I run an Apache server with ISPConfig 3 installed and WordPress. I applied rewrite rules so that all HTTP goes to HTTPS and all WWW goes to non-WWW.
RewriteEngine on
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [QSA,L]
RewriteEngine on
RewriteCond %{HTTP_HOST} ^www\.example\.com [NC]
RewriteRule ^(.*)$ https://example.com$1 [QSA,L]
I put this in my WordPress htaccess, and the example.com.vhost file created by ISPConfig 3.
The problem is now, even with the QSA in the flags, the query string is removed. I have tried the flags:
[L,R]
[R=301,L]
[R=301,L,QSA]
[L,QSA]
[QSA,L]
I have checked apache2.conf, 000-default from ISPConfig, example.com.vhost, and .htaccess files for any rules that do not have QSA or R and have not found any.
I'm a RewriteRule novice, but I'm trying to wrap my head around this, what am I doing wrong?
EDIT: While in my WP dashboard, I noticed that query strings are present in the URLs. So while on the frontend my server drops the query string, on the backend the query string is preserved. So I'm thinking that the WordPress's .htaccess must be the issue, right?
Try with:
RewriteEngine on
RewriteCond %{HTTP_HOST} ^www\.(.+) [NC]
RewriteRule ^ https://%1%{REQUEST_URI} [NE,L,R=301]
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [NE,L,R=301]
Test for www before test with https
No need to add [QSA] if you do not add ? and new query string.
While experimenting never use the R=301 permanent redirect because it will make live very hard for you. With Firefox you need to delete the entire cache just to try again. A useful trick can be using the private navigation mode to test. Then at least you can ditch it and start up another one.
Query strings would be transferred automatically in a [R] redirect. Unless maybe there is some QSD before or you put a ? inside the RewriteRule.
Can you try it like this?
RewriteEngine on
RewriteCond %{HTTPS} ^off$
RewriteRule . https://example.com%{REQUEST_URI} [R,L]
RewriteEngine on
RewriteCond %{HTTPS} ^on$
RewriteCond %{HTTP_HOST} ^www\.example\.com [NC]
RewriteRule . https://example.com%{REQUEST_URI} [R,L]
Related
I'm having some issues with some .htaccess redirects only working in certain situations.
The code I have is
RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
And here are the results of my tests
https://www.example.com redirects to http://example.com
https://example.com does nothing
https://www.example.com/page-name redirects to http://example.com/page-name
https://example.com/page-name does nothing
This is a WordPress site and the .htaccess code sits above the WordPress code. I have also tried it below too and I get the same results
It looks like the site didnt have an SSL attatched to it so the
RewriteCond %{HTTPS} on
rule was not working correctly.
Because of this I went down this method to fix the redirects and make it work in all of the test cases that I mentioned in the question.
RewriteEngine On
RewriteCond %{HTTP_HOST} ^www\.example\.com [NC]
RewriteRule ^(.*)$ http://example.com/$1 [L,R=301]
Use this in your .htaccess instead:
RewriteCond %{HTTPS} =on
RewriteRule ^(.*)$ http://example.com%{REQUEST_URI} [R,L]
I'm assuming that you want www forced to not show, since you did not include it in the URL. If that is the case, include this extra condition to force it to not show:
RewriteCond %{HTTP_HOST} ^www\. [NC,OR]
RewriteCond %{HTTPS} =on
RewriteRule ^(.*)$ http://example.com%{REQUEST_URI} [R,L]
Make sure you clear your cache before testing this.
I am wanting to redirect all my pages to https. Currently it is doing this but some websites when doing test state that I have to many redirects. This is basically what I have set up within my .htaccess file (for Wordpress)"
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
NOTE: I also have another redirect within this file for another reason, as I have changed my URLs and wanting them all to redirect using a 301:
RewriteBase /
RedirectMatch 301 /market/(.*)/ /product/$1
I'm basically wondering if I have done it all correctly or is there a simpler way so there is not so much redirects. I also notice within my Plesk panel there is an option for this. Any help would be great.
I suggest using thos code in your htaccess file to force HTTPS redirection (make sure to adjust URLs to your actual ones):
RewriteCond %{HTTP_HOST} !^domain\.local$ [NC]
RewriteCond %{HTTP_HOST} !^staging\.domain\.com$ [NC]
RewriteCond %{REMOTE_ADDR} !^127.0.0.1$ [NC]
RewriteCond %{HTTP:X-Forwarded-Proto} =http [OR]
RewriteCond %{HTTP:X-Forwarded-Proto} =""
RewriteRule ^(.*)$ https://www.domain.com/$1 [L,R=301]
I've Wordpress site with WPML installed. I've done 2 things recently:
Move HTTP only to HTTPS only
Move http://domain.pl to https://domain.xyz (English)
Move http://domain.pl/pl to https://domain.pl (Polish)
This is done to improve SEO. However while I got that working without much problem using:
# BEGIN HTTPS
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{SERVER_PORT} ^80$
#RewriteCond %{HTTPS} !^on$
#RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R=301,L]
RewriteRule ^(.*)$ https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]
</IfModule>
# END HTTPS
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
In apache.conf file ServerName domain.xyz, ServerAlias domain.pl www.domain.pl and so on. I'm having problems with most of my old blog posts that are around the internet in different forms. For example:
This little entry http://domain.pl/email-address-policy/ redirects properly to https://domain.xyz/email-address-policy/
This little entry http://domain.pl/powershell-write-host doesn't. It simply goes to https://domain.pl/powershell-write-host which is 404 and that's it.
