I am wanting to redirect all my pages to https. Currently it is doing this but some websites when doing test state that I have to many redirects. This is basically what I have set up within my .htaccess file (for Wordpress)"
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
NOTE: I also have another redirect within this file for another reason, as I have changed my URLs and wanting them all to redirect using a 301:
RewriteBase /
RedirectMatch 301 /market/(.*)/ /product/$1
I'm basically wondering if I have done it all correctly or is there a simpler way so there is not so much redirects. I also notice within my Plesk panel there is an option for this. Any help would be great.
I suggest using thos code in your htaccess file to force HTTPS redirection (make sure to adjust URLs to your actual ones):
RewriteCond %{HTTP_HOST} !^domain\.local$ [NC]
RewriteCond %{HTTP_HOST} !^staging\.domain\.com$ [NC]
RewriteCond %{REMOTE_ADDR} !^127.0.0.1$ [NC]
RewriteCond %{HTTP:X-Forwarded-Proto} =http [OR]
RewriteCond %{HTTP:X-Forwarded-Proto} =""
RewriteRule ^(.*)$ https://www.domain.com/$1 [L,R=301]
Related
I have a specific .htaccess defined as is, in order to reroute all traffic from root folder to identical URL in a subfolder with exceptions on sub-domains.
Here's my file:
#RewriteEngine on
#RewriteRule ^(.*)$ http://www.mydomain.fr/blog/$1 [R=301,QSA]
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTP_HOST} !^joe\.mydomain\.fr$ [NC]
RewriteCond %{HTTP_HOST} !^lab\.mydomain\.fr$ [NC]
RewriteCond %{REQUEST_URI} !^joe(.*)
RewriteCond %{REQUEST_URI} !^lab(.*)
RedirectMatch ^/$ http://www.mydomain.fr/blog/
</IfModule>
This file does exactly what I want: when I input something like www.mydomain.fr/wp-admin for example, it will redirect to www.mydomain.fr/blog/wp-admin, but will exclude subdomains joe.mydomain.fr and lab.mydomain.fr from redirection.
However, what happens is that if I go to joe.mydomain.fr?test=1, the server will simply redirect me to joe.mydomain.fr but the GET parameter disappears.
How can I avoid that?
I tried replacing [NC] with [QSA] or [R=301,QSA], but I get an Internal Server Error.
Thanks.
After spending my day documenting about how .htaccess files actually work, I was finally able to solve my problem with the following file, inspired by the one from Abhishek Gurjar:
Options +FollowSymLinks
RewriteEngine On
RewriteBase /s
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTP_HOST} !^joe\.mydomain\.fr$ [NC]
RewriteCond %{HTTP_HOST} !^lab\.mydomain\.fr$ [NC]
RewriteCond %{HTTP_HOST} !^blog\.mydomain\.fr$ [NC]
RewriteCond %{REQUEST_URI} !/joe
RewriteCond %{REQUEST_URI} !/lab
RewriteRule ^(.*)$ http://www.mydomain.fr/blog/$1 [R=301]
</IfModule>
FYI, the 3 first lines are mandatory with my provider 1&1 apparently...
What I changed is the REQUEST_URI from being !^joe(.* ) and !^lab(.*) to !/joe and !/lab and then excluding the blog.mydomain.fr URL as well to avoid problems with blog.mydomain.fr/joe or blog.mydomain.fr/lab if ever one day I use them.
Finally, I had to redirect my sub-domains in my 1&1 client interface to the subfolders of my webspace instead of the URL in hard, meaning:
Instead of redirecting joe.mydomain.fr to http://www.mydomain.fr/joe, I redirect it to /www/joe/
That configuration now allows me to type in an URL such as joe.mydomain.fr?dnt=1 while getting redirected to http://www.mydomain.fr/joe?dnt=1 which is exactly what I wanted to do.
I hope this helps others.
Thanks for the help.
I am using WordPress. I need to force all pages to use HTTPS, expect one specific page that has an iframe with insecure content that cannot be replaced.
I have tried many different configurations in my .htaccess file. Some of them have worked better than other, but none of them have worked completely.
The problem I'm running into is that the navigation menus on the site use relative links. I've found some options that have allowed me to force HTTP on the iframe page, but then any navigation links clicked on that page (outside of the iframe) do not redirect back to the HTTPS version of those pages.
Here is one example I've come across that doesn't quite work.
<IfModule mod_rewrite.c>
RewriteEngine On
# Go to https if not on /iframe/
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} !^/iframe/$ [NC]
RewriteRule ^(.*)$ https://www.example.com/$1 [R=301,L]
# Go to http if you are on /iframe/
RewriteCond %{SERVER_PORT} !80
RewriteCond %{REQUEST_URI} ^/iframe/$ [NC]
RewriteRule ^(.*)$ https//www.example.com/$1 [R=301,L]
</IfModule>
You can use the following rules in your .htaccess file to achieve that. What this does is first check if HTTPs is not on, if not, then it will forward everything to HTTPs except for the directory /iframe/. The second rule checks if HTTPs is on, if so then it will redirect /frame/ back to HTTP.
RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-SSL} !on
RewriteCond %{REQUEST_URI} !^\/(iframe)
RewriteRule (.*) https://%{HTTP_HOST}/$1 [L,R=301]
RewriteCond %{HTTP:X-Forwarded-SSL} =on
RewriteCond %{REQUEST_URI} ^\/(iframe)
RewriteRule (.*) http://%{HTTP_HOST}/$1 [L,R=301]
Make sure you clear your cache before testing this.
