Use 301 or 303 to redirect http to https

garethb picture garethb · Apr 17, 2015 · Viewed 32.2k times · Source

I'm not sure which is the best to use for my site when redirecting from http to https. At the moment I am using IIS rewrite rules to do the redirect. The guides I've read on how to do this use either a 301 or a 303. And after reading up on 301 and 303, I'm still not sure which is best to use.

My understanding is they are pretty much similar in what they do in regards to a redirect between http and https.

Is there any difference and will it affect SEO in any way using one over the other?

From the spec: 301

The 301 (Moved Permanently) status code indicates that the target
resource has been assigned a new permanent URI and any future
references to this resource ought to use one of the enclosed URIs.
Clients with link-editing capabilities ought to automatically re-link references to the effective request URI to one or more of the new
references sent by the server, where possible.

The server SHOULD generate a Location header field in the response containing a preferred URI reference for the new permanent URI. The
user agent MAY use the Location field value for automatic
redirection. The server's response payload usually contains a short
hypertext note with a hyperlink to the new URI(s).

  Note: For historical reasons, a user agent MAY change the request
  method from POST to GET for the subsequent request.  If this
  behavior is undesired, the 307 (Temporary Redirect) status code
  can be used instead.

A 301 response is cacheable by default; i.e., unless otherwise
indicated by the method definition or explicit cache controls

303

The 303 (See Other) status code indicates that the server is
redirecting the user agent to a different resource, as indicated by a URI in the Location header field, which is intended to provide an
indirect response to the original request. A user agent can perform
a retrieval request targeting that URI (a GET or HEAD request if
using HTTP), which might also be redirected, and present the eventual result as an answer to the original request. Note that the new URI
in the Location header field is not considered equivalent to the
effective request URI.

This status code is applicable to any HTTP method. It is primarily used to allow the output of a POST action to redirect the user agent
to a selected resource, since doing so provides the information
corresponding to the POST response in a form that can be separately
identified, bookmarked, and cached, independent of the original
request.

A 303 response to a GET request indicates that the origin server does not have a representation of the target resource that can be
transferred by the server over HTTP. However, the Location field
value refers to a resource that is descriptive of the target
resource, such that making a retrieval request on that other resource might result in a representation that is useful to recipients without implying that it represents the original target resource. Note that
answers to the questions of what can be represented, what
representations are adequate, and what might be a useful description
are outside the scope of HTTP.

Except for responses to a HEAD request, the representation of a 303 response ought to contain a short hypertext note with a hyperlink to
the same URI reference provided in the Location header field.

Answer

user2938881 picture user2938881 · Apr 17, 2015

Google says:

Redirect your users and search engines to the HTTPS page or resource with server-side 301 HTTP redirects.

I recommend following Google's advice rather than trying to implement a 303 strategy.

Source: https://support.google.com/webmasters/answer/6073543?hl=en