Making .htaccess more efficient - apache

I have an .htaccess that I've cobbled together over the years using this site as a guide but hoping I can consolidate some of the lines to make it more efficient.
These lines do three things:
Redirect any non-www requests to the www variant;
Redirect any .com requests to the proper .org TLD;
Redirect any http to the proper https variant; 3.
Here's what I have:
RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,L]
RewriteEngine On
RewriteCond %{http_host} ^example.com
RewriteRule ^(.*) https://www.example.org/$1 [R=301,L]
RewriteEngine On
RewriteCond %{HTTP_HOST} example\.org [NC]
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.example.org/$1 [R,L]
Is there a way to combine (at least some) of these functions into fewer lines?
I'm NOT having any problems, it's just the organizer in me that feels it could be neater.....
Thanks in advance for any suggestions!

# Rule #1
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,L]
# Rule #2
RewriteCond %{http_host} ^example.com
RewriteRule ^(.*) https://www.example.org/$1 [R=301,L]
# Rule #3
RewriteCond %{HTTP_HOST} example\.org [NC]
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.example.org/$1 [R,L]
Yes, your rules can be optimised. Not least because they don't actually do what you say they do!
(I'm assuming you have no intention to implement HSTS?)
Redirect any .com requests to the proper .org TLD;
These directives don't actually redirect the .com variant to .org, as you suggest in your 2nd requirement. If you are seeing this redirect then it's not because of these directives. Most probably WordPress itself is doing this, later in the request.
For example...
Scenario #1:
Request http://www.example.com/ (or https://www.example.com/)
No redirects occur since the requested host does not match rule #1, #2 or #3
The request is not redirected to .org (or HTTPS in the case of a request to http://...)
scenario #2:
Request http://example.com/ (or https://example.com/)
Redirect to https://www.example.com/ (same domain) by rule #1
No further redirects occur as stated in "Scenario #1" above.
The request is not redirected to .org.
As you can see from these examples your rule #2 (that matches example.com only) doesn't actually do anything. It is always bypassed because rule #1 has already redirected the request to the www subdomain. It would be "better" if rule #1 and #2 were reversed, however, that still wouldn't resolve the issue when www.example.com (www subdomain) was requested, as nothing would happen still.
Other notes:
Rule #3 - HTTP to HTTPS redirect - is a temporary (302) redirect. This should be a 301, like the others.
No need to repeat the RewriteEngine On directive. It only needs to occur once in the file. (It is often seen repeated when .htaccess files are edited by "the machine", not code "by hand".) For readability, this should be at the top of the file. However, if you have multiple RewriteEngine directives it's actually the last instance that wins and controls the entire file (which may not be intuitive). eg. If you put a RewriteEngine Off directive at the very end of the .htaccess file then... it's off for the whole file, despite any RewriteEngine directives you might have preceding this.
Simplified (and "fixed"):
Redirect any non-www requests to the www variant;
Redirect any .com requests to the proper .org TLD;
Redirect any http to the proper https variant; 3
These 3 requirements are only satisfied if everything redirects to www + .org + HTTPS. ie. Everything must redirect to https://www.example.org/ (the canonical URL).
So, your existing 3 rules can be reduced to a single rule, in order to satisfy your 3 requirements. ie. If the request is not for https://www.example.org/ then redirect to https://www.example.org/.
RewriteEngine On
# If not the canonical host OR not HTTPS then redirect to HTTPS + canonical host
RewriteCond %{HTTP_HOST} !^www\.example\.org$ [OR]
RewriteCond %{SERVER_PORT} 80
RewriteRule (.*) https://www.example.org/$1 [R=301,L]
We don't need to reference example.com at all here, since we are only concerned whether it is not the canonical host.
And, since this is a WordPress site, this redirect must go before the WP front-controller, near the top of your .htaccess file.

You won't need to repeatedly write RewriteEngine On. Once is enough.
RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,L]
RewriteCond %{HTTP_HOST} ^example\.com
RewriteRule ^(.*)$ https://www.example.org/$1 [R=301,L]
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

Related

.htaccess - SSL redicect condition for one specific domain not working

I have an apache server with multiple websites hosted:
main-website.com
subdomain1.main-website.com
subdomain2.main-website.com
another-website1.com
another-website2.com
another-website3.com
I need to redirect only https://www.main-website.com to https://www.main-website.com
The subdomains and all the other websites don't need a ssl certificate; therefore I want to exclude them from redirection by specifying that only main-website needs to be redirected.
This is my .htaccess syntax (it seems correct having researched a lot on this topoic)
#NON-WWW to WWW (whis applies to all domains and subdomains)
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
#redirect HTTP to HTTPS only for main-website.com:
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} main-website.com [NC]
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
The condition of redirecting main-website.com has been specified, but it does not work! In fact every other domain and subdomain is redirected to HTTPS!!
Do you know where the error could be?
Thank you :)
There must be a typo in your question, you want to redirect from https://www.main-website.com to https://www.main-website.com I will take for granted you wanted to say http://www.main-website.com to https://www.main-website.com
So, your first RewriteCond-RewriteRule set rewrites:
somesite.com ---> https://www.somesite.com
But notice that you also force https in that rediction. Therefore any attempt to reach http://somesite.com will go to https://www.somesite.com
It is probably this rule set that is triggered by your other domains. That first rule should be to rewrite: non www to www, without forcing https at that point.
Then the next rule set will apply only to your main-website and send it to https.
#NON-WWW to WWW (whis applies to all domains and subdomains)
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
#redirect HTTP to HTTPS only for main-website.com:
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} main-website.com [NC]
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
I have updated the first set of instructions. Still, it does not work :(