EDIT:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{THE_REQUEST} !/iframe/ [NC]
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
RewriteCond %{HTTPS} on
RewriteCond %{THE_REQUEST} ^/iframe/ [NC]
RewriteRule ^(.*)$ http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
I'm having some issues with some .htaccess redirects only working in certain situations.
The code I have is
RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
And here are the results of my tests
https://www.example.com redirects to http://example.com
https://example.com does nothing
https://www.example.com/page-name redirects to http://example.com/page-name
https://example.com/page-name does nothing
This is a WordPress site and the .htaccess code sits above the WordPress code. I have also tried it below too and I get the same results
It looks like the site didnt have an SSL attatched to it so the
RewriteCond %{HTTPS} on
rule was not working correctly.
Because of this I went down this method to fix the redirects and make it work in all of the test cases that I mentioned in the question.
RewriteEngine On
RewriteCond %{HTTP_HOST} ^www\.example\.com [NC]
RewriteRule ^(.*)$ http://example.com/$1 [L,R=301]
Use this in your .htaccess instead:
RewriteCond %{HTTPS} =on
RewriteRule ^(.*)$ http://example.com%{REQUEST_URI} [R,L]
I'm assuming that you want www forced to not show, since you did not include it in the URL. If that is the case, include this extra condition to force it to not show:
RewriteCond %{HTTP_HOST} ^www\. [NC,OR]
RewriteCond %{HTTPS} =on
RewriteRule ^(.*)$ http://example.com%{REQUEST_URI} [R,L]
Make sure you clear your cache before testing this.
I have googled for an hour about this, but none of the alternates are working for me. My goal:
301 Redirect from http://www.domain.com/guides/men/ to https://www.domain.com/guides/men/
I have tried both of these solutions suggested on other pages and neither worked. I keep seeing the http version of the page in both cases:
http://stackoverflow.com/questions/4762859/htaccess-redirect-subfolder-to-https
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^(guides/men/.*)$ https://www.example.com/$1 [R=301,L]
http://stackoverflow.com/questions/9642877/redirect-only-one-folder-to-https-all-others-to-http
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} secure
RewriteRule ^(.*)$ https://www.example.com/guides/men/$1 [R=301,L]
At this point Im wondering if its my syntax, or placement within (a very large htaccess file - nearly 2,300 lines of redirects due to a recent major site migration). I was putting it at the bottom of the file.
This should work.
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^(guides/men/.*)$ https://www.domain.com/$1 [R=301,L]
I'm working on a wordpress site. And just installed SSL. It has been installed correctly but I want to redirect visitors to the https url for certain pages only. I also want to force browser to use http for other pages.
I know this can be done with .htaccess and tried several things as well. But unable to get this as I need. I'm a novice at handling .haccess rewrite rules and can't find the docs that can guide me.
For example, I need to force browser to use https for this two urls:
http://www.example.com/sells/payment/
http://www.example.com/customer/login/
and for all other urls to just use normal http forcefully. What kind of rules I need to write?
Update 1
I also have a rule that redirects non-www url to a www url, and that might be conflicting with these rules. Here is how I redirect all non-www urls to www urls.
RewriteEngine On
RewriteCond %{HTTP_HOST} ^example\.com$ [NC]
RewriteRule ^(.*)$ http://www.example.com/$1 [R=301,L]
The issue I'm facing is, after applying https rules, it is redirected to https://www.www.example.com/sells/payment/ which is a wrong url.
Any idea for fixing this?
Enable mod_rewrite and .htaccess through httpd.conf and then put this code in your .htaccess under DOCUMENT_ROOT directory:
Options +FollowSymLinks -MultiViews
# Turn mod_rewrite on
RewriteEngine On
RewriteBase /
RewriteRule ^(sells/payment|customer/login)/ - [E=MY_URL:1]
RewriteCond %{HTTPS} off
RewriteCond %{ENV:MY_URL} 1
RewriteRule ^ https://www.%{HTTP_HOST}%{REQUEST_URI} [R=302,L]
RewriteCond %{HTTPS} on
RewriteCond %{ENV:MY_URL} !=1
RewriteRule ^ http://www.%{HTTP_HOST}%{REQUEST_URI} [R=302,L]
UPDATE:
Options +FollowSymLinks -MultiViews
# Turn mod_rewrite on
RewriteEngine On
RewriteBase /
RewriteRule ^(sells/payment|customer/login)/ - [E=MY_URL:1]
RewriteCond %{HTTPS} off
RewriteCond %{ENV:MY_URL} 1
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=302,L]
RewriteCond %{HTTPS} on
RewriteCond %{ENV:MY_URL} !=1
RewriteRule ^ http://%{HTTP_HOST}%{REQUEST_URI} [R=302,L]
This what I've used consistently across my projects where I have similar use-cases as yourself:
RewriteCond %{SERVER_PORT}s ^(443(s)|[0-9]+s)$
RewriteRule ^(.+)$ - [env=askapache:%2]
# redirect urls with index.html to folder
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /([^/]+/)*index\.html\ HTTP/
RewriteRule ^(([^/]+/)*)index\.html$ http%{ENV:askapache}://%{HTTP_HOST}/$1 [R=301,L]
# change // to /
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /(.*)//(.*)\ HTTP/ [NC]
RewriteRule ^.*$ http%{ENV:askapache}://%{HTTP_HOST}/%1/%2 [R=301,L]
This is an excerpt from a site where I found the solution, so I can't take credit for it:
Smart HTTP and HTTPS .htaccess Rewrite
I haven't tried it, but can you handle it the same way you do cononcial URLs?
RewriteEngine On
RewriteCond %{HTTP_HOST} ^example.com/your-page
RewriteRule (.*) https://www.example.com/your-page [R=301,L]