homepage Welcome to WebmasterWorld Guest from
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Visit PubCon.com
Home / Forums Index / Marketing and Biz Dev / General Search Engine Marketing Issues
Forum Library, Charter, Moderators: mademetop

General Search Engine Marketing Issues Forum

Redirecting to login page

 9:44 am on May 24, 2011 (gmt 0)

What is the correct way to redirect users to a login page?

For example, user wants to access page:


file messages.php contains something like this:

if ($logged_in != '1') {
Header("Location: /login.php");

So, if a searh engine access this page (and many other pages), there is only redirection without any comments. Is it OK so many redirections without explanations?

Maybe I need to add 401 or another header?

if ($logged_in != '1') {
Header('HTTP/1.0 401 Unauthorized');
Header("Location: /login.php");




 8:11 am on May 26, 2011 (gmt 0)



 8:05 am on May 27, 2011 (gmt 0)

providing a Location: header in PHP without specifying a status code defaults to a 302.
this is equivalent to:
header('HTTP/1.1 302 Found');
header("Location: http://www.example.com/login.php");

note that the Location: header should contain an absolute url.

the search engine isn't going to see any content that is behind a login, so it probably makes sense to noindex the login.php url or at least exclude the bot from crawling that path with a robots.txt entry.

the 401 status code specifies that HTTP authentication is required and the only response header appropriate for that status code is WWW-Authenticate.
when challenged to authenticate with a 401, the browser handles the authentication and this is different from the html login form which would be served by the /login.php url.


 9:36 am on May 27, 2011 (gmt 0)

phranque, thank you for your answer.

note that the Location: header should contain an absolute url.

What happends if header doesn't contain an absolute url?

Header("Location: /login.php");


 1:56 am on May 28, 2011 (gmt 0)

that is user-agent-dependent behavior.
a modern browser will likely make the proper best guess if you fail to provide an absolute url.
however do you want to risk an unintended redirect by a search engine crawler when you provide an ambiguous response?
conformance to protocol is a better solution.
http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.30 [w3.org]:
The (Location response-header) field value consists of a single absolute URI.


 8:00 am on May 28, 2011 (gmt 0)

Thank you.

Global Options:
 top home search open messages active posts  

Home / Forums Index / Marketing and Biz Dev / General Search Engine Marketing Issues
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved