A few weeks ago, we have enabled two-factor authentication for all redirection.io customer accounts. While this feature has been fairly successful, we have found that helping to improve the security of user accounts was not enough. Some redirection.io customers have organization with dozens of users, and one single compromised account or password could result in the leakage of company sensitive data - traffic statistics, configured rules, etc.

So starting today, we're giving organization administrators a way to strengthen access to their organization's projects, by making a new security setting available. Organization administrators can now require all organization users to enable Two-factor authentication on their personal accounts.

A picture is worth a thousand words, so here is what it looks like:

You can find detailed explanations in the documentation about Organizations.

In the 1.6.0 release of the agent, we have introduced the test mode, a new way to help you test and try your redirect rules before they are published to your production servers. Historicaly, it was not possible to log the traffic from instances configured with this "test mode", which was meant for pre-production or testing servers - we estimated that it did not make much sense to log traffic from these platforms.

However, due to several requests on this topic, we have changed the behavior in the recent 2.1.0 release of the agent, and we have made it possible to enable HTTP traffic logging from instances using the "test mode". From now on, you can get a view of your live HTTP traffic logs even on "test" instances.

Another much-demanded feature about instances was the ability to configure their behavior directly within the agent.yml configuration file. We have introduced, also in the 2.1.0 release of the agent, the new test_mode and logging configuration, which can be used to statically set the configuration of agents server-side. If those keys are defined, you will not be able anymore to change this setting in the instances management interface:

We are announcing today two great improvements for your account and website security.

As of now, we support authenticating to redirection.io using a Google or a Microsoft account. If you used to login using your email and password, you can now safely login with Google or Microsoft, too. If logging in with an existing email address, you will continue to see your organizations and projets, like before.

For users who prefer to login using an email and a password, we have added the possibility to setup Two-factor authentication. We urge our customers to enable it and raise the level of protection of their redirection.io accounts.

Both of these new features are explained in details in the "User account and preferences" documentation page.

In the next weeks, we will allow organization administrators to enforce Two-factor authentication for all the users of their organization.

These new features are available to all our customers, whatever their projects plans, because we believe that security is a first class citizen.

Following the incident that affected our production infrastructure on March 10th, we have recently launched a new public status page to inform our customers of the current status of our platform and be able to clearly communicate when the service is down or disrupted.

The status page informs about several components of our infrastructure: our public website, the rules management interface, our APIs and endpoints, etc. You can find this page at https://redirectionio.statuspage.io/

In the mean time, we continue to perform the improvement actions listed in the post mortem of our last outage. We are also adding some exciting new features that should be coming soon... Stay tuned!

This morning, we have launched an improved way for managing roles within organizations and projects. In particular, these enhancements allow for the creation of "contributor" and "financial" users, with restricted permissions.

financial users can access billing information and invoices - this role is designed to fit the requirements of financial departments, which usually do not require access to all the project functionnality.

contributor users can create new rules or modify existing ones, but they can not publish rules, which means that they do not have direct access to the redirection rules that are executed on your public website. This is especially useful to allow an external SEO consulting company to contribute new redirect rules for your website, while having a way to control upstream what is going to be changed on your website.

Our documentation about permissions has been updated to reflect these changes.

Some times ago, we have been made aware that several customers found it difficult to figure out the concept of rules "rank".

The "rank" of a rule is helpful to elect the redirection to execute when several rules match a given request. However, many users were hesitating when configuring the rank: was the lower rank executed first, or after? Several other concerns about the "rank" have been raised, among others the fact that the rank could not be lower than 0, thus forbidding to insert new rules infront of already existing 0-level rules.

Therefore, we have renamed and migrated the "rank" model to a "priority" property, that can be attached to the redirect rules of your projects just like the rank did before. The legacy rank was somehow limited in the range 0-32768, so we have transformed it into a "priority" property, that can range from -32768 to 32767.

From now, if two redirection rules match a request, then the one with the higher priority will be applied. We have migrated all the existing redirection plans, so you do not notice any issue with existing rulesets.

As before, you can change the priority of each rule inside the rule creation/edition form. You can also add example requests to your rules, and have the relative priorities of rules be auto-defined when tweaking the rules order for a given example. Please read our guide about creating rules to learn more!

Today is a great day for redirection.io! We have released the v2.0.0 of the redirectionio-agent, the software component that runs redirection rules on the websites of our customers. This new version is the result of several months of hard work and includes many improvements. in addition to better overall agent performance, this release introduces new triggers and actions that will allow a much more powerful use of redirection.io.

Starting today, redirection.io users can create rules that are triggered by:

• the URL (or URL pattern)
• the HTTP method of the request
• the status code of the backend response
• the value of a request header

Used to create redirection rules? You can still do it with the new agent, of course, and you can also:

• override HTML meta tags (you know, the <title> tag at the top of every web page?)
• set the value of a response header
• inject arbitrary HTML code in your web pages

In the coming months, we will be adding more triggers and actions. However, for now, it means that configuring the following behaviors only takes a few clicks with redirection.io:

• I want to 302 redirect all the requests under /products/* for which the backend responded with a 404 - this can be useful to avoid 404 errors in product catalog pages, for example ;
• I want to 302 redirect the user to /fr if the X-GeoIP request header is defined and its value starts with fr
• I want to change the meta title and meta description on the page /products/example-product.html
• I want to add a meta og:image on every page of my website
• I want to add a x-frame-options response header to all the responses of my website, and set its value to SAMEORIGIN

Want more triggers or actions? Let us know!

• Read more about triggers and actions ⚡
• Read the detailed changelog

Since a long time, redirection.io offers a complete logging of all the HTTP traffic. This is very useful, as it gives a complete overview of the real traffic that your website receives, and helps us to build traffic dashboard and set priorities on which issues to fix first.

However, we wanted to go further and propose a proactive way to find issues within our customer websites. As part of our website HTTP traffic monitoring, we are opening today in private beta a brand new website crawler that our team has been working on quite heavily lately: the redirection.io website crawler.

The redirection.io website crawler makes it easy to spot issues on your website: broken links, thin content pages, duplicate meta tags, slow pages, etc. More than 60 indicators are extracted for each crawled page, which gives an exhaustive understanding on how a website behaves, and which optimizations can be setup to improve its technicalSEO. The crawler is completely integrated in the redirection.io manager, and we believe that it is a perfect complement to our redirection solution to help you find issues in your website (and fix them with redirect rules!).

The access to this crawler is offered for free to our paid customers during the beta period. Request a trial to the redirection.io crawler ➡️

We are launching today these "What's new on redirection.io?" pages, to let us explain the daily changes that are made to the redirection.io platform. We are constantly improving the solution, and have introduced many new features in the last year. With over 200 production deployments completed in 2020, and more intense work to come, we thought it was a good time to start sharing with our customers the changes that we make to redirection.io.

Our team is working every day very hard to improve our redirect solution and create innovative new features to solve SEO and web traffic management problems. Our roadmap contains great things for 2021, so this was the way to keep you informed! Our goal is to keep you up-to-date on new features that we launch, ask for your feedback, or share important product annoucements.

Fans of RSS feeds can subscribe to our "what's new?" feed ✨