Forced redirection redirects HTTP requests from clients to CDN points of presence (POPs) to HTTPS to improve security. This topic describes how to configure this feature.
Scenarios
You can configure forced redirection for an accelerated domain name that has an HTTPS certificate. By default, HTTP requests from clients to CDN POPs are redirected to HTTPS requests using an HTTP 301 status code. HTTPS requests are more secure.
Forced redirection uses the HTTP 301 status code by default. The HTTP 308 status code is also supported. To change the redirect type, you must submit a ticket. For more information about how to submit a ticket, see Contact us.
HTTP status code | Message | Description | Scenario |
301 | Moved Permanently | GET requests remain unchanged. Requests that use other methods may be changed to GET requests. | Website refactoring. |
308 | Permanent Redirect | The request method and message body remain unchanged. | Website refactoring. This HTTP status code is suitable for requests that use request methods other than GET (with non-GET links/operations). (with non-GET links/operations) |
Prerequisites
Before you configure forced redirection, make sure that an HTTPS certificate is configured. For more information, see HTTPS secure acceleration.
Procedure
Log on to the ApsaraVideo VOD console.
In the left-side navigation pane, choose Configuration Management > CDN Configuration > Domain Names.
Find the domain name that you want to manage and click Configure.
Click HTTPS, select Forced Redirection, and click Modify.
Select a Redirection. The following table describes the redirect types.
Redirect type
Description
Default
Supports both HTTP and HTTPS requests.
HTTPS -> HTTP
Forcibly redirects requests from clients to CDN POPs to HTTP.
HTTP -> HTTPS
Forcibly redirects requests from clients to CDN POPs to HTTPS to ensure access security.
Click OK.