Having an issue with some url rewrites.
I want to redirect all urls to https with no www
Currently I have :
1) Forces https with the (s) - working
http://example.com => https://example.com
2) Forces https with the (s) and removes www - working
http://www.example.com => https://example.com
3) Remove the www from the https with the (s) requests - failing
https://www.example.com => https://example.com
It seems as if it's not even reaching my htaccess code with an ERR_SSL_UNRECOGNIZED_NAME_ALERT
Site might be temporarily down or it may have moved permanently to a new web address.
This is what I have in my htaccess file
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTP_HOST} ^www.example.com$ [NC]
RewriteRule ^(.*)$ https://example.com/$1 [R=301,L]
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
</IfModule>
The site is hosted by Host Gator and I contacted support and was told that it's impossible to set this up because the site is built with Wordpress.
That didn't seem like the right answer to me so thought I'd ask here.
Any info appreciated.
Cheers
RewriteCond %{HTTPS} off will not detect HTTPS requests, so you may want to add another rule for HTTPS requests only (with the same/similar conditions), e.g.:
RewriteCond %{HTTPS} on
RewriteCond %{HTTP_HOST} ^www\.example\.com$ [NC]
RewriteRule ^(.*)$ https://example.com/$1 [R=301,L]
Instead of adding this, you can also simplify everything with an OR condition:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} !=on [OR]
RewriteCond %{HTTP_HOST} !^example\.com$ [NC]
RewriteRule ^ https://example.com%{REQUEST_URI} [R=301,L]
</IfModule>
Which means, if HTTPS is null or off OR the domain does not start with example.com, redirect to https://example.com.
Amusing that the support believes that Wordpress somehow prevents .htaccess to be used, but I wonder if your host may have certain .htaccess restrictions, preventing plugins that rely on it (e.g. BulletProof Security) to work properly.
Related
I have a Wordpress website and to force all traffics over HTTPS, I 've used the code below in .htaccess file:
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Although, I can visit website on https:// mode well, and there is not any other issue on the certificate, any redirect from http:// to https:// does not happen! May you tell me what is the problem?
Note: All other htaccess conditions and rules are working.
This is my working solution to redirect all http pages to https at the very top of my WordPress .htaccess file and in any case before # BEGIN WordPress directives.
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
# # Redirection vers HTTPS
RewriteCond %{SERVER_PORT} ^80$ [OR]
RewriteCond %{HTTPS} =off
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
#
</IfModule>
I am trying to redirect my domain
http://atc-logistics.ie
and
http://www.atc-logistics.ie
to
https://www.atc-logistics.ie
My hosting company gave me this code for the .htaccess file:
Options +FollowSymlinks
RewriteEngine on
RewriteCond %{HTTPS_HOST} ^atc-logistics.ie [NC]
RewriteRule ^(.*)$ https://www.atc-logistics.ie/$1 [L,R=301]
and are insisting that there this is correct and something else is causing a redirect so it keeps rebounding back to http://atc-logistics.ie. I can't see any other redirects and there are no redirect plugins (Wordpress).
Can anyone let me know if the redirect above is correct? I am really struggling and the hosting company don't seem to be able to help!
The htaccess redirect system I use is this:
RewriteEngine On
RewriteCond %{HTTP_HOST} !^$
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^ https://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
And that works fine for me.
It checks if the host does not begin www. and then diverts to the www. address before then checking if the protocol is Secure and then if it is not forces redirect to the HTTPS, using the previously set HOST and URI address values.
I know this question was asked so many times on SO, and I found all the relevant answers to my post, but my situation is a bit more unique, therefore I couldn't use the given answers as solution for my problem.
I have a website http://www.example.com which has a folder with the name: secure.
When a user tries to go to http://www.example.com/secure, he should be redirected to the HTTPS version of the site.
Now for the tricky part -
on the secure page there is only HTTPS links, as requested by every SSL certificate. specifically there is a link to https://www.example.com - but when a user clicks it, he should be redirected to the HTTP version of the site. as mentioned - the main page is not secure.
I figured I would need two Rewrite rules:
Redirecting everyone trying to get to http://www.example.com/secure to HTTPS protocol.
Redirecting everyone trying to get to https://www.example.com to HTTP protocol.
This is what i have now in .htaccess in the root directory of the domain based on another question I found here.
RewriteEngine On
RewriteBase /
# Turn SSL on for /secure
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} ^/secure
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
# Turn SSL off everything but /secure
RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} !^/secure
RewriteRule ^(.*)$ http://%{HTTP_HOST}/$1 [R=301,L]
This works fine for redirecting the secure page to HTTPS, but I can't figure out why it's not redirecting https://www.example.com to HTTP.
Also worth mentioning, I have the following code in the same .htaccess that I can't remove.
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
Try your rules based on THE_REQUEST variable instead of REQUEST_URI. THE_REQUEST variable represents original request received by Apache from your browser and it doesn't get overwritten after execution of some rewrite rules, unlike REQUEST_URI variable.
RewriteEngine On
RewriteBase /
# Turn SSL on for /secure
RewriteCond %{HTTPS} off
RewriteCond %{THE_REQUEST} /secure [NC]
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L,NE]
# Turn SSL off everything but /secure
RewriteCond %{HTTPS} on
RewriteCond %{THE_REQUEST} !/secure [NC]
RewriteRule ^ http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L,NE]
Also better to test this in a new browser after clearing browser cache.
