Safe Redirect Manager Plugin

Easily and safely manage your site’s redirects the WordPress way. There are many redirect plugins available. Most of them store redirects in the options table or in custom tables. Most of them provide tons of unnecessary options. Some of them have serious performance implications (404 error logging). Safe Redirect Manager stores redirects as Custom Post Types. This makes your data portable and your website scalable. Safe Redirect Manager is built to handle enterprise level traffic and is used on major publishing websites. The plugin comes with only what you need following the WordPress mantra, decisions not options. Actions and filters make the plugin very extensible.

Fork the plugin on GitHub.

Configuration

There are no overarching settings for this plugin. To manage redirects, navigate to the administration panel (“Tools” > “Safe Redirect Manager”).

Each redirect contains a few fields that you can utilize:

“Redirect From”

This should be a path relative to the root of your WordPress installation. When someone visits your site with a path that matches this one, a redirect will occur. If your site is located at http://example.com/wp/ and you wanted to redirect http://example.com/wp/about to http://example.com, your “Redirect From” would be /about.

Clicking the “Enable Regex” checkbox allows you to use regular expressions in your path. There are many great tutorials on regular expressions.

You can also use wildcards in your “Redirect From” paths. By adding an * at the end of a URL, your redirect will match any request that starts with your “Redirect From”. Wildcards support replacements. This means if you have a wildcard in your from path that matches a string, you can have that string replace a wildcard character in your “Redirect To” path. For example, if your “Redirect From” is /test/*, your “Redirect To” is http://google.com/*, and the requested path is /test/string, the user would be redirect to http://google.com/string.

“Redirect To”

This should be a path (i.e. /test) or a URL (i.e. http://example.com/wp/test). If a requested path matches “Redirect From”, they will be redirected here. “Redirect To” supports wildcard and regular expression replacements.

“HTTP Status Code”

HTTP status codes are numbers that contain information about a request (i.e. whether it was successful, unauthorized, not found, etc). You should almost always use either 302 (temporarily moved) or 301 (permanently moved).

Note:

• Redirects are cached using the Transients API. Cache busts occur when redirects are added, updated, and deleted so you shouldn’t be serving stale redirects.
• By default the plugin only allows at most 1000 redirects to prevent performance issues. There is a filter srm_max_redirects that you can utilize to up this number.
• “Redirect From” and requested paths are case insensitive by default.
• Developers can use srm_additional_status_codes filter to add status codes if needed.
• Rules set with 403 and 410 status codes are handled by applying the HTTP status code and render the default WordPress wp_die screen with an optional message.
• Rules set with a 404 status code will apply the status code and render the 404 template.
• Browsers heavily cache 301 (permanently moved) redirects. It’s recommended to test your permanent redirects using the 302 (temporarily moved) status code before changing them to 301 permanently moved.

Developer Documentation

Safe Redirect Manager includes a number of actions and filters developers can make use of. These are documented on the Safe Redirect Manager developer documentation micro-site.

Install the plugin in WordPress. You can download a zip via GitHub and upload it using the WordPress plugin uploader (“Plugins” > “Add New” > “Upload Plugin”).

2.1.2 – 2024-06-19

• Added: Provide example for modifying the default redirect status code (props @peterwilsoncc, @jeffpaul, @JosVelasco, @dkotter via #365).
• Added: “Testing” section in the “CONTRIBUTING.md” file (props @kmgalanakis, @jeffpaul via #379).
• Changed: Improved reference to the postmeta table for better WordPress compatibility (props @ogorzalka, @Sidsector9 via #361).
• Changed: Clean up NPM dependencies and update node to v20 (props @Sidsector9, @dkotter via #363).
• Changed: Warning message to error message after loops are detected (props @aaemnnosttv, @Sidsector9, @BhargavBhandari90 via #368).
• Changed: Disabled auto sync pull requests with target branch (props @iamdharmesh, @jeffpaul via #371).
• Changed: Replaced lee-dohm/no-response with actions/stale to help with closing no-response/stale issues (props @jeffpaul, @dkotter via #373).
• Changed: Upgrade the download-artifact from v3 to v4 (props @iamdharmesh, @jeffpaul via #372).
• Changed: Bump WordPress “tested up to” version 6.5 (props @sudip-md, @jeffpaul, @dkotter via #376).
• Changed: Bump WordPress minimum from 5.7 to 6.3 (props @sudip-md, @jeffpaul, @dkotter via #376).
• Changed: URL validation check on “input” event for “Redirect From” field (props @peterwilsoncc, @BhargavBhandari90, @Sidsector9 via #369).
• Fixed: PHP warning when running the “wp safe-redirect-manager list” CLI command (props @planetahuevo, @kmgalanakis, @dkotter via #378).

2.1.1 – 2024-01-08

• Added: Support for the WordPress.org plugin preview (props @dkotter, @jeffpaul via #357).
• Added:phpcs:ignore on the now safe ini_set() (props @philipjohn, @ravinderk via #355).
• Changed: Bump Cypress from 13.0.0 to 13.1.0, @10up/cypress-wp-utils from 0.1.0 to 0.2.0, @wordpress/env from 5.3.0 to 8.7.0, cypress-mochawesome-reporter from 3.4.0 to 3.5.1 and node-wp-i18n from 1.2.5 to 1.2.7 (props @iamdharmesh, @ravinderk via #349).
• Changed: Bump WordPress “tested up to” version 6.4 (props @qasumitbagthariya, @jeffpaul via #353, #354).
• Changed: Validate and sanitize a superglobal before using it (props @jspellman814, @ravinderk via #356).
• Fixed: Ensure text can be translated (props @alexclassroom, @iamdharmesh via #351).

2.1.0 – 2023-09-07

• Added: WP-CLI command export to export redirects into a CSV file. (props @zamanq, @jeffpaul, @Sidsector9 via #299).
• Added: Admin settings to set custom redirect protocol per route (props @tlovett1, @danielbachhuber, @benoitchantre, @jayedul, @Sidsector9 via #301).
• Added: Autocomplete to the “Redirect To” field (props @tlovett1, @bmarshall511, @ravinderk via #325).
• Added: Allow existing import records to be updated instead of skipped (props @retlehs, @bmarshall511, @dkotter via #329).
• Added: Check for minimum required PHP version before loading the plugin (props @kmgalanakis, @iamdharmesh, @Sidsector9, @vikrampm1, @dkotter via #340).
• Added: Repo Automator GitHub Action (props @iamdharmesh, @jeffpaul via #348).
• Changed: Bump Support Level from Active to Stable (props @jeffpaul, @Sidsector9, @peterwilsoncc via #303).
• Changed: Bump WordPress “tested up to” version 6.3 (props @github-actions, @kmgalanakis, @iamdharmesh via #339).
• Changed: Reduced the number of queries in half by removing post_status property from redirects data (props @tlovett1, @pdclark, @mehul0810, @Sidsector9, @dkotter, @nateconley, @sksaju, @ravinderk via #326).
• Changed: Rule editor always shows raw redirect target (props @tbenyon, @jeffpaul, @trainoasis, @jayedul, @dkotter via #330, #333).
• Changed: Include links to redirects that cause redirect loops/chains in the warning (props @joshbetz, @tlovett1, @Sidsector9, @ravinderk via #341).
• Changed: Set the default value for the srm_check_for_possible_redirect_loops filter to true (props @joshbetz, @tlovett1, @Sidsector9, @ravinderk via #341).
• Changed: Added a back link to the admin notices when a post is saved or updated (props @szepeviktor, @tlovett1, @bmarshall511, @iamdharmesh via #328).
• Changed: Missing Docblocks for filter hooks (props @peterwilsoncc, @jayedul, @dkotter, @faisal-alvi, @iamdharmesh via #313).
• Fixed:auto_detect_line_endings deprecation warning in PHP 8.1 and above (props @dhewer, @jayedul, @Sidsector9, @ravinderk via #327).
• Fixed: Only show public post types in the autocomplete “Redirect To” field (props @ravinderk, @bmarshall511, @dkotter via #332).
• Fixed: Slow performance during redirect chain/loop detection (props @tlovett1, @danielbachhuber, @Sidsector9, @ravinderk, @iamdharmesh via #336).
• Security: Bump semver from 7.3.8 to 7.5.4 (props @dependabot, @dkotter, @Sidsector9 via #334, #342).
• Security: Bump tough-cookie from 2.5.0 to 4.1.3 (props @dependabot, @faisal-alvi via #337).
• Security: Bump @cypress/request from 2.88.10 to 3.0.0 (props @dependabot, @faisal-alvi, @ravinderk via #337, #343).
• Security: Bump cypress from 11.2.0 to 13.0.0 (props @dependabot, @ravinderk via #343).

