The official website of the White House, http://www.whitehouse.gov/, has a temporary redirect (a 302 redirect) set up from the HTTP version of their website to the HTTPs version of their website. You may already know that I’m a big fan of moving your website to a secure version (HTTPs), as I moved this website to HTTPs days after it was announced that HTTPs is a Google search engine ranking factor. But, the White House website is doing it wrong.
The proper way to redirect from HTTP to HTTPs is using a 301 Permanent Redirect, and NOT a 302 Temporary Redirect. In fact, a 302 redirect implies that the move is temporary–that it will eventually be moved back to the HTTP version. That is probably not going to happen.
There are actually other reasons for permanently redirecting to HTTPs, but one reason is that Facebook is giving an error and flagging it as spam. Whenever you link to http://www.whitehouse.gov, Facebook give you this:
Then they tell you that it’s a bad website, and you may be linking to something they’re wary of:
Looking at the server headers, it truly is a 302 redirect from http://www.whitehouse.gov to https://www.whitehouse.gov/
Sending request:
GET / HTTP/1.1
Host: www.whitehouse.gov
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:43.0) Gecko/20100101 Firefox/43.0
Referer: http://www.rexswain.com/httpview.html
Connection: close• Finding host IP address…
• Host IP address = 23.6.188.63
• Finding TCP protocol…
• Binding to local socket…
• Connecting to host…
• Sending request…
• Waiting for response…
Receiving Header:
HTTP/1.1·302·Moved·Temporarily(CR)(LF)
Content-Length:·0(CR)(LF)
Location:·https://www.whitehouse.gov/(CR)(LF)
Date:·Tue,·05·Jan·2016·21:38:36·GMT(CR)(LF)
Connection:·close(CR)(LF)
Server:·White·House(CR)(LF)
P3P:·CP=”NON·DSP·COR·ADM·DEV·IVA·OTPi·OUR·LEG”(CR)(LF)
(CR)(LF)
The Facebook error could be the fact that Facebook’s bots are trying to hit the site and the White House’s site is responding with a 404 error. But, nonetheless, there is an error and it looks like Facebook doesn’t trust the site.
H/T to @schachin for pointing this out to me. 😉