I'm working on a wordpress site. And just installed SSL. It has been installed correctly but I want to redirect visitors to the https url for certain pages only. I also want to force browser to use http for other pages.
I know this can be done with .htaccess and tried several things as well. But unable to get this as I need. I'm a novice at handling .haccess rewrite rules and can't find the docs that can guide me.
For example, I need to force browser to use https for this two urls:
http://www.example.com/sells/payment/
http://www.example.com/customer/login/
and for all other urls to just use normal http forcefully. What kind of rules I need to write?
Update 1
I also have a rule that redirects non-www url to a www url, and that might be conflicting with these rules. Here is how I redirect all non-www urls to www urls.
RewriteEngine On
RewriteCond %{HTTP_HOST} ^example\.com$ [NC]
RewriteRule ^(.*)$ http://www.example.com/$1 [R=301,L]
The issue I'm facing is, after applying https rules, it is redirected to https://www.www.example.com/sells/payment/ which is a wrong url.
Any idea for fixing this?
Enable mod_rewrite and .htaccess through httpd.conf and then put this code in your .htaccess under DOCUMENT_ROOT directory:
Options +FollowSymLinks -MultiViews
# Turn mod_rewrite on
RewriteEngine On
RewriteBase /
RewriteRule ^(sells/payment|customer/login)/ - [E=MY_URL:1]
RewriteCond %{HTTPS} off
RewriteCond %{ENV:MY_URL} 1
RewriteRule ^ https://www.%{HTTP_HOST}%{REQUEST_URI} [R=302,L]
RewriteCond %{HTTPS} on
RewriteCond %{ENV:MY_URL} !=1
RewriteRule ^ http://www.%{HTTP_HOST}%{REQUEST_URI} [R=302,L]
UPDATE:
Options +FollowSymLinks -MultiViews
# Turn mod_rewrite on
RewriteEngine On
RewriteBase /
RewriteRule ^(sells/payment|customer/login)/ - [E=MY_URL:1]
RewriteCond %{HTTPS} off
RewriteCond %{ENV:MY_URL} 1
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=302,L]
RewriteCond %{HTTPS} on
RewriteCond %{ENV:MY_URL} !=1
RewriteRule ^ http://%{HTTP_HOST}%{REQUEST_URI} [R=302,L]
This what I've used consistently across my projects where I have similar use-cases as yourself:
RewriteCond %{SERVER_PORT}s ^(443(s)|[0-9]+s)$
RewriteRule ^(.+)$ - [env=askapache:%2]
# redirect urls with index.html to folder
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /([^/]+/)*index\.html\ HTTP/
RewriteRule ^(([^/]+/)*)index\.html$ http%{ENV:askapache}://%{HTTP_HOST}/$1 [R=301,L]
# change // to /
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /(.*)//(.*)\ HTTP/ [NC]
RewriteRule ^.*$ http%{ENV:askapache}://%{HTTP_HOST}/%1/%2 [R=301,L]
This is an excerpt from a site where I found the solution, so I can't take credit for it:
Smart HTTP and HTTPS .htaccess Rewrite
I haven't tried it, but can you handle it the same way you do cononcial URLs?
RewriteEngine On
RewriteCond %{HTTP_HOST} ^example.com/your-page
RewriteRule (.*) https://www.example.com/your-page [R=301,L]
First, here's the .htaccess rule I currently use:
Options +FollowSymLinks
RewriteEngine on
RewriteRule (.*) http://example.com/$1 [R=301,L]
This is great, and redirects every link of my old domain to the very respective link in new domain. That is, http://olddomain.com/1.html is redirected to http://example.com/1.html and so forth.
But it doesn't redirect https://olddomain.com/1.html to https://example.com/1.html
And just so you know I tried, below are the rules I also happened to test. Unfortunately they're creating some kind of loop, and the redirection doesn't work.
Options +FollowSymLinks
RewriteEngine on
RewriteRule (.*) example.com/$1 [R=301,L]
and
Options +FollowSymLinks
RewriteEngine on
RewriteCond %{SERVER_PORT} ^443$ [OR]
RewriteCond %{HTTPS} =on
RewriteRule (.*) example.com/$1 [R=301,L]
So, can someone give me the rules redirect http pages to http and https pages to https? Thanks.
#if https on
RewriteCond %{HTTPS} on
RewriteRule ^(.*)$ https://example.com/$1 [R=301,L]
#else
RewriteRule ^(.*)$ http://example.com/$1 [R=301,L]
Your HTTPS rewritecond is incorrect. Cond is a regex, not an quality test. It should be
RewriteCond %{HTTPS} !^on
The %{HTTPS} var will only ever contain on or off. Never =on, so the match fails and triggers the redirect, even if https really is on.
update
For an unconditional HTTP->HTTPS redirect you'd need to redirect to an https URL. Your version just detects if HTTPS is *OFF, then redirects to the same url, causing a loop. What you need is:
RewriteCond %{HTTPS} !^on
RewriteRule (.*) https://example.com/$1 [R=301,L]