfect, however I have a section with dynamic pages, and google have them indexed and I should serve a 404 for those pages.
    So to do so I added after the mysql query to get the content of page:
    PHP Code:
    else {
        
    header("HTTP/1.0 404 Not Found");
        exit;

    However cant get it to work with both the 301 and 404.
    With only the 404
    I get as a response HTTP/1.0 404 Not Found =>
    however if I also have the 301 I get a 400 error code.

    Is it possible to have both?
    also is there a way to get my customized 404 page and not a white page?
  2. #2
  3. Did you steal it?
    Devshed Supreme Being (6500+ posts)

    Join Date
    Mar 2007
    Location
    Washington, USA
    Posts
    14,068
    Rep Power
    9398

    Moved from Apache


    Yeah, it's a PHP thing. Not a problem.


    Are you trying to 301 and 404 at the same time? I don't think so but I want to rule that out right now. (It's not possible.)

    Originally Posted by newtonperri
    however if I also have the 301 I get a 400 error code.
    404?

    The code is fairly cut-and-dry: everything HTTPS gets redirected and there's no way the script continues executing after (where the 404 could have "overwritten" the 301 set earlier).

    Are you sure the redirect isn't happening and that you're not seeing the 404 coming from the redirected page?


    And for the record, you can more easily do the https->http redirect with mod_rewrite. Automatically and for every page on your site (PHP or not).
  4. #3
  5. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2013
    Posts
    78
    Rep Power
    0
    Originally Posted by requinix
    Yeah, it's a PHP thing. Not a problem.


    Are you trying to 301 and 404 at the same time? I don't think so but I want to rule that out right now. (It's not possible.)

    And for the record, you can more easily do the https->http redirect with mod_rewrite. Automatically and for every page on your site (PHP or not).
    Thanks,
    Not sure I explained myself,
    I had duplicated indexing in google for http and https on many pages, as I did not have any redirecting for them.
    So to solve this I added a 301 on every page.
    There are many pages that should be https and many that should be http.
    And it is a lot easier to have on page than have a lot of 301s in htacess. The site is in 3 languages.

    What I am trying to do is to redirect to https if enter http port and viceversa, and if page does not exist (mysql query) sirve a 404 error to browser, and if possible give user my 404 page.
    Suppose its not possible.
  6. #4
  7. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    May 2006
    Posts
    40
    Rep Power
    9
    You can use htaccess to redirect all https to http and vice verser. you can use a htaccess redirect generator to do this, on the other way round, i will advice you use 301 redirects instead of 404 to redirects those pages.
  8. #5
  9. Did you steal it?
    Devshed Supreme Being (6500+ posts)

    Join Date
    Mar 2007
    Location
    Washington, USA
    Posts
    14,068
    Rep Power
    9398
    Don't worry, it's possible. I was just looking for clarification on how it's supposed to work and what you have so far.

    So it goes
    - If they're using http for an https page, redirect to https
    - If they're using https for an http page, redirect to http
    - If the page doesn't exist, serve a 404

    Then the code could look, structurally speaking, like
    PHP Code:
    <?php

    include "some file where you can put your common functions.php"// so they're not duplicated everywhere

    onlyAccessibleOver("http"); // or "https"

    /* then whatever you do to find the page information */
    if ($no_such_page) {
        
    noSuchPage();
    }

    // ...
    and
    PHP Code:
    // that common functions file

    function onlyAccessibleOver($how) {
        
    $current = (empty($_SERVER["HTTPS"]) || $_SERVER["HTTPS"] == "off" "http" "https");
        if (
    $how != $current) {
            
    header("HTTP/1.1 301 Moved Permanently");
            
    header("Location: {$how}://{$_SERVER["HTTP_HOST"]}{$_SERVER["REQUEST_URI"]}");
            exit;
        }
    }

    function 
    noSuchPage() {
        
    header("HTTP/1.1 404 Not Found");
        
    // whatever you have to do for a 404 page
        // (such as redirect, include() a 404 PHP script, or readfile() a static 404 page)
        
    exit;

