HSTS error for current tutorial of redirecting example.com to www.example.com

Hi @domjh first thank you so much for the tutorial Redirect example.com to www.example.com, it is very helpful!

Since I cannot comment on this tutorial, I posted here.

To help more people in future, for HSTS, the current tutorial will give the error

Error: HTTP redirects to www firsthttp://hongbomiao.com (HTTP) should immediately redirect to https://hongbomiao.com (HTTPS) before adding the www subdomain. Right now, the first redirect is to https://www.hongbomiao.com/. The extra redirect is required to ensure that any browser which supports HSTS will record the HSTS entry for the top level domain, not just the subdomain.

at hstspreload.org

Based on the feedback in the error message, once changing URL matches from





will help solve the issue.

Pros and cons:

The original tutorial will redirect from
http://example.com -> https://www.example.com

The method posted here will have one more jump, but solves HSTS error
http://example.com -> https://example.com -> https://www.example.com


Hi @Hongbo-Miao,

Thank you for your feedback! I wrote the tutorial with the intention that it would be the same process and rule regardless of whether a site uses HTTPS or still just HTTP. This currently works because you don’t specify a protocol in the match URL.

I had not really considered this, given that the majority of people using the #Tutorials will not have HSTS.

I also expected the Always Use HTTPS setting to do the HTTPS redirect before the one to www but it doesn’t. I will update the tutorial to add a section about HSTS and this issue.

Thanks again for letting me know :slight_smile:


Wow @domjh very quick response!
Totally understand, it is choosing between pros and cons.
Adding a section would be enough to help people who met the same HSTS error : )


Thanks, no problem! Absolutely, yes, I’ll add a section there, later today or tomorrow, explaining the issue and what people can do about it if they have HSTS enabled.

Thanks again for letting me know and for the detailed explanation! :slight_smile:


Hi again @Hongbo-Miao,

It took me slightly longer than I expected to get round to this, sorry!

I have now added this to the tutorial:

Hopefully this explains it OK and will help future users of the tutorial. Thanks again for the feedback!


2 posts were split to a new topic: HSTS and SSL Mode