I've created a wordpress blog with Amazon Lightsail and bought several domain names on route 53. My main domain is example.com, I've also bought:
example.eu
example.be
etc.
I'm using s3 buckets to redirect every possible combination (with non www and with www) to www.example.com (in my hosted zone in route 53 it is www.example.com that is redirected to my lightsail static IP).
I've installed a Lets Encrypt SSL certificate for www.example.com
Now I would like to force HTTPS so that all requests redirect to https://www.example.com (usin 301 redirect) which I'm able to do using my s3 buckets but I'm not able to redirect www.example.com to https://www.example.com as it's associated to my static IP address.
What should I do to allow access to my blog only through HTTPS? I've searched for quite some time on the net and found some tutorials saying that I should use cloudfront to handle redirection to HTTPS but they never really apply to my situation.
So I've finally figured it out thanks to this post. I've modified the httpd-app.conf file to add an SSL redirection rule:
RewriteEngine On
RewriteBase /
#SSL redirection
RewriteCond %{HTTPS} !on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# Rewrite index.php
RewriteRule ^index\.php$ - [S=1]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
This rule allows to redirect all HTTP calls to HTTPS using the SSL certificate I installed on my server (for the domain www.example.com).
Related
few days ago I have asked my host to install an SSL certificate, to be able to load my website through https protocol. The website is now running via https properly, but I noticed that Google started indexing my website by using the IP Address instead of the domain name and this is caused some pages not being indexed properly.
After the certificate was installed, I created an .htaccess with the following code:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTP_HOST} ^11\.11\.11\.111$ [NC,OR]
RewriteCond %{HTTP_HOST} ^([a-z.]+)?example\.com$ [NC]
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://example.com/$1 [L,R=301]
</IfModule>
(IP and DOMAIN are masked, if you need actual IP and domain, I can provide them)
I was expecting all requests via IP address and via "www.example.com" to be redirected properly to "https://example.com" with https protocol and without www.
Unfortunately, if I try to type "http://11.11.11.111/" I'm being redirected properly to "https://example.com/" but if I try "https://11.11.11.111/" I am not and I get a warning (of course the certificate is not for IP address, but for domain name).
How can I force redirecting also for https + IP Address by using an htaccess declaration?
Can you please tell me what I'm doing wrong?
Thank you very much in advance for any help.
I am facing an issue with the domain redirection.
I am trying to redirect my old domain to another new one, so the current domain is for example https://example.com and the new one is https://exampleapple.com the old is using SSL and I implement SSL on the new too, the old domain redirects fine without SSL (http) but is not redirecting on (https).
Can anyone please guide me as how this works?
You can easily do that with .htaccess file. There is no need to use GoDaddy's functionality. Just add these lines to the .htaccess file in the directory of your example.com domain on your server :
RewriteEngine On
RewriteCond %{HTTP_HOST} ^example\.com$ [OR]
RewriteCond %{HTTP_HOST} ^www\.example\.com$
RewriteRule ^/?$ "https\:\/\/exampleapple\.com\/" [R=301,L]
I want to be able to redirect all visitors to a website & its subdomains to HTTPS like the following:
http://example.com -> https://www.example.com
http://www.example.com -> https://www.example.com
http://sub.example.com -> https://sub.example.com
http://www.sub.example.com -> https://sub.example.com
https://www.sub.example.com -> https://sub.example.com
Other redirects:
w (or ww, wwww, etc).example.com -> https://www.example.com
w (or ww, wwww, etc).sub.example.com -> https://sub.example.com
The redirects should be a cacheable HTTP 301 redirect. The configuration used is Apache 2.4.10 + mod-spdy, with Strict-Transport-Security (Plus a wildcard SSL cert).
Currently use the following in .htaccess:
RewriteCond %{SERVER_PORT} !^443
RewriteCond %{HTTP_HOST} ^example\.com$ [OR]
RewriteCond %{HTTP_HOST} ^www\.example\.com$
RewriteRule ^ "https://www.example.com%{REQUEST_URI}" [R=301,L]
RewriteCond %{SERVER_PORT} !^443
RewriteCond %{HTTP_HOST} ^sub\.example\.com$
RewriteRule ^ "https://sub.example.com%{REQUEST_URI}" [R=301,L]
I've been using spdycheck.org to test this, it works fine for the main domain, with the subdomains I get the following message:
HTTP Traffic Allowed
This website can still be access via HTTP. HTTP
does not provide any widely implemented mechanism for using other
protocols like SPDY. Only traffic over SSL/TLS using the NPN Extension
can be optimized with SPDY. By allowing HTTP traffic, this website is
not even offering SPDY capable browsers the choice of using SPDY. If
possible, this website should redirect all http:// to https://,
ideally with a cachable HTTP 301 redirect.
What's a good way to accomplish this? I could modify httpd.conf if required also.
If you're doing it in your httpd.conf, put in something like:
<VirtualHost _default_:80>
RewriteEngine On
RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NE,L,R=301]
</VirtualHost>
After all of your virtual hosts, and ensure that your other virtual hosts are port 443 only. This will make this redirect the global http vhost that will redirect each page individually to HTTPS and give a 301 redirect.
I recently installed my SSL certificate, and I'm attempting to enforce a https connection to all my pages. However, previously I also redirected all requests to the www version of the request page. When combining an http redirect to https and concurrently redirecting traffic to www, I get a looping redirect warning on browsers. Hence, how can I make .htcaccess rule (I actually just use the directory config file) that will achieve what i want: always https://'www'
Here's the current combination that I have:
RewriteEngine on
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^/(.*) https://%{HTTP_HOST}$1 [NC,R=301,L]
RewriteCond %{HTTP_HOST} ^mydomain.com
RewriteRule (.*) https://www.mydomain.com$1 [R=301,L]
Your question is a duplicate of htaccess redirect to https://www
Also, you can solve the WWW problem with DNS by simply pointing your naked domain to WWWizer's free naked domain redirect service's IP 174.129.25.170
Client site uses several domains leading to the same content, which is bad for SEO ("duplicated content").
example.com, www.example.com, foo.com, foo.example.com, www.foo.com and www.foo.example.com
Also, the site must now use https on all requests.
So the task now is to enforce the sole use of https://foo.example.com as the SSL certificate is for *.example.com. All other domains should be redirected to https://foo.example.com
I'm trying to implement these requirements via url rewriting in the website's root folder .htaccess file.
Rewritecond %{HTTP_HOST} !^example\.com
RewriteRule ^(.*)$ https://example.com/$1 [R=301,L]
It works, except for one use case: http://example.com
Requests pointing to http://example.com/hello do not get rewritten to the https://example.com.
So I tried
RewriteCond %{HTTPS} !^on [OR]
Rewritecond %{HTTP_HOST} !^example\.com
RewriteRule ^(.*)$ https://example.com/$1 [R=301,L]
But i get a "redirection loop" error. It means the conditions are always true, but why?
server details
Server: LAMP (Apache 2) on Red Hat Enterprise Linux Server release 6.5
UPDATE
I think my rewriting rules are correct, the issue occurs upstream. System administrator informed me that their network redirects 443 requests to the local machine's :80 port. Also, phpinfo() on a https url shows no presence of SSL flags ( HTTPS= on does not appear in phpinfo()).