Browsers will not send a referrer when linking from HTTPS to HTTP
- When your site is on HTTPS and you are linking or redirecting to a HTTP site, the browser will not send a referrer.
- This means the target site will see your traffic as "direct traffic", i.e. they cannot distinguish such hits from a user who directly typed in the URL.
It's probably because of:
Clients SHOULD NOT include a Referer header field in a (non-secure) HTTP request if the referring page was transferred with a secure protocol.
It's not clear why this
SHOULD exists. One might think it's because of session IDs encoded in the URL (something that was in fashion in the 90s), but then again browsers do send referers when linking from HTTPS to HTTPS.
- Tunnel links through a non-HTTPS page (but test the effect because HTTP referers survive a 301 redirect)
- There's you can use in some modern browsers.
Your development team has a full backlog of feature requests, chores and refactoring coupled with deadlines? We are familiar with that. With our "DevOps as a Service" offering, we support developer teams with infrastructure and operations expertise.