It seems that last / is making huge difference.
I've planned to add all redirects in even direct form 1 to 1 to new domain but since it's partially working, partially not I'm kind of lost... and I am not sure how I could translate them correctly.
EDIT:
I've tried multiple options, even one that supposedly rewrites all links to end with / and it still fails.
# BEGIN HTTPS
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
#RewriteCond %{SERVER_PORT} ^80$
#RewriteCond %{HTTPS} !^on$
#RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R=301,L]
#RewriteRule ^(.*)$ https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]
#RewriteRule ^(.*)$ https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]
#RewriteRule ^(.*)$ https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]
RewriteCond %{HTTPS} !^on$
#RewriteRule (.*) https://evotec.xyz/$1 [R=301,L]
#RewriteRule (.*) https://%{SERVER_NAME%}/$1 [R=301,L]
#RewriteCond %{REQUEST_FILENAME} !-f
#RewriteCond %{REQUEST_URI} !(.*)/$
#RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1/ [L,R=301]
#RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !(.*)/$
RewriteCond %{REQUEST_FILENAME} !\.(gif|jpg|png|jpeg|css|js)$ [NC]
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1/ [L,R=301]
</IfModule>
# END HTTPS
Another update:
https://domain.xyz/url-is-here - works correctly
https://domain.xyz/url-is-here/ - works correctly
https://domain.pl/url-is-here - doesn't work, isn't convered to https://domain.xyz/url-is-here/
https://domain.pl/url-is-here/ - convers correctly to https://domain.xyz/url-is-here/
So it's not entirely not working for all slash vs non-slash. It's more about translation of some sort that doesn't happen if it points to old domain.
I've tried using Redirect Checker to see how it works (on proper example) but I can't make any meaning from it.
Check of http://evotec.pl/hub/scripts/office365-addbulkemailaddressses-ps1
http://evotec.pl/hub/scripts/office365-addbulkemailaddressses-ps1 301
Moved Permanently
https://evotec.pl/hub/scripts/office365-addbulkemailaddressses-ps1/
301 Moved Permanently
https://evotec.xyz/hub/scripts/office365-addbulkemailaddressses-ps1/
200 OK
Check of http://evotec.pl/hub/scripts/office365-addbulkemailaddressses-ps1/
http://evotec.pl/hub/scripts/office365-addbulkemailaddressses-ps1/ 301
Moved Permanently
https://evotec.xyz/hub/scripts/office365-addbulkemailaddressses-ps1/
200 OK
Check of https://evotec.pl/hub/scripts/office365-addbulkemailaddressses-ps1
https://evotec.pl/hub/scripts/office365-addbulkemailaddressses-ps1
404 Not Found
The more options I try the weirder it gets. While the RedirectChecker seems to be showing one thing ... browser is behaving a bit different and doesn't work for the first entry anyways causing 404 straight away
Edit:
If I leave only "Wordpress" data following is true:
http://evotec.pl/hub/scripts/office365-addbulkemailaddressses-ps1
gets 404 http://evotec.pl/hub/scripts/office365-addbulkemailaddressses-ps1 exactly as is
http://evotec.pl/hub/scripts/office365-addbulkemailaddressses-ps1/ gets https://evotec.xyz/hub/scripts/office365-addbulkemailaddressses-ps1/
https://evotec.pl/hub/scripts/office365-addbulkemailaddressses-ps1 gets 404 exactly as is
It only works properly if i use the correct/new domain then all works properly:
https://evotec.xyz/hub/scripts/office365-addbulkemailaddressses-ps1
https://evotec.xyz/hub/scripts/office365-addbulkemailaddressses-ps1
http://evotec.xyz/hub/scripts/office365-addbulkemailaddressses-ps1
http://evotec.xyz/hub/scripts/office365-addbulkemailaddressses-ps1/
I guess if I can't redirect it, i will leave it as it is and just give up.
I've actually solved it by using SEO Redirection Premium plugin for Wordpress.
It's able to redirect broken links without /. In this case I've done it manually but I'm working on a way to do it in more global way with Regex. Just need to find proper one.
