← All Status Codes
301
Moved Permanently
↪️ Redirection Low Risk

📖 What Is HTTP 301?

The resource has been permanently moved to a new URL. Search engines will update their index to the new URL. Browsers will cache this redirect.

🛡️ Security Implications

Open redirect vulnerability if the Location header is constructed from user input without validation. Attackers can redirect users to phishing sites.

🔍 Common Causes

URL structure change, domain migration, HTTP to HTTPS redirect, or trailing slash normalization.

🔧 How to Fix

Verify the Location header is not constructed from user-controlled input. Use a whitelist of allowed redirect destinations.

🖥️ How to Check

curl -I -o /dev/null -w "%{http_code}" https://example.com

🔗 Related Redirection Codes

302
Found
303
See Other
304
Not Modified
307
Temporary Redirect
308
Permanent Redirect
📚 Learn Web Security — Free Course