I know this is a question that is asked several time. I tried several rules but redirection of https://example.com to https://www.example.com is not working.
My current redirection rule in the Apache vHost of non SSL is pasted below
RewriteEngine on
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^ https://www.example.com%{REQUEST_URI} [R=301,L,NE
The above rule works fine for http://example.com and http://www.example.com
I find it. This needs to be added in the ssl vhost file.
RewriteEngine on
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^ https://www.example.com%{REQUEST_URI} [R=301,L,NE]
My current redirection rule in the apache vHost of non SSL is pasted below
RewriteEngine on
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^ https://www.example.com%{REQUEST_URI} [R=301,L,NE
You already have a solution, but as you have found, the above redirect will obviously only apply to HTTP requests when in the "vhost of non ssl". In this case, the HTTPS server variable is always "off" - so the first RewriteCond directive is entirely redundant.
However, you don't need mod_rewrite at all when redirecting from HTTP to HTTPS in the HTTP-virtualhost. A simple mod_alias Redirect will do the job much "better":
Redirect 301 / https://www.example.com/
Related
I have a site example.com and also a subdomain and I want the following redirect:
subdomain.example.com -> www.subdomain.example.com
example.com -> www.example.com
I use the following code
RewriteEngine On
# Force www. always and SSL
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}%{REQUEST_URI} [R=301, L]
# Force SSL if already www.
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301, L]
Now the problem is that subdomain.example.com doesn't redirect but subdomain.example.com/ does.
I also get a Server Error when going to example.com, although it does redirect to www. correctly.
The point with these redirects is so that I can in the same .htaccess file in the root folder hopefully redirect the subdomains to subdomain.com more easily, I have several domains on one server.
I think you can combine the directives together like this:
RewriteEngine On
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteCond %{HTTP_HOST} ^(.*)$ [NC]
RewriteRule (.*) https://www.%1/$1 [R=301,L]
=> Check if HTTPS is off, or if the domain name does not begin with www, and then redirect to https://www.whatever.
I have a site that is getting a lot of traffic so performance is critical. I'm using apache and ubuntu.
I'm trying to redirect all possible domain possibilities to https://example.com including all subdomains (https://test.example.com).
Here is what I have currently:
RewriteEngine On
# match any URL with www and rewrite it to https without the www
RewriteCond %{HTTP_HOST} ^(www\.)(.*) [NC]
RewriteRule (.*) https://%2%{REQUEST_URI} [L,R=301]
# match urls that are non https (without the www)
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} !^(www\.)(.*) [NC]
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
I feel like the above code is doing extra rerouting/work. Is there a more straight forward solution (for a faster performance) either in the virtual host file or .htaccess?
Thanks!
You can combine all three conditions
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} !^example\.com$ [NC]
RewriteRule ^ https://example.com%{REQUEST_URI} [R=301,L]
Explanation: if not https OR not example.com then redirect to https://example.com/xxx
To answer your question about performance: rewriting in .htaccess may be slower than rewriting in Apache config file.
I wrote an .htaccess script that appears to work. However I'm new to Apache and often times I find out later that something I put together should have been constructed differently or with better semantics.
The goal of my code is to make sure that www and HTTPS are always present in the url. I'm using 302 for testing purposes. Put simply is this code jacked up? Is there something painfully obvious that I should change?
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule .* https://www.example.com%{REQUEST_URI} [R=302,L]
</IfModule>
To enforce https and www , you can use this :
RewriteEngine on
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} !^www
RewriteCond %{HTTP_HOST} ^(www\.)?(.+)$
RewriteRule ^ https://www.%2%{REQUEST_URI} [NE,L,R]
This will redirect http://example.com or https://example.com to https://www.example.com
So I have a website which is currently running under 4 variations:
http://www.example.com / https://www.example.com
&
http://example.com / https://example.com
I am working on a solution to have all variations redirecting to:
https://www.example.com
I have read lots about how to use an Apache domain 301 redirect to solve the http to https (there seems to be lots of formulas), however I am wondering if there is a more efficient code to have all these variations 301 redirecting to the https://www. version?
Any help would be greatly appreciated as I am a complete noob when it comes to server-side htaccess language etc.
Thanks!
You can use a single 301 redirect rule to get both tasks done:
RewriteEngine On
# add www and http -> https
RewriteCond %{HTTP_HOST} !^www\. [NC,OR]
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]
RewriteRule ^ https://www.%1%{REQUEST_URI} [R=301,L,NE]
To redirect to https://www , you can use :
RewriteEngine on
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^ https://www.example.com%{REQUEST_URI} [NE,L,R=301]
basically what i want is redirect al request to use HTTPS instead of http
I have this in my htaccess so far and it worked great:
Code:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
</ifModule>
today someone noticed that when going to:
http://www.example.com it redirects to and shows an unsecure connection thingie.
My ssl is setup for non www domain: mydomain.com
So i need to make sure all site requests are sent to non www and https:
It works fine if i put example.com it redirects to https://example.com
but with www.example.com it goes to htts://www.example.com and shows the error
what do i need to add to my code to redirect www to non www and then to ssl
?
You will have to re-issue your certificate for both www and without www.
If someone connects to your site via a domain name that is not included in your common name, they will receive a warning.
The ssl negociation process happens before any response from the server (in your case, a redirection), so in all cases, your visitors will receive a warning when using a domain that is not in your common name.
You can get what you need from the HTTP_HOST
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.*)$ [NC]
RewriteRule (.*) https://%1%{REQUEST_URI} [L,R=301]
This way it will get the host always without the subdomain.
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://domain.com%{REQUEST_URI} [L,R=301,NC]
RewriteCond %{HTTP_HOST} ^www.domain.com [NC]
RewriteRule (.*) https://domain.com%{REQUEST_URI} [L,R=301,NC]
If you are using CloudFlare's free account then that's the problem. CloudFlare's free account does NOT support SSL Certificates. To continue using CloudFlare's free account with an SSL Certificate just go to the DNS settings in CloudFlare and take the orange cloud off of your domain and off of the cname WWW. That will fix your problem and cause both www and non-www to be redirected to https.
Also be sure to add this code to your .htaccess file:
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Then, everything should work!
This will redirect all of your www websites to non-www and secure them if you have completed the CERTBOT for each domain conf file. Put this in /etc/apache2/apache2.conf inside the Directory /www section:
RewriteEngine On
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www\. [NC]
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]
RewriteRule ^ https://%1%{REQUEST_URI} [L,NE,R=301]
There is no need to CERTBOT a www domain after this code is inserted. Just do the domain.com choice. You do not need htaccess files. They can be restricted by the AllowOverride None selection.
Remember to restart apache.
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.*)$ [NC]
RewriteRule (.*) https://www.%1%{REQUEST_URI} [L,R=301]
Check out this:
RewriteEngine On
RewriteCond %{HTTP_HOST}#%{HTTPS}s ^www\.([^#]+)#(?:off|on(s)) [NC]
RewriteRule ^ http%2://%1%{REQUEST_URI} [R=301,L]
RewriteCond %{HTTPS} !=on
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]