2.0.1 – 2023-06-01

• Fixed: Ensure our E2E tests run (props @Sidsector9, @iamdharmesh via #318).
• Fixed: Ensure the message array key exists before we use it (props @dkotter, @ocean90, @peterwilsoncc via #319).
• Fixed: Resolve deprecation notices in PHP 8.1 and later (props @peterwilsoncc, @dkotter via #322).

2.0.0 – 2023-05-31

Note that this version bumps the PHP minimum from 5.6 to 7.4 and the WordPress minimum from 4.6 to 5.7.

• Added: Handling of 403, 404, and 410 status codes (props @nateconley, @cadic, @dkotter, @Sidsector9, @helen, @dinhtungdu, @dustinrue, @ciprianimike, @jeffpaul, @aosmichenko, @okadots via #300).
• Added: Support for adding notes when importing redirects (props @barryceelen, @cadic, @jayedul via #277).
• Added: “Build release zip” GitHub Action (props @iamdharmesh, @cadic, @faisal-alvi via #293).
• Added: GitHub Action summary added Cypress test report (props @jayedul, @peterwilsoncc, @iamdharmesh via #314).
• Added: – Dependency review Github action (props @jeffpaul, @Sidsector9 via #317).
• Changed: Bumped PHP minimum supported version from 5.6 to 7.4 (props @csloisel, @dkotter, @vikrampm1 via #289).
• Changed: Bumped WordPress minimum supported version from 4.6 to 5.7 (props @csloisel, @dkotter, @vikrampm1 via #289).
• Changed: Bumped PHPCS compat script to use 7.4 as test version (props @csloisel, @dkotter, @vikrampm1 via #289).
• Changed: Bumped WordPress “test up to” version 6.2 (props @csloisel, @jayedul via #290, #310).
• Changed: Cypress integration migrated from 9.5.2 to 11.2.0 (props @jayedul, @cadic, @Sidsector9, @iamdharmesh via #295).
• Changed: Run E2E tests on the ZIP generated by “Build release zip” GitHub Action (props @jayedul, @cadic, @iamdharmesh, @dkotter via #306, #311).
• Changed: Status code dropdown is now sorted numerically (props @norcross, @Sidsector9 via #307).
• Removed: PHP versions < 7.4 from phpunit tests (props @csloisel, @dkotter, @vikrampm1 via #289).
• Fixed: Check non-active multisite directory against the main site redirects (props @phpbits, @dinhtungdu, @ciprianimike, @gsarig, @Sidsector9, @davidegreenwald, @turtlepod via #248).
• Fixed: Regex redirects without leading / are buggy (props @dhanendran, @peterwilsoncc via #279).
• Fixed: Issue with srm_additional_status_codes filter hook (props @Sidsector9, @faisal-alvi via #312).
• Security: Bump got from 10.7.0 to 11.8.5 (props @dependabot, @peterwilsoncc via #286).
• Security: Bump @wordpress/env from 4.9.0 to 5.3.0 (props @dependabot, @peterwilsoncc via #286).
• Security: Bump simple-git from 3.9.0 to 3.16.0 (props @dependabot, @Sidsector9, @peterwilsoncc via #294, #302).
• Security: Bump http-cache-semantics from 4.1.0 to 4.1.1 (props @dependabot, @peterwilsoncc via #305).

Earlier versions

For the changelog of earlier versions, please refer to the changelog on github.com.