I have a wordpress setup that I am going to host a payment portal on now
I just want to redirect all the urls that contain the word training
I have these rules in my .htaccess file but they dont work
RewriteCond %{REQUEST_URI} training
RewriteRule https://{HTTP_HOST}%{REQUEST_URI} [R=301,L]
Just to be clear not query string parameters. But a part of the url
e.g.
www.abc.com/training/ should got to https://www.abc.com/training/
www.abc.com/training/test123/ should got to https://www.abc.com/trainig/test123/
You are missing a % before {HTTP_HOST}, it will be like this:
RewriteCond %{HTTPS} !=on
RewriteRule ^training/(.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L,QSA]
I suppose it is what you are looking for:
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_URI} training [NC]
RewriteRule ^(?:http[s]?:\/\/)?(.*)$ https://$1 [R=301,L]
Unfortunately, this world is far not perfect, and there is no reliable online-testing tool for mod_rewrite, so the last line could possibly be different:
RewriteRule ^(?:http[s]?:\/\/)?(.*)$ https://%1/$1 [R=301,L]
Related
I need to redirect any bridges.edu URLs to losangeles.bridges.edu EXCEPT for the www.bridges.edu itself, the wp-admin directory, and wp-login.php. The first objective (site redirect save for www.bridges.edu) works fine with following coding:
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} ^(www\.)?bridges\.edu$ [NC]
RewriteRule ^.+$ http://losangeles.bridges.edu%{REQUEST_URI} [L,R=301]
However, when I try to exclude the wordpress directories and login, I either get a 500 error using something like the following:
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_URI} ^(.*)?wp-login\.php(.*)$ [L]
RewriteCond %{REQUEST_URI} ^(.*)?wp-admin$ [L]
RewriteCond %{HTTP_HOST} ^(www\.)?bridges\.edu$ [NC]
RewriteRule ^.+$ http://losangeles.bridges.edu%{REQUEST_URI} [L,R=301]
Or I essentially get page not found/server unavailable error as it tries to resolve to non-existent /wp-admin or wp-login.php locations on losangeles.bridges.edu using something like this:
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_URI} !^(.*)?wp-login\.php(.*)$
RewriteCond %{REQUEST_URI} !^(.*)?wp-admin$
RewriteCond %{HTTP_HOST} ^(www\.)?bridges\.edu$ [NC]
RewriteRule ^.+$ http://losangeles.bridges.edu%{REQUEST_URI} [L,R=301]
I've tried several other iterations of the preceding based on a bunch of posts I've found here and on other sites, but I can't quite get it to work.
And apologies if I'm missing something simple; I'm an editor with a decent amount of coding knowledge, but I'm certainly not a developer! (Also, my first post here -- sorry if I've misformatted something. I was sure to look through as many similar posts as possible before creating this one.)
You can use the following :
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} ^(www\.)?bridges\.edu$ [NC]
RewriteCond %{REQUEST_URI} !wp-admin [NC]
RewriteCond %{REQUEST_URI} !wp-login\.php [NC]
RewriteRule ^.+$ http://losangeles.bridges.edu%{REQUEST_URI} [L,R=301]
Make sure to clear your browser caches before checking this redirect.
I'm having some issues with some .htaccess redirects only working in certain situations.
The code I have is
RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
And here are the results of my tests
https://www.example.com redirects to http://example.com
https://example.com does nothing
https://www.example.com/page-name redirects to http://example.com/page-name
https://example.com/page-name does nothing
This is a WordPress site and the .htaccess code sits above the WordPress code. I have also tried it below too and I get the same results
It looks like the site didnt have an SSL attatched to it so the
RewriteCond %{HTTPS} on
rule was not working correctly.
Because of this I went down this method to fix the redirects and make it work in all of the test cases that I mentioned in the question.
RewriteEngine On
RewriteCond %{HTTP_HOST} ^www\.example\.com [NC]
RewriteRule ^(.*)$ http://example.com/$1 [L,R=301]
Use this in your .htaccess instead:
RewriteCond %{HTTPS} =on
RewriteRule ^(.*)$ http://example.com%{REQUEST_URI} [R,L]
I'm assuming that you want www forced to not show, since you did not include it in the URL. If that is the case, include this extra condition to force it to not show:
RewriteCond %{HTTP_HOST} ^www\. [NC,OR]
RewriteCond %{HTTPS} =on
RewriteRule ^(.*)$ http://example.com%{REQUEST_URI} [R,L]
Make sure you clear your cache before testing this.
I am wanting to redirect all my pages to https. Currently it is doing this but some websites when doing test state that I have to many redirects. This is basically what I have set up within my .htaccess file (for Wordpress)"
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
NOTE: I also have another redirect within this file for another reason, as I have changed my URLs and wanting them all to redirect using a 301:
RewriteBase /
RedirectMatch 301 /market/(.*)/ /product/$1
I'm basically wondering if I have done it all correctly or is there a simpler way so there is not so much redirects. I also notice within my Plesk panel there is an option for this. Any help would be great.
