HTACCESS Redirection Clarification - apache

I am trying to redirect my web page using .htaccess. For all the requests, I want to redirect to http to https. But if the URL contains substring api, I don't want this redirection. I have tried following but it always redirecting to https.
<IfModule mod_rewrite.c>
<IfModule mod_negotiation.c>
Options -MultiViews
</IfModule>
RewriteEngine On
RewriteCond %{SERVER_PORT} ^80$
RewriteCond %{REQUEST_URI} api
RewriteRule ^(.*)$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]
# Handle Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
</IfModule>

Use this instead for substring 'api' anywhere in the URI:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} !api
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
And change it like this if you only want to exclude calls like '.../api/...'
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} !\/api\/
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Related

http url added to the https url when viewed

I have a strange problem. When I open my domain in SSL mode , the http url get appended to it.
This is my http url
This is my SSL url
** other url for https are opening normally , although CSS and images are not loaded. eg Login page
I am clueless whats going on. Please help
Edit : This is my .htaccess
<IfModule mod_rewrite.c>
<IfModule mod_negotiation.c>
Options -MultiViews
</IfModule>
RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI}
# Redirect Trailing Slashes If Not A Folder...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)/$ /$1 [L,R=301]
# Handle Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
# Handle Authorization Header
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
</IfModule>
Try this
# Force https
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Edit:
Below is my live server setting working with laravel 5.2.
<IfModule mod_rewrite.c>
<IfModule mod_negotiation.c>
Options -MultiViews
</IfModule>
RewriteEngine On
# Force https
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# Force Non-www
RewriteBase /
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ https://%1/$1 [R=301,L]
# Redirect Trailing Slashes If Not A Folder...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)/$ /$1 [L,R=301]
# Handle Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
# Handle Authorization Header
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
</IfModule>

apache mod rewrite (all HTTP requests to HTTPs)

After setting up letsencrypt on a vps my these are the rewrite conditions set by letsencrypt:
RewriteEngine on
RewriteCond %{SERVER_NAME} =xy.com [OR]
RewriteCond %{SERVER_NAME} =www.xy.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
It works fine, but I would like to redirect requests to 'https://www.xy.com to https too. I tried using this code:
RewriteEngine on
RewriteCond %{SERVER_NAME} =xy.com [OR]
RewriteCond %{SERVER_NAME} =www.xy.com [OR]
RewriteCond %{SERVER_NAME} =https://www.xy.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
It doesn't work. Any idea what to do?
None of the answers worked. Here's the file which is placed in my www/html/xy/public folder. All requests will point to this, I don't know if this maybe causes the problem?
<IfModule mod_rewrite.c>
<IfModule mod_negotiation.c>
Options -MultiViews
</IfModule>
RewriteEngine On
# Redirect Trailing Slashes If Not A Folder...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)/$ /$1 [L,R=301]
# Handle Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
# Handle Authorization Header
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
</IfModule>
To make all HTTP requests go to HTTPS all you will need to use is:
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]
It basically says, if HTTPS is not ON, then it will change it to https://
Try :
RewriteEngine on
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www\.(.+)
RewriteRule ^ https://%1%{REQUEST_URI} [NC,L]
This will redirect both http or www to https://
Or you can use this :
RewriteEngine on
RewriteCond %{SERVER_NAME} ^(?:www\.)?(xy)\.com$
RewriteRule ^ https://%1%{REQUEST_URI} [END,QSA,R=permanent]

Redirect all traffic to bare domain SSL using htaccess

I'm trying to redirect all traffic through HTTPS and here's my htaccess file:
<IfModule mod_rewrite.c>
Options +FollowSymLinks -Indexes
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule ^ https://%1%{REQUEST_URI} [R=301,L]
RewriteBase /
RedirectMatch 301 /index.php/(.*)$ /$1
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?/$1 [L]
</IfModule>
<IfModule !mod_rewrite.c>
ErrorDocument 404 index.php
</IfModule>
Currently here's what's going on,
If the user types in www.domain.com it redirects to: https://domain.com which is good. I would like help in configuring the file so that if the user also types in domain.com they get redirected to https://domain.com
It would be as simple as updating your pattern:
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]
RewriteRule ^ https://%1%{REQUEST_URI} [R=301,L]

