Using .htaccess to redirect to (or mirror) a folder... am I doing it right?

https://forums.adobe.com/people/Nancy+OShea  wrote Read this Site Point article.  https://www.sitepoint.com/domain-www-or-no-www/ Keep in mind that if you use both www and non-www, you need an SSL certificate for both. I prefer to purchase one SSL certificate and redirect all www traffic to the naked domain.

Having looked this up, my host does offer Let's Encrypt, which is the service you recommended, if I'm not mistaken. In fact, LE is the only free https service they offer aside from self-signed SSL (not recommended, causes browsers to display warnings).

Guess I'll flip that switch on, then. Are you sure it'll make me choose whether or not to use the www?

In my admin panel, I am offered 3 choices for every domain :

1. Leave it alone: Both http://www.domain.com/ and http://domain.com/ will work.
2. Add WWW: Make http://domain.com/ redirect to http://www.domain.com/
3. Remove WWW: Make http://www.domain.com/ redirect to http://domain.com/

I usually leave it at #1, but based on what I'm learning this week, this is exactly what Google tries to discourage. Right?

I could honestly go in either direction on the whole www-or-not thing, even after reading your recommended article (both sides make good points). On one hand, I tend to be of the mindset that whatever the internet is more "used to" will only help SEO, therefore pro-www... but on the other, it would also make sense to have the official canonical address be identical to what I'm advertising... and no one puts the "www" in their advertising anymore, do they?

Chrome has done away with displaying the http/https part altogether, and my gut tells me the other two will follow, suggesting we are headed towards a cleaned-up address bar (as the average person requires fewer hints that what he's looking at is a url). This would favor the anti-www camp, because if you're going to do away with the OTHER part of the url that's never in the advertising, you might as well remove the www too and make it a clean sweep.

It would make sense that we someday reach a point where the only thing we'll see up there is domain.com/whatever... I think I just talked myself to your side of the debate.

Do this:

secure both www. and non www versions of your domain with lets encrypt I'm assuming your are using CPanel ?

Add this to your htaccess (same I already posted above), to ensure NON www requests are redirected to their www. equivalent and NON https requests are forced to https:

RewriteCond %{HTTPS} off [OR]

RewriteCond %{HTTP_HOST} !^www\. [NC]

RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]

RewriteRule ^ https://www.%1%{REQUEST_URI} [L,NE,R=301]

Add the canonical tag to the pages in question with each URL starting https://www.

You are good to go then, no need to worry about canonical issues, you are 100% safe

When the pages are live, post a link to the site here and I will do a few checks for you,  You can PM me if you prefer.

Energize  wrote Do this: secure both www. and non www versions of your domain with lets encrypt I'm assuming your are using CPanel ?

Not sure if CPanel, but whatever Dreamhost is using.

Before the subject of securing ever came up, since at least 2007, here's what the admin panel has been offering to handle www :

Leave it alone: Both http://www.domain.com/ and http://domain.com/ will work. Add WWW: Make http://domain.com/ redirect to http://www.domain.com/ Remove WWW: Make http://www.domain.com/ redirect to http://domain.com/

What this even does beats me... I'm assuming there's a 'shadow' htaccess file somewhere that this panel has the only write privilege to... and that I can override whatever it is via the site's individual htaccess file... am I close?

As for your solution... this latest bit of code you are proposing is specific to going the "pro-www" route rather than the "no-www" route... correct?

https://forums.adobe.com/people/Under+S.  wrote Chrome has done away with displaying the http/https part altogether

That's not my experience.  See screenshots from the 3 major browsers.

https://forums.adobe.com/people/Nancy+OShea  wrote https://forums.adobe.com/people/Under+S.   wrote Chrome has done away with displaying the http/https part altogether That's not my experience.  See screenshots from the 3 major browsers.

You're right, I just went back to check. What was I looking at earlier, then? Maybe I'm just losing my mind. For some reason, I remembered Chrome having the lock symbol instead of the https, rather than in addition to. My mistake.

Energize seems to believe both www + non-www versions of the url can be secured by Let's Encrypt. So I don't have to choose then? (Other than specifying one of them in "canonical", probably the non-www version)?

https://forums.adobe.com/people/Nancy+OShea  wrote I pay for my certs because I need more than  Let's Encrypt's free certs provide.  If you don't have to pay anything, cost is no concern.  Get as many certs as you need. I think the www vs non-www question is a little like hanging toilet paper.  Do you hang the flap on the inside or the outside?  You decide which works best for you.

On the outside, so it flows freely and isn't picking up whatever germs may be crawling on the wall on top of what's in the air. Anyone who thinks differently should be locked up. How can there even be debate on this question?

Gotcha about the certificates, confusion cleared up. Thanks.

https://forums.adobe.com/people/Nancy+OShea  wrote You're using mod_rewrite to remove pages folder from URL.   Only 1 page contains content.

Using the solution provided by Energise up above, both URLs work. Are you saying they shouldn't be? If both urls work, isn't that duplicating content? (ie, giving the same page 2 slots in Google Results)

There isn't anything directly linking to the ACTUAL location (with the extra folder name) but that doesn't mean Googlebot can't find it. Unless there's a command specifically restricting what Googlebot can index, it will eventually find everything and index it, no?

Google wants you to pick one (usually non-www) and have the .htaccess file redirect all www. traffic to non-www URL. You can also tell Google Console your preferred URL.  This is only necessary if search results point to both.

I've been asking for days how to tell Googlebot (and whoever else slips through) to only index 12 specific urls (the shorter ones). I don't know how to do that. What I've learned to do via this forum is remove /pages from the url (thus creating 2 ways to access the same file), and how to block everything except Googlebot in robots.txt.

If there are several methods to limit the scope of what Googlebot can index to 12 specific urls, I'd favor the one that requires only .htaccess (the fewer the files juggled by a nub like me, the better).