HTTP to HTTPS Redirect
Checks whether HTTP URLs redirect to HTTPS
Checks whether HTTP URLs redirect to HTTPS
| Rule ID | security/http-to-https |
| Category | Security |
| Scope | Site-wide |
| Severity | warning |
| Weight | 3/10 |
Solution
Ensure all HTTP URLs redirect to their HTTPS equivalents using permanent (301) redirects. This consolidates link equity and avoids mixed indexing. Configure your server to enforce HTTPS globally and verify that both the homepage and key internal URLs redirect correctly. WARNING: This rule makes external HTTP requests to probe redirect behavior.
Options
This rule supports the following configuration options:
| Option | Type | Default | Description |
|---|---|---|---|
sampleLimit | unknown | undefined | Maximum number of pages to probe for HTTP→HTTPS redirects |
Configuration Example
squirrel.toml
toml[rules."security/http-to-https"]
sampleLimit = undefinedEnable / Disable
Disable this rule
squirrel.toml
toml[rules]
disable = ["security/http-to-https"]Disable all Security rules
squirrel.toml
toml[rules]
disable = ["security/*"]Enable only this rule
squirrel.toml
toml[rules]
enable = ["security/http-to-https"]
disable = ["*"]