Apache Redirect certain HTTPS requests to HTTP not working

Hi I have been working on this for a while and just know I am doing something stupid but just can not see it. What I want to do is to redirect certain pages so they are always shown using HTTPS and all other pages if they are requested through HTTPS they are redirected as HTTP.
I have done lots of searching around the issue and found accepted answers on Stackoverflow that just did not work for me. So here Is my .htaccess file.
RewriteCond %{HTTPS} on
RewriteCond ${REQUEST_URI} !(finance/enquiryForm)(.*)
RewriteCond ${REQUEST_URI} !(offerentry)(.*)
RewriteRule (.*) http://dev.staging.co.uk/$1 [L,R=301]
RewriteCond %{HTTPS} off
RewriteRule ^(finance/enquiryForm|offerentry)(.*) https://dev.staging.co.uk/$1 [L,R=301]
What is currently happening is that the pages that I want to redirect from https to http work fine but the pages I want to show as HTTPS get a redirect loop and fail. If I comment out the top section the HTTPS pages I do want redirect fine. So how do I get the redirect loop to stop?
EDIT
The full .htaccess file with the codeigniter etc stuff.
Options +FollowSymLinks
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
<Files .*>
Order Deny,Allow
Deny From All
</Files>
#RewriteCond %{HTTPS} on
#RewriteCond ${REQUEST_URI} !/(finance/enquiryForm|offerentry) [NC]
#RewriteRule ^ http://%{HTTP_HOST}%{REQUEST_URI} [L,R=302,NE]
#RewriteCond %{HTTPS} off
#RewriteCond ${REQUEST_URI} /(finance/enquiryForm|offerentry) [NC]
#RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=302,NE]
# Protect application and system files from being viewed
RewriteRule ^(fuel/install/.+|fuel/crons/.+|fuel/data_backup/.+|fuel/codeigniter/.+|fuel/modules/.+|fuel/application/.+|\.$
# Remove trailing slashes
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_URI} (.*)/$
RewriteCond %{REQUEST_URI} !fuel/.*$
RewriteRule ^(.*)/$ $1 [R=301,L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule .* index.php/$0 [L]
</IfModule>
Options -Indexes
Try these rules based on THE_REQUEST variable:
RewriteCond %{HTTPS} on
RewriteCond %{THE_REQUEST} !/(finance/enquiryForm|offerentry) [NC]
RewriteRule ^ http://%{HTTP_HOST}%{REQUEST_URI} [L,R=302,NE]
RewriteCond %{HTTPS} off
RewriteCond %{THE_REQUEST} /(finance/enquiryForm|offerentry) [NC]
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=302,NE]
Test them in Chrome dev tool and see what redirects are you getting.
Try with:
RewriteCond %{HTTPS} on
RewriteCond ${REQUEST_URI} !(finance/enquiryForm|offerentry)
RewriteRule (.*) http://dev.staging.co.uk/$1 [L,R=301]
RewriteCond %{HTTPS} off
RewriteRule (finance/enquiryForm|offerentry) https://dev.staging.co.uk%{REQUEST_URI} [NE,L,R=301]

How to redirect specific links to https:// everything else to http:// using .htaccess?

I am trying to use htaccess to automatically direct all requests to certain pages to https and everything else to http://
Here is the code I've got the code to force ssl working below
RewriteEngine on
RewriteBase /
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^va-homebuyers-guide https://domain.com/va-homebuyers-guide/ [R=301,L]
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^va-purchase-request https://domain.com/va-purchase-request/ [R=301,L]
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^va-streamline-refinance https://domain.com/va-streamline-refinance/ [R=301,L]
This is working as expected and redirects to the ssl versions of those pages. I then tried adding the following to redirect everything else to http:
RewriteCond %{SERVER_PORT} !^80
RewriteCond %{REQUEST_URI} !^va-homebuyers-guide$
RewriteCond %{REQUEST_URI} !^va-purchase-request$
RewriteCond %{REQUEST_URI} !^va-streamline-refinance$
RewriteRule ^(.*)$ http://domain.com/$1 [R,L]
This code results in a redirect loop when going to /va-purchase-request /va-homebuyers-guide and /va-streamline-refinance and does not redirect the other pages at all.
I'm totally stuck with this and any help would be massively appreciated!
Edit:
I also have this code in the .htaccess file added by wordpress... Could it be interfering with the other redirects?
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
Replace your .htaccess code with this:
Options +FollowSymLinks -MultiViews
# Turn mod_rewrite on
RewriteEngine On
RewriteBase /
RewriteCond %{HTTPS} off
RewriteRule ^va-(homebuyers-guide|purchase-request|streamline-refinance)(/.*|)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L,NC]
RewriteCond %{HTTPS} on
RewriteRule (?!^va-(homebuyers-guide|purchase-request|streamline-refinance)(/.*|)$)^.*$ http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L,NC]