diff --git a/core/server/utils/index.js b/core/server/utils/index.js
index 04617e9f3b..d74017bb5f 100644
--- a/core/server/utils/index.js
+++ b/core/server/utils/index.js
@@ -132,7 +132,6 @@ utils = {
     },
 
     readCSV: require('./read-csv'),
-    removeOpenRedirectFromUrl: require('./remove-open-redirect-from-url'),
     zipFolder: require('./zip-folder'),
     generateAssetHash: require('./asset-hash'),
     tokens: require('./tokens'),
diff --git a/core/server/web/middleware/uncapitalise.js b/core/server/web/middleware/uncapitalise.js
index a847e0f317..d9a7267c34 100644
--- a/core/server/web/middleware/uncapitalise.js
+++ b/core/server/web/middleware/uncapitalise.js
@@ -14,7 +14,7 @@
 
 var urlService = require('../../services/url'),
     common = require('../../lib/common'),
-    globalUtils = require('../../utils'),
+    localUtils = require('../utils'),
     uncapitalise;
 
 uncapitalise = function uncapitalise(req, res, next) {
@@ -46,10 +46,7 @@ uncapitalise = function uncapitalise(req, res, next) {
      * That encoding isn't useful here, as it triggers an extra uncapitalise redirect, so we decode the path first
      */
     if (/[A-Z]/.test(decodedURI)) {
-        redirectPath = (
-            globalUtils.removeOpenRedirectFromUrl((req.originalUrl || req.url).replace(pathToTest, pathToTest.toLowerCase()))
-        );
-
+        redirectPath = (localUtils.removeOpenRedirectFromUrl((req.originalUrl || req.url).replace(pathToTest, pathToTest.toLowerCase())));
         return urlService.utils.redirect301(res, redirectPath);
     }
 
diff --git a/core/server/utils/remove-open-redirect-from-url.js b/core/server/web/utils.js
similarity index 56%
rename from core/server/utils/remove-open-redirect-from-url.js
rename to core/server/web/utils.js
index a8b6883690..bab99e259f 100644
--- a/core/server/utils/remove-open-redirect-from-url.js
+++ b/core/server/web/utils.js
@@ -1,7 +1,10 @@
-var url = require('url');
+'use strict';
 
-function removeDoubleCharacters(character, string) {
-    var stringArray = string.split('');
+const url = require('url');
+let _private = {};
+
+_private.removeDoubleCharacters = function removeDoubleCharacters(character, string) {
+    let stringArray = string.split('');
 
     return stringArray.reduce(function (newString, currentCharacter, index) {
         if (
@@ -13,19 +16,17 @@ function removeDoubleCharacters(character, string) {
 
         return newString + currentCharacter;
     }, '');
-}
+};
 
-function removeOpenRedirectFromUrl(urlString) {
-    var parsedUrl = url.parse(urlString);
+module.exports.removeOpenRedirectFromUrl = function removeOpenRedirectFromUrl(urlString) {
+    let parsedUrl = url.parse(urlString);
 
     return (
         // http://
         (parsedUrl.protocol ? parsedUrl.protocol + '//' : '') +
         (parsedUrl.auth || '') +
         (parsedUrl.host || '') +
-        removeDoubleCharacters('/', parsedUrl.path) +
+        _private.removeDoubleCharacters('/', parsedUrl.path) +
         (parsedUrl.hash || '')
     );
-}
-
-module.exports = removeOpenRedirectFromUrl;
+};