Have you ever tried to go to a specific subdomain of a domain (e.g., example.com/subdomain) and had the site redirect to another domain (e.g., example.com)?
If so, you might be experiencing a situation where your web server is configured to do this and it’s causing some confusion for your users (and perhaps some frustration).
The problem is that there’s no straightforward way to fix this redirection issue without negatively affecting other parts of your site. Meaning, you either have to go with the status quo (which isn’t good) or reconfigure your web server to serve content from the subdomain (which, again, isn’t ideal).
Luckily, there’s a better way and it involves the use of 301 redirects. A 301 redirect is an HTTP response code that indicates that the URL (Uniform Resource Locator) referred to by the request is actually fine and the client should be redirected to another URL.
So, instead of example.com/subdomain redirecting to example.com, a 301 redirect creates a soft redirect from example.com/subdomain to example.com/health/weight-loss/.
This way, when someone visits example.com/subdomain, their web browser will still go to the URL they’re looking for (e.g., http://example.com/subdomain), but the request will also be delivered to the web server at (or close to) http://example.com/health/weight-loss/ (assuming that’s where your content is located).
The benefit of this is simple: It handles redirection seamlessly for your users (no unexpected behavior) and it doesn’t disrupt the flow of the page (the URL remains the same).
In this article, you’ll learn about some of the issues surrounding subdomains and how to properly configure your web server so that any requests made to a subdomain will always be served from the correct domain.
Subdomains And HTTP Redirects
As you may have guessed, a subdomain is simply a part of a domain that consists of one or more websites or webpages (think of a subfolder in your domain’s root folder — it can be a website or a simple web-based application).
When a user visits a subdomain (e.g., example.com/subdomain), their web browser will make a separate request to the web server at that domain to view the corresponding website or page. Think of it as if the subdomain is its own “domain.”
That means that, aside from the usual rules associated with HTTP requests (e.g., addressing, caching, and accessing content via HTTP), you need to implement special rules in order to properly configure your web server to serve content from subdomains.
Special Case For https
Requests made to a secure HTTPS (Hypertext Transfer Protocol Secure) subdomain (e.g., example.com/subdomain) must be redirected to the proper location, too (i.e., https://example.com/health/weight-loss/).
However, if you have a non-secure (HTTP) subdomain (e.g., example.com/subdomain), then you should not interfere with redirection for that subdomain.
Why? Well, anything associated with a secure connection (e.g., HTTPS) is considered “protected,” which means that it’s more difficult to intercept and modify the content without the knowledge of the original sender. Think of it as a secret message that can only be read by the intended recipient.
Now, as for why this is considered “special” in the first place, when a user visits an https subdomain, their web browser will automatically make a secure connection to the web server (if one isn’t already established).
This, in turn, means that the content and any information associated with the request (e.g., the user’s web browser and IP address) are protected and cannot be accessed by any third parties (including internet service providers and government agencies).
Subdomains are usually included in the domain name itself, so if you have a domain called example.com, then you have access to any subpages (e.g., example.com/subdomain, example.com/subdomain2, and so on).
If you’d like, you can take this a step further and include the entire domain (e.g., example.com) in your web server’s search index. This way, whenever a user types in the domain’s name in the address bar, your site will pop up (this is known as inclusion).
The advantage of this is that it allows users to find what they’re looking for quickly without having to browse through a page of results (which is often the case when sites implement search engines).
Keep in mind: Including the entire domain is considered “mega-search,” which means that it’s a broad search (applying to many domains). So, if you have a lot of content on your main site, then it may be best to avoid this feature so that your site does not get overwhelmed by traffic.
Subdomains And Caching
A subdomain’s content must be cached by the server so that it can be quickly accessed by users (and so that it doesn’t have to be reloaded from the server each time a request is made).
However, not all cached content needs to be saved for future users. You may want to keep certain information (such as searchable data) for yourself (or your applications) so that you don’t have to keep searching for it when you need it. In this case, it’s beneficial to prevent caching for the subpages (e.g., example.com/subdomain, example.com/subdomain2, and so on) since you don’t need to keep the content for that specific domain in mind when performing searches or accessing content.
Although the previous rules mainly apply to your server, it’s still important to be aware of the security measures that apply when connecting to a secure HTTPS (Hypertext Transfer Protocol Secure) subdomain (e.g., example.com/subdomain).
HTTPS is considered “secure” because it contains an encryption layer (known as TLS or Transport Layer Security) for data transport (i.e., when information is being sent from one computer to another).
This encryption layer prevents eavesdropping, prevents tampering, and (in theory) makes it impossible for someone to intercept and read the requested content.
Additionally, when accessing content via HTTPS, you have the option of preventing caching by setting the HTTP response header to no-cache. However, this should be avoided since caching makes for faster and more efficient content delivery (less load on the web server and faster page loads for your users).
If you have a login page (or form) for users to enter their details, then you should take the time to ensure that it’s as secure as possible by ensuring that it’s not cached (nor cached for too long) and attempting to prevent potential security breach attempts via brute-force attacks (in which a malicious user attempts to guess a user’s login details via repeated login attempts).
301 Redirect For Subdomains
To recap, when users visit a subdomain (e.g., example.com/subdomain) and make a request to a web server at that domain, their web browser will automatically make a separate request to the server to load content.
If you’d like, you can use a 301 (Moved Permanently) redirect to direct users to the proper location (e.g., https://example.com/health/weight-loss/) with the following HTTP response code: