I wanted to write a short post about the story behind this extension.
Usually I would always recommend the most official way to achieve something. In the case of canonical urls, this means using redirect rules in the server configuration. So at first I didn't think an extension like this one makes sense.
However I've been surprised by the number of people not knowing how to do it. A lot of them actually realized their forum weren't redirected to the the canonical url after a scan on the Lab. I've seen a lot of these reports.
Then these people ask for help, "how do I fix it", but the answer is often it depends. It depends on the web server, available modules (on shared hosting), whether you need a solution for one redirect, redirect from multiple names, and sometimes other things. It's not easy to give one easy solution for those who don't really know it works.
So I've been thinking about the extension option. If the user use Flarum, then they should be comfortable installing an extension to solve this issue. I listed the drawbacks of using an extension:
- One more extension, one more middleware, one more setting even when you are already on the right url: this will slightly decrease performance and load time
- The redirects will not work if Flarum encounters a 500 error while booting
- The redirects might not work on some unauthorized or not found pages
But all of these drawbacks are not that bad:
- Forum administrators who will notice the performance difference will likely know how to configure redirects another way
- 500 errors don't usually happen often. Also they could happen as well on a setup using rewrites, just less frequently
- Because the middleware does the check before passing it down the pipe, it runs before most Flarum logic and reduce the risk of an error blocking the redirect. Only other extensions might interfere
Also, an error in Flarum means the redirect won't work, but also that Flarum won't load, so at next try everything will work fine. There's no way to you can access the forum on the wrong url.
The only security downside compared to rewrites is that if the user visits the website for the first time while it's in an error state, they won't be redirected to HTTPS and won't get the HSTS header (if the website has one), so we might miss an opportunity to set the HSTS flag early. Again, this is likely a rare event if it ever happens. HSTS preloading also solves this.
Because of all of this I concluded that the extension is the easiest solution for anybody who doesn't know or can't configure rewrites on their servers. And because it's not a very complex extension, I wrote it for you.
I published it as a "MigrateToFlarum" extension because it fits with the lineup of extension that simplify migration or configuration of forums.
I plan to recommend the use of this extension as an easy solution to the "multiple url" issue in the error message on the Lab.
I count on other people to report any issue they might find with the extension because I won't be personally using it. All my servers are managed through Laravel Forge and both domain and HTTPS redirects are already covered out of the box. Meaning I can't even try the extension on my servers if I wanted to (I did test it locally though, don't worry 😛)
Happy to hear other thoughts on the subject!