    Re: redirecting with .htaccess
    If you can say fairly simply which pages are http and which are https, like "all pages are http except those under /account/ or /store/", then it's still easier to do the redirection with mod_rewrite. But if it really is difficult to say in a sentence or two, like you have a bunch of pages scattered everywhere with different requirements, then code would probably be easier to manage. Albeit quite repetitive.
  10. #6
  11. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2013
    Posts
    78
    Rep Power
    0
    Originally Posted by prince55l
    You can use htaccess to redirect all https to http and vice verser. you can use a htaccess redirect generator to do this, on the other way round, i will advice you use 301 redirects instead of 404 to redirects those pages.
    mm, good idea,
    I dont want all pages to be http or https, Im on a shared server and all https take resources as I heard, and I need https for some pages, about 60-70 pages, not sure.
    for seo purpose its not bad to redirect all deleted pages to homepage?
    So then its possible to have 2 redirects on the page?
    one for http and one if no result from database redirect to homepage?
    on httaccess there will be so many 301s, and adding others I already have.
    To use htaccess I would have to reorganize and move all those pages to folders so I prefer onpage.
    thanks
  12. #7
  13. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2013
    Posts
    78
    Rep Power
    0
    Originally Posted by requinix
    Don't worry, it's possible. I was just looking for clarification on how it's supposed to work and what you have so far.

    So it goes
    - If they're using http for an https page, redirect to https
    - If they're using https for an http page, redirect to http
    - If the page doesn't exist, serve a 404
    Thanks a lot, will try it tomorrow as it is nearly midnight here in spain, the food and wine......
    thousands of thanks,
    will let you know
  14. #8
  15. No Profile Picture
    Banned
    Devshed Newbie (0 - 499 posts)

    Join Date
    May 2013
    Location
    chennai
    Posts
    24
    Rep Power
    0
    This coding confuses me can u say with any easy example.
  16. #9
  17. Did you steal it?
    Devshed Supreme Being (6500+ posts)

    Join Date
    Mar 2007
    Location
    Washington, USA
    Posts
    14,068
    Rep Power
    9398
    Originally Posted by Peter james
    This coding confuses me can u say with any easy example.
    Prove to me you're a human and I'll explain it.
  18. #10
  19. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2013
    Posts
    78
    Rep Power
    0
    Puf, what a nightmare,
    Had several problems with duplicate indexing the http and https is only one of them.
    Loos like google have dropped the duplicated and have correctly http and https for each page, could be some left maybe.

    I just tried your code,
    and it works perfect, I get the static 404 page in an include, I get 404 in the header, if I enter with http I get the page and header 200, but if I enter https it does the redirection but I get as a header 400.
    Same as with my previous test with my code.
    My firebug does not work, so I used one online, thought was the checker and tried another one, the same.....
    I also tried normal pages with https and got 400 error but doing the redirection, I think I got 301 when I did the first time,
    so this is something the host have changed???
    I used seochats and webconfs

    The header for my homepage using https:
    HTTP/1.0 400 Bad Request =>
    Date => Sat, 08 Jun 2013 09:01:33 GMT
    Server => LiteSpeed
    Connection => close
    Cache-Control => private, no-cache, no-store, must-revalidate, max-age=0
    Pragma => no-cache
    Content-Type => text/html
    Content-Length => 362

    It does the redirection but sends an incorrect header
    I have contacted my host.
    Last edited by newtonperri; June 8th, 2013 at 06:17 AM.
  20. #11
  21. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    May 2006
    Posts
    40
    Rep Power
    9
    As you wait for your host responds, you should check this information on http 400 errror messages incase if the fix is from your end.
    http://pcsupport.about.com/od/findbyerrormessage/a/400error.htm
    http://www.checkupdown.com/status/E400.html
  22. #12
  23. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2013
    Posts
    78
    Rep Power
    0
    Originally Posted by prince55l
    As you wait for your host responds, you should check this information on http 400 errror messages incase if the fix is from your end.
    http://pcsupport.about.com/od/findbyerrormessage/a/400error.htm
    http://www.checkupdown.com/status/E400.html
    Thanks, but its not my pc, checked with another pc, and the host checked and sent it to the administration department so I guess they got a 400 error as well.
  24. #13
  25. No Profile Picture
    Dazed&Confused
    Devshed Novice (500 - 999 posts)

    Join Date
    Jun 2002
    Location
    Tempe, AZ
    Posts
    506
    Rep Power
    128
    Hmm... a lot of the variables are missing about what your website does, how it works, and why your secure areas are secure, so this may or may not be valid, but...

    Be mindful that if you have "secure" areas that can be accessed by users based on cookie sessions (for instance), that those cookies exist and transfer the same data whether you're using http or https. If a person could observe your cookie while it's over http then hack their own to pretend to be you, to access the secure areas as you, your defenses are vulnerable.

    That said, I'd err on the side of caution and just make your entire site https-based if any part of it needs to be. Or alternatively, limit the secure pages to a subdomain with its own, independent cookie for any session purposes, that won't transmit over the main domain.

    Anyway... just a passing thought I had after reading this thread.

IMN logo majestic logo threadwatch logo seochat tools logo