Home
How to redirect using PHP (safely)

How to redirect using PHP (safely)

No Comments Digital Media

Redirecting using PHP is an incredibly useful tool, but it can also be dangerous if not implemented correctly.

If you have read our and our guide on , you will know that the header function ( header() ) can be used to easily redirect a user to another page. However, in reality, using this feature is not as simple as it seems. In this guide, we’ll show you how to redirect using PHP without causing big problems in the long run.

The basic method for a PHP redirect

Most guides will tell you that to redirect using PHP you can use the function header() at the top of your pages. To do so, use the function to send a new URL, like so:

header(‘Location: ‘.$newURL.php);

This header function should be placed before any HTML or text is passed to users’ browsers, so it should be right at the top of the page. That means it must appear before the declaration , before any Java and before any PHP code. This will send users to the new URL.

While it may seem simple, when it comes to the function header(), the simplicity of the code can lull developers into a false sense of security. So let’s see how you can use this function properly.

Die() and Exit()

First, you must use the modifier die() either exit() every time you use a redirect. In short, the problem is that crawlers and bots can ignore headers, so the page you thought you were redirecting from is fully accessible to them. If, in other words, you use a header redirect to protect a particular page, it doesn’t offer you any protection.

See also  WooCommerce Hosting | Create Your Online Store

That’s why you should close the redirect if it is ignored. The way to do it is to add die() either exit() after your redirect:

header(“Location: .$newURL.php”); die();

Relative and absolute URLs

Now, let’s talk about relative and absolute URLs in redirects. it allows you to use both, but you have to be very careful when using relative redirects. This is because some website builders classify and rename PHP pages. Which means that if you’re working on your PHP through a website builder, you may end up making all your redirects fail.

Unfortunately, at this time there is no real way to avoid this problem, short of having a careful overview of where your redirects are pointing.

Status codes

The third problem with redirecting using standard PHP is that PHP’s “location” operator still returns the . You shouldn’t allow it to do that, because many web browsers implement this code in a way that is totally at odds with the way it’s supposed to work: they essentially use the GET command instead of performing a “real” redirect.

Therefore, the best practice when creating PHP redirects is to specify the code to return. Unfortunately the correct code to use is a point of contention. HTTP 301 indicates a permanent redirect, which can cause problems restoring your original page. And, many browsers understand that HTTP 303 is “other” and can cause problems when indexing your page through search engines.

In practice, and until this situation is resolved, we recommend that you use HTTP 303.

Check the documentation

In addition to taking the basic precautions above, you should take some time to read the documentation on using PHP redirects before posting them. You should refer to the to make sure you understand what you’re doing, as well as to make sure you’re following best practices.

See also  How to use the Time command in Linux

And while you’re catching up on this reading, make sure you’re also protecting your website from : If you’re already in the position of having to use PHP redirects, your site’s security probably needs an audit.

Other methods

Given all these issues, you’re probably wondering why you should redirect using PHP. That is a good question. Although PHP redirects generally execute faster than other types of redirects and therefore can be an important tool for improving website speed, there are other options available.

There are two main approaches to doing this. You can use the HTML element to redirect from the HTML part of your page, or use JavaScript. The first approach (use ) would look like this:

The second approach (using JavaScript) is a bit more elegant and certainly looks more professional:

window.location.replace(“http://newpage.php/”);

Both approaches will run slightly slower than a redirect header() immediate, but possibly more flexible.

To end

While you should be able to safely redirect using PHP by following the steps above, if you’re in a position to use multiple PHP redirects, it’s probably time to rethink your site structure.

There are a couple of good reasons to do so. The first is that not all web servers are created equal, and if you send all your visitors on a winding path around your site, it will affect its performance. This can be improved to some extent by using a provider, but only to a certain extent.

The second reason is that the page you are redirecting from could be collecting data about your visitors without your knowledge, particularly if you are using web analytics software to track your site’s performance. In our post-GDPR world, that could have significant consequences.

See also  WordPress 6.0: the new major release is here

In short, be careful with PHP redirects, use them correctly, and use them where and when absolutely necessary.

Deyi is a digital marketing enthusiast, with a background in web design, content creation, copywriting, and SEO. She is part of ‘s SEO & Localization team. In her free time, she likes to develop projects, read a book or watch a good movie.

Related posts:

  1. The best HTML editors of 2022
  2. What is WordPress? Review of the most popular CMS
  3. What is Dropshipping and how to get started?
  4. ERR_CONNECTION_REFUSED: What is it and 11 ways to fix it

Related Posts

Loading Facebook Comments ...
Loading Disqus Comments ...