In order of least to most advisable places to issue an HTTP 30X:
- DNS
- Well, it's impossible to perform an HTTP redirect with DNS, so this is right out.
- Application [eg: in PHP]
- You can do it here, but really you want to do as little host-based muckery in the application, mostly of the sake of separation of concerns.
-
.htaccess
- Server/Vhost Config
- Yes, this is where you should do it. Rewrites and redirects are parsed once at server start, and handled by highly-efficient code.
Very Late Edit:
I'd like to add that performing redirects in the application code is not necessarily a bad thing, but for simple www.
and other host/infrastructure-level redirects the simplicity can't be beat.
eg: foo.com
to www.foo.com
and :80
to :443
However, if you're also doing application redirects you need to have a bulletproof division between what redirects are handled by the the server and which are handled by the application. Otherwise you can descend into a circle of hell where the application and server disagree on how to redirect.
If that division is anything less than absolute then you're probably better off simply letting the application manage redirects entirely.