Best Practices for Setting Up a Web Domain: example.com with HTTPS and Redirects
Setting up a web domain like example.com requires careful configuration to ensure security, performance, and user accessibility. Below are the best practices for configuring a domain to support HTTPS, enforce redirections, and manage non-www to www (or vice versa) traffic redirection.
Obtain and Install SSL Certificates for HTTPS
Securing your domain with HTTPS is essential to protect data transmission between your server and users. To do this, you need to obtain and install an SSL/TLS certificate.
Steps:
- Purchase an SSL Certificate: You can obtain a certificate from trusted Certificate Authorities (CAs) like Let’s Encrypt (free), DigiCert, or Comodo.
- Install the SSL Certificate: Once obtained, install it on your web server. Configuration varies based on your server software (Nginx, Apache, etc.).
For Nginx:
server {
listen 443 ssl;
server_name example.com www.example.com;
ssl_certificate /etc/nginx/ssl/example.com.crt;
ssl_certificate_key /etc/nginx/ssl/example.com.key;
# Other SSL settings
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
}
For Apache:
<VirtualHost *:443>
ServerName example.com
ServerAlias www.example.com
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/example.com.crt
SSLCertificateKeyFile /etc/apache2/ssl/example.com.key
# Other settings
</VirtualHost>
Force HTTP to HTTPS Redirection
After enabling HTTPS, ensure that any HTTP traffic is automatically redirected to the secure HTTPS version. This not only improves security but also helps your SEO, as search engines prioritize HTTPS.
For Nginx:
server {
listen 80;
server_name example.com www.example.com;
return 301 https://$host$request_uri;
}
For Apache:
<VirtualHost *:80>
ServerName example.com
ServerAlias www.example.com
Redirect permanent / https://example.com/
</VirtualHost>
The 301 status code ensures a permanent redirect, informing search engines that the HTTP URL has been moved permanently to HTTPS.
Choose Between www or non-www and Redirect Accordingly
It’s important to decide whether you want your domain to appear with or without www. This is primarily a matter of preference, but consistency helps with SEO and branding.
Redirect non-www to www:
- Redirect
example.comtowww.example.comfor uniformity and better caching (some CDNs prefer www domains).
For Nginx:
server {
listen 443 ssl;
server_name example.com;
return 301 https://www.example.com$request_uri;
}
server {
listen 443 ssl;
server_name www.example.com;
# SSL configuration and site settings here
}
For Apache:
<VirtualHost *:443>
ServerName example.com
Redirect permanent / https://www.example.com/
</VirtualHost>
<VirtualHost *:443>
ServerName www.example.com
# SSL configuration and site settings here
</VirtualHost>
Redirect www to non-www:
- If you prefer
example.comoverwww.example.com, you can reverse the redirect.
For Nginx:
server {
listen 443 ssl;
server_name www.example.com;
return 301 https://example.com$request_uri;
}
server {
listen 443 ssl;
server_name example.com;
# SSL configuration and site settings here
}
For Apache:
<VirtualHost *:443>
ServerName www.example.com
Redirect permanent / https://example.com/
</VirtualHost>
<VirtualHost *:443>
ServerName example.com
# SSL configuration and site settings here
</VirtualHost>
HTTP Strict Transport Security (HSTS)
Enforcing HTTPS through HSTS ensures that browsers always load your website securely by preventing any request over HTTP. This is important for protecting against downgrade attacks and cookie hijacking.
For Nginx:
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
For Apache:
Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
This setting ensures that once a browser visits your site, it will remember to always use HTTPS for future requests.
Optimize for Performance and SEO
- Enable HTTP/2 or HTTP/3: HTTP/2 improves performance by allowing multiple requests over a single connection, reducing latency.
- Redirect Chains: Avoid multiple redirects (e.g., from
http://example.comtohttps://example.com, then tohttps://www.example.com). Always aim for a single redirect to reduce delay.
Finally
Setting up a domain like example.com for production requires a well-configured server that supports HTTPS, redirects HTTP traffic to HTTPS, and enforces consistent domain redirection (either from www to non-www or vice versa). Implementing these best practices ensures a secure, user-friendly, and SEO-optimized domain configuration.