Create a .htaccess file with the below code, it will ensure that all your directories and pages of your old domain will get correctly redirected to your new domain.
The .htaccess file needs to be placed in the root directory of your old website (i.e the same directory where your index file is placed)
Options +FollowSymLinks
RewriteEngine on
RewriteRule (.*) https://www.newdomain.com/$1 [R=301,L]
Please REPLACE www.newdomain.com in the above code with your actual domain name.
In addition to the redirect I would suggest that you contact every backlinking site to modify their backlink to point to your new website(For SEO).
Note* This .htaccess method of redirection works ONLY on Linux servers having the Apache Mod-Rewrite moduled enabled.
And Then for http to https :
RewriteCond %{HTTP_HOST} ^domain\.com.au$ [OR]
RewriteCond %{HTTPS} !on
RewriteRule ^(.*)$ https://www.domain.com.au/$1 [R,L]
And additionally you also can add the below code in wp-config.php
define('WP_SITEURL', 'https://' . $_SERVER['HTTP_HOST']);
define('WP_HOME', 'https://' . $_SERVER['HTTP_HOST']);
Note*: This may not work for you not tried, but you should try once and let me know.
I have a wordpress setup that I am going to host a payment portal on now
I just want to redirect all the urls that contain the word training
I have these rules in my .htaccess file but they dont work
RewriteCond %{REQUEST_URI} training
RewriteRule https://{HTTP_HOST}%{REQUEST_URI} [R=301,L]
Just to be clear not query string parameters. But a part of the url
e.g.
www.abc.com/training/ should got to https://www.abc.com/training/
www.abc.com/training/test123/ should got to https://www.abc.com/trainig/test123/
You are missing a % before {HTTP_HOST}, it will be like this:
RewriteCond %{HTTPS} !=on
RewriteRule ^training/(.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L,QSA]
I suppose it is what you are looking for:
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_URI} training [NC]
RewriteRule ^(?:http[s]?:\/\/)?(.*)$ https://$1 [R=301,L]
Unfortunately, this world is far not perfect, and there is no reliable online-testing tool for mod_rewrite, so the last line could possibly be different:
RewriteRule ^(?:http[s]?:\/\/)?(.*)$ https://%1/$1 [R=301,L]
We've got a shopping site which we're hosting on a shared host (Mediatemple Gridserver). Some parts of the site need to use HTTPS (checkout etc) but the rest should be using HTTP.
Does anyone know how we can always force the correct use of HTTP/HTTPS for particular URLs? We've had it working in various states but we can't get a request for a page that should be on HTTP but is requested with HTTPS to switch back correctly.
I've had a look around SO but couldn't find a suitable answer to this.
I use something similar to this for my admin folder in wordpress:
#redirect all https traffic to http, unless it is pointed at /checkout
RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} !^/checkout/?.*$
RewriteRule ^(.*)$ http://mydomain.com/$1 [R=301,L]
The RewriteCond %{HTTPS} on portion may not work for all web servers. My webhost requires RewriteCond %{HTTP:X-Forwarded-SSL} on, for instance.
If you want to force the reverse, try:
#redirect all http traffic to https, if it is pointed at /checkout
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} ^/checkout/?.*$
RewriteRule ^(.*)$ https://mydomain.com/$1 [R=301,L]
If you want some alternate ways to do it, check out askapache.
This should work in pretty much every scenario and should work in your actual vhost or .htaccess:
RewriteEngine on
RewriteCond %{SERVER_PORT} ^80$
RewriteRule ^(.*)$ https://%{SERVER_NAME}/%{REQUEST_URI} [R=301,L]
(do not forget the slash before %{REQUEST_URI} as this may allow passing a portnumber, which is dangerous)
RewriteEngine on
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^(.*)$ https://%{SERVER_NAME}/%{REQUEST_URI} [R=301,L]
I had some problem being behind a loadballancer. This how i fixed it.
As detailed in this answer, fix your application to use https:// links when needed. Don't rely on automatic redirections, this could lead you to a false sense of security if you haven't made your links/forms served over https:// go to https:// URLs too. Using mod_rewrite automatically makes it harder to detect such mistakes (which can also be vulnerabilities).
For me worked this (I used it for wordpress site and redirecting to HTTPS). You have to add the condition and rule lines just behind RewriteEngine and RewriteBase lines:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
# I added these two lines for redirect to HTTPS
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^(.*)$ https://www.yoursite.com/$1 [R=301,L]
# (end of custom modifications)
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress`
Have a look to condition RewriteCond %{HTTP:X-Forwarded-Proto} !https - only this worked for my server hosting.
(I tried RewriteCond %{SERVER_PORT} !^443$ or RewriteCond %{HTTPS} off as well, but without success.
I think it should be:
RewriteCond %{HTTPS} =on
^/checkout(.*) http://shoppingsite.com/checkout$1 [R]
See the mod_rewrite documentation.