htaccess redirect for https, www and com to co.uk

I've been trying to solve this issue for hours now to no avail. To get to the point, I have identical domains with different TLDs, .com and .co.uk. Here's my htaccess file at the moment:
RewriteCond %{HTTPS} off
# First rewrite to HTTPS:
# Don't put www. here. If it is already there it will be included, if not
# the subsequent rule will catch it.
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# Now, rewrite any request to the wrong domain to use www.
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule .* https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# com to co.uk redirect
RewriteCond %{HTTP_HOST} ^(www\.)?example\.com$ [NC]
RewriteRule ^(.*)$ http://www.example.co.uk/$1 [R=301,L]
I've been trying to test the config here: http://htaccess.mwl.be/ but I'm getting some strange results, like the .com domain being appended to the .co.uk one.
It also seems like some rules work while others don't. The aim is all variations of example.com redirected to https://www.example.co.uk eg:
www.example.com
http://www.example.com
https://example.com
Can anyone see where I'm going wrong with this? I'm not very experienced with htaccess redirects so any help is appreciated.
You can use the following :
RewriteEngine on
RewriteCond %{HTTP_HOST} ^(www\.)?example\.com$
RewriteRule ^ https://www.example.co.uk%{REQUEST_URI} [NE,L,R]
The rule above will redirect :
http://www.example.com
to
https://www.example.co.uk

Redirect to https always with www optimization using htaccess

I need to redirect everything to my domain to use https://www and below is the .htaccess I am currently using:
RewriteCond %{HTTPS} off
# First rewrite to HTTPS:
# Don't put www. here. If it is already there it will be included, if not
# the subsequent rule will catch it.
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# Now, rewrite any request to the wrong domain to use www.
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
It is working but it makes 2 redirects to the browser one if missing the www and the second if missing the secure which is slow of course and may be bad.
What I want or my question is can this be reduced to single redirect rule to make it add both the www and the https in one rule.
This online test tool shows 2 redirects https://varvy.com/tools/ :
Final status code: 200
2 Redirect(s)
http://domain.com
301 redirect
https://domain.com/
https://domain.com/
301 redirect
https://www.domain.com/
Any good optimizations to this code.
You can use:
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^ https://www.%{HTTP_HOST}%{REQUEST_URI} [NE,L,R=301]
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [NE,L,R=301]
2 rules but never more than one redirection
You can use just 1 single rule
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]
non-www to www redirect is not needed here because you want to redirect both versions to https://www .
Clear your browser's cache before testing this.

Redirect a.com/a.html to b.com/a.html

I need to redirect a.com/a.html to b.com/a.html htaccess Apache. I have several subdomains that are not being redirected to the b.com(which is fine). and the example below is only the first domain that needs to be redirected. Three other domains are needed to be redirected to b.com as well with all of their subpages as a.com/a.html to b.com/a.html. Any hints?
RewriteCond %{HTTP_HOST} ^(www\.)?nexus21\.com$ [NC,OR]
RewriteCond %{HTTP_HOST} ^tvlift\.com$ [NC]
RewriteRule ^ http://www.tvlift.com%{REQUEST_URI} [L,NE,R=301]
I would do each subdomain redirect separately. That way it is cleaner and more maintainable. If you are redirecting few known files then name them directly.
RewriteEngine on
RewriteRule "^/foo\.html$" "bar.html" [R]
If there are lots of file or you will be adding in future then use a pattern
RewriteEngine on
RewriteRule "^/docs/(.+)" "http://new.example.com/docs/$1" [R,L]
See this page
http://httpd.apache.org

redirect http to https for some page in site in APACHE

I want to one of my site's page will use only HTTPS.
I have given manually link to all sites to https.
But I want that if user manually types that page URL with http then it should be redirected to https page.
So if user types:
http://example.com/application.php
then it should be redirected to
https://example.com/application.php
Thanks
Avinash
Here's a couple of lines I used in an .htaccess file for my blog, some time ago :
RewriteCond %{HTTP_HOST} =www.example.com
RewriteCond %{REQUEST_URI} ^/admin*
RewriteCond %{HTTPS} !=on
RewriteRule ^admin/(.*)$ https://www.example.com/admin/$1 [QSA,R=301,L]
Basically, the idea here is to :
determine whether the host is www.example.com
and the URL is /admin/*
Because I only wanted the admin interface to be in https
which means this second condition should not be useful, in your case
and https is off (i.e. the request was made as http)
And, if so, redirect to the requested page, using https instead of http.
I suppose you could use this as a starting point, for your specific case :-)
You'll probably just have to :
change the first and last line
remove the second one
Edit after the comment : well, what about something like this :
RewriteCond %{HTTP_HOST} =mydomain.com
RewriteCond %{HTTPS} !=on
RewriteRule ^(.*)$ https://mydomain.com/$1 [QSA,R=301,L]
Basically :
using your own domain name
removing the parts about admin
Try this rule:
RewriteEngine on
RewriteCond %{HTTPS} !=on
RewriteRule ^application\.php$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
This rule is intended to be used in the .htaccess file in the document root of your server. If you want to use it in the server configuration file, add a leading slash to the pattern of RewriteRule.
use this:
RewriteEngine On
# Turn SSL on for /user/login
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} ^/user/login
RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L]
# Turn SSL off everything but /user/login
RewriteBase /
RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} !^/user/login
RewriteRule ^(.*)$ http://%{HTTP_HOST}$1 [R=301,L]
website
open httpd.conf or .htaccess file (mod_rewrite not required):
# vim httpd.conf
Append following line :
Redirect permanent / https://example.com/