http to https infinite redirect - apache

I am using ZenCart and trying to ensure HTTPS onto my website. I have used the following in my .htaccess
RewriteCond %{HTTPS} off
RewriteRule ^.*$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
But I still get an infinite redirect error
In ZenCart and the configure files I have tried making both
HTTP_SERVER
HTTPS_SERVER
The HTTPS but it has no affect
I'm unsure how to force people when they enter my website at http://example.com to go to https://example.com as any .htaccess code I use causes an infinite redirect
There are no other redirects set-up and this is the only piece of code in my .htaccess file

you can avoid using .htaccess redirects.
in your zen-cart configure.php files, ensure that the HTTP_SERVER and HTTPS_SERVER are both set to: https://yoursite.com. you can then add the 3 files contained in this PR and it should work fine:
https://github.com/zencart/zencart/pull/1525/files

Related

When Pointing From http//www To https//www Appear Redirect Loop

I have some strange issue related to the redirect loop appearing.
For example, my website begin with https://www in the WordPress website general setting I have the same address that is begin with: https://www
also in this file 000-default.conf (folder site enabled) I have those lines:
RewriteEngine on
RewriteCond %{SERVERNAME} =www.test.org [OR]
RewriteCond %{SERVERNAME} =test.org
RewriteRule ^ https://%{SERVERNAME}%{REQUESTURI} [END,NE,R=permanent]
and in the .httaces file, I have nothing.
But when I enter to the browser website that begins with this one http://www I have those redirect chains:
http://www 301 redirect to https:// 301 redirect to https://www
Somebody could help how to avoid the second unnecessary chain element in order to get the redirect from http://www directly here: https://www
The best option is to set-up redirect from all those options:
http://www.
http://
https://
to https://www.
I find a solution - to use this code:
RewriteEngine on
RewriteCond %{SERVERNAME} =www.test.org [OR]
RewriteCond %{SERVERNAME} =test.org
RewriteRule ^ https://www.%1%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
So i checked all redirect scenario:
http://www.test.org/ - redirect here https://www.test.org/
http://test.org/ - redirect here https://www.test.org/
https://test.org/ - don`t redirect here https://www.test.org/
https://www.test.org/ - is ok
So as you see this url: https://test.org/ don`t redirect here: https://www.test.org/
Also actually I don`t know related it to this code or not, but also I use the special redirection plugin called "Redirection" for WordPress - I set-upped 301 redirect from the / - main page to another website.
And interesting thing - when I delete this redirect via redirection plugin all seems that works well and all redirection scenaria works well, but when I use the redirection plugin only this one scenario:
https://test.org/ - don`t redirect here https://www.test.org/
don`t work.
Tell, please should we customize the code that I provided or the problem in this "Redirection" plugin and could you help with this issue?
Many thanks

How do I redirect an entire site to a new domain using .htaccess?

I have a site that is moving to a new URL, an exact copy of the original with the same pages and URL structure. I'm working with the old domain's .htaccess file to redirect to the new one, and have this:
Options +FollowSymlinks
RewriteEngine On
RewriteCond %{HTTP_HOST} ^oldsite.com$ [OR]
RewriteCond %{HTTP_HOST} ^www.oldsite.com$
RewriteRule (.*)$ http://newsite.ca/$1 [R=301,L]
The redirect works when I go to oldsite.com or www.oldsite.com works as expected, and redirects to newsite.ca
However, when I go to something like oldsite.com/blog/, no redirect happens. It just stays at the same URL.
I want to be able to redirect every page to the new site, not just the root.
oldsite.com/blog/ should redirect to newsite.ca/blog/
I need this for the whole site without having to go through and redirect every single page individually. Is this possible?
Figured it out-
I moved my code to the top of the .htaccess file.
The code wasn't being executed because there was a www to non-www before it. Apparently the code is run in order, and if a redirect is found, it will not run another kind of redirect following it.

Forcing https using modrewrite in apache conf losing basic authentication credentials

I'm trying to force https with a system that uses basic authentication in the URL but when I add the following lines to the apache configuration files:
ReWriteCond %{SERVER_PORT} !^443$
RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R]
the results are 302 errors.
If someone types as the URL:
http://username:password#example.com/api_name.php
Based on the access log, I think the redirect is going to:
https:example.com/api_name.php
What I want is it to redirect to:
https://username:password#example.com/api_name.php
But I also want:
http://example.com/api_name.php
to correctly redirect to:
https://example.com/api_name.php
and not:
http://:#example.com/api_name.php
URL's without credentials contained within the string are working fine and redirect correctly.
How would I make this work?

301 Redirect from http to https same page name

checked the Forum but could not find an ideal answer. I have recently installed a SSL Certificate on my site and in the process of creating 301 redirects via the .htaccess file for nearly 400 page urls (to keep Google happy). I thought of using;
redirect 301 /contact.php https://www.mydomainname.co.uk/contact.php
but it breaks the site. The only solution I have seen is;
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule ^contact\.php$ https://www.mydomainname.co.uk/contact.php [L,R=301]
The above seems a lot of code to use for each of the 400 pages! is there a quicker way with less code I can use in the .htaccess file?
Many thanks. Hope someone can advise.
There are two basic ways of redirecting pages with Apache: Redirect (of mod_alias) and RewriteRule etc. (of mod_rewrite).
Redirect is very simple: it will just redirect a single URL to another. It can be useful sometimes, but it's usefulness is limited to its simplicity: in the case of HTTP-to-HTTPS redirection, it can't differentiate between HTTP and HTTPS connections, so it will just try to redirect to HTTPS even if you're already on HTTPS (and thus you end up in an infinite redirect loop).
RewriteRule, on the other hand, is more advanced and flexible. You can use RewriteCond to conditionally redirect requests; in your case, you'd want to redirect requests only if they're on a HTTP connection.
As you mentioned, you want to redirect to HTTPS for many (I presume all) requests; you can easily do this with only a single rule:
# Enable rewrites
RewriteEngine on
# Only run next RewriteRule on HTTP connections (not HTTPS)
RewriteCond ${HTTPS} off
# Redirect any page to the same URL with https:// schema
RewriteRule (.*) https://${SERVER_NAME}/$1 [L,R=301]
(The ${SERVER_NAME} variable will automatically be equal to your domain name, so you can even use this on web servers with multiple domain names.)

how to get ride of faulty 301/2 redirects?

In my .htaccess I set a (couple) of 301 redirects. They are picked up only to create a infinite loop.
For example I set the following code:
Redirect 301 / http://example.com/nl
Which keeps the browser redirecting to example.com/nl -> example.com/nl/nl -> example.com/nl/nl/nl -> example.com/nl/nl/nl/nl -> etc.
Another one which keeps prepending www. to the domain name (www.www.www.www.www.example.com).
And a few other I set up trying to fix the mess. Of course the first thing I did was to revert .htaccess to the original format. However all redirects are still in effect! (on multiple browser/machines/"privacy browser"/IPS).
For testing tried adding this:
Redirect 301 /test http://www.google.com
This sends the browser to google if you go to example.com/test.
But if I change it to
Redirect 301 /test http://www.drupal.org
or
Redirect 302 /test http://www.drupal.org
or
RewriteCond %{REQUEST_URI} !^/$ [NC]
RewriteRule ^ http://www.example.com [L,R=301]
or
remove the code completely.
It still keeps going to google instead of drupal.org.
How do I get rid of these faulty redirects? :(
Since 301 is the code for Permanent Redirection, it would make sense that it is somehow cached. Try clearing your cache and see if the problem persists.