I suggest using thos code in your htaccess file to force HTTPS redirection (make sure to adjust URLs to your actual ones):
RewriteCond %{HTTP_HOST} !^domain\.local$ [NC]
RewriteCond %{HTTP_HOST} !^staging\.domain\.com$ [NC]
RewriteCond %{REMOTE_ADDR} !^127.0.0.1$ [NC]
RewriteCond %{HTTP:X-Forwarded-Proto} =http [OR]
RewriteCond %{HTTP:X-Forwarded-Proto} =""
RewriteRule ^(.*)$ https://www.domain.com/$1 [L,R=301]
I run an Apache server with ISPConfig 3 installed and WordPress. I applied rewrite rules so that all HTTP goes to HTTPS and all WWW goes to non-WWW.
RewriteEngine on
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [QSA,L]
RewriteEngine on
RewriteCond %{HTTP_HOST} ^www\.example\.com [NC]
RewriteRule ^(.*)$ https://example.com$1 [QSA,L]
I put this in my WordPress htaccess, and the example.com.vhost file created by ISPConfig 3.
The problem is now, even with the QSA in the flags, the query string is removed. I have tried the flags:
[L,R]
[R=301,L]
[R=301,L,QSA]
[L,QSA]
[QSA,L]
I have checked apache2.conf, 000-default from ISPConfig, example.com.vhost, and .htaccess files for any rules that do not have QSA or R and have not found any.
I'm a RewriteRule novice, but I'm trying to wrap my head around this, what am I doing wrong?
EDIT: While in my WP dashboard, I noticed that query strings are present in the URLs. So while on the frontend my server drops the query string, on the backend the query string is preserved. So I'm thinking that the WordPress's .htaccess must be the issue, right?
Try with:
RewriteEngine on
RewriteCond %{HTTP_HOST} ^www\.(.+) [NC]
RewriteRule ^ https://%1%{REQUEST_URI} [NE,L,R=301]
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [NE,L,R=301]
Test for www before test with https
No need to add [QSA] if you do not add ? and new query string.
While experimenting never use the R=301 permanent redirect because it will make live very hard for you. With Firefox you need to delete the entire cache just to try again. A useful trick can be using the private navigation mode to test. Then at least you can ditch it and start up another one.
Query strings would be transferred automatically in a [R] redirect. Unless maybe there is some QSD before or you put a ? inside the RewriteRule.
Can you try it like this?
RewriteEngine on
RewriteCond %{HTTPS} ^off$
RewriteRule . https://example.com%{REQUEST_URI} [R,L]
RewriteEngine on
RewriteCond %{HTTPS} ^on$
RewriteCond %{HTTP_HOST} ^www\.example\.com [NC]
RewriteRule . https://example.com%{REQUEST_URI} [R,L]
We've got a shopping site which we're hosting on a shared host (Mediatemple Gridserver). Some parts of the site need to use HTTPS (checkout etc) but the rest should be using HTTP.
Does anyone know how we can always force the correct use of HTTP/HTTPS for particular URLs? We've had it working in various states but we can't get a request for a page that should be on HTTP but is requested with HTTPS to switch back correctly.
I've had a look around SO but couldn't find a suitable answer to this.
I use something similar to this for my admin folder in wordpress:
#redirect all https traffic to http, unless it is pointed at /checkout
RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} !^/checkout/?.*$
RewriteRule ^(.*)$ http://mydomain.com/$1 [R=301,L]
The RewriteCond %{HTTPS} on portion may not work for all web servers. My webhost requires RewriteCond %{HTTP:X-Forwarded-SSL} on, for instance.
If you want to force the reverse, try:
#redirect all http traffic to https, if it is pointed at /checkout
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} ^/checkout/?.*$
RewriteRule ^(.*)$ https://mydomain.com/$1 [R=301,L]
If you want some alternate ways to do it, check out askapache.
This should work in pretty much every scenario and should work in your actual vhost or .htaccess:
RewriteEngine on
RewriteCond %{SERVER_PORT} ^80$
RewriteRule ^(.*)$ https://%{SERVER_NAME}/%{REQUEST_URI} [R=301,L]
(do not forget the slash before %{REQUEST_URI} as this may allow passing a portnumber, which is dangerous)
RewriteEngine on
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^(.*)$ https://%{SERVER_NAME}/%{REQUEST_URI} [R=301,L]
I had some problem being behind a loadballancer. This how i fixed it.
As detailed in this answer, fix your application to use https:// links when needed. Don't rely on automatic redirections, this could lead you to a false sense of security if you haven't made your links/forms served over https:// go to https:// URLs too. Using mod_rewrite automatically makes it harder to detect such mistakes (which can also be vulnerabilities).
For me worked this (I used it for wordpress site and redirecting to HTTPS). You have to add the condition and rule lines just behind RewriteEngine and RewriteBase lines:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
# I added these two lines for redirect to HTTPS
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^(.*)$ https://www.yoursite.com/$1 [R=301,L]
# (end of custom modifications)
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress`
Have a look to condition RewriteCond %{HTTP:X-Forwarded-Proto} !https - only this worked for my server hosting.
(I tried RewriteCond %{SERVER_PORT} !^443$ or RewriteCond %{HTTPS} off as well, but without success.
I think it should be:
RewriteCond %{HTTPS} =on
^/checkout(.*) http://shoppingsite.com/checkout$1 [R]
See the mod_rewrite documentation.