Moderation report for Enabling HTTP Secure (HTTPS)

I am reporting https://www.drupal.org/https-information to moderators because:

This documentation states:

You may want to redirect all traffic from http://yourdomain.com and http://www.yourdomain.com to https://youdormain.com. You can do that by adding this to your .htaccess file:

  RewriteCond %{HTTPS} off [OR]
  RewriteCond %{HTTP_HOST} ^www.example.com*
  RewriteRule ^(.*)$ https://example.com/$1 [L,R=301]

Put that below RewriteEngine on.

Note that this approach is now recommended against by the Apache documentation, like already stated here. Use a Redirect like this instead.

Not sure if this is critical regarding security and probably needs a closer look of somebody with more server security administration background here. But I felt that this docs could not be left like it is in the mean time and I don’t know how to “mark” or “flag” it in a proper way. Aynone?


Source: https://www.drupal.org/project/issues/rss/documentation