301 error and 200?

I did a couple crawls on my website and it was fine last week but not im getting a 301. Its showing that its coming from an http instead of https.

That’s for HTTPS - 301 isn’t an error, it’s an redirect. This makes it so anyone visiting your website on http (the default) instead goes to the secure HTTPS version. This adds only 1-10 milliseconds of page load time so you shouldn’t worry about this.


If you add HSTS, your visitors’ browser will redirect them to https automatically even if they typed ‘http’, saving the first request. This will only happen after they visit the https version for the first time.

If you also enable HSTS preloading (both adding the header with include-subdomains, preload and maximum TTL in CF SSL/TLS settings, and then registering your site at hstspreload.org), then, once your preload record gets to all browsers, even first time visit to your site will go directly to https. This has both the advantage of performance and the lack of ability to MITM attack you with techniques like sslstrip.

The disadvantage of HSTS is of course that if you decide to stop using HTTPS, it could take time until you get all users to forget it, and until they do, you can’t stop using https or you’ll be attacking yourself with a denial of service. HSTS preloading is “worse” - you’ll have to wait until all browsers remove your HSTS preloading record at your request, and then all people upgrading to a new browser version that does not include your site on their list. This could take between months to years. This applies domain wide (all current and future sub-domains), so consider carefully before enabling this feature.


What I dont get is how did http come up this week and not last week when I ran the check?

Are you sure last time you also explicitly typed http:// in the beginning of the URL? Perhaps previously your browser automatically completed the https:// URL from history?

1 Like

So because I typed http it created that redirect itself?

There is a redirect from http to https. That redirect (“Location:” header in HTTP response) may origin in Cloudflare configuration or from your server if accessed over HTTP.

If there’s a redirect, and you’re typing http:// - it does what’s expected from it…

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.