htaccess RewriteRule to https doesn't work combined with other rules - apache

I'm trying to set a few rules in my .htaccess to work in a specific way:
Specific page redirections:
RewriteRule "^web/site/mais$" https://www.main.com/front/for-you/insurance/ [R=301,L]
Home redirection
RewriteRule ^$ https://www.forexample.com.br/for-you/ [R=301,L]
RewriteRule ^/$ https://www.forexample.com.br/for-you/ [R=301,L]
HTTP to HTTPS and add www to the rest (this is what doesn't work), i tried many things:
RewriteCond %{HTTP_HOST} !^www\.
RewriteCond %{HTTPS} !^on$ [OR]
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule (.*) https://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
RewriteCond %{HTTP_HOST} ^www\.
RewriteCond %{HTTPS} !^on$ [OR]
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
Other way I tried forgotting the www rule (but doesn't work too):
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
The only way I found to combine is writting the general https and www rule in the httpd.conf and the other rules into the .htaccess, but this way I get two or more 301 redirects, bad business for SEO.

Do you have the same problema with all the directories or only with some?
Because if you have ProxyPass (as you said), maybe it send you the redirections directly to Tomcat, so maybe you need to specify the rules into the ssl.conf to read that rules before leave the ssl.conf. Try to write the last you wrote into the ssl.conf after the ProxyPass

If you want to redirect some spacific pages to https, forexample, To redirect :
http://example.com/page.html
to
https://www.example.com/page.html
And
http://example.com/page2.html
to
- https://www.example.com/page2.html
You may try the following :
RewriteEngine on
RewriteCond %{HTTP_HOST} !^www\. [OR]
RewriteCond %{HTTPS} off
RewriteRule ^(page|page2)\.html$ https://www.example.com/$1.html [L,R]
If you want to redirect the whole site from http to https, you can use the following :
RewriteEngine on
RewriteCond %{HTTP_HOST} !^www\. [OR]
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://www.example.com/$1 [NC,L,R]

Related

rewrite/redirect http:// and http://www to https:// using htaccess

I'm new to editing htaccess files. What I want to do is:
rewrite/redirect specific subdomains eg subdomain1, subdomain2, etc from:
https://www.subdomain.example.com
http://www.subdomain.example.com
http://subdomain.example.com
To:
https://subdomain.example.com
I've pieced the below code together from other questions, but it doesn't seem to be working.
Can anyone explain what I'm doing wrong and help me fix the code.
RewriteEngine on
RewriteCond %{HTTPS} !on
RewriteCond %{SERVER_PORT} ^80$
RewriteCond %{HTTP_HOST} ^subdomain\.example\.com$ [NC]
RewriteRule .? https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
To canonicalise ("redirect") only the specific subdomain ...
https://www.subdomain.example.com
http://www.subdomain.example.com
http://subdomain.example.com
To:
https://subdomain.example.com
You would need to do it something like this near the top of your .htaccess file:
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www\. [NC]
RewriteCond %{HTTP_HOST} ^(?:www\.)?(subdomain\.example\.com) [NC]
RewriteRule ^ https://%1%{REQUEST_URI} [R=301,L]
The 3rd condition ensures that it only applies to the specific subdomain.
To make this apply to several subdomains (assuming the no-www is canonical for all subdomains) then you could modify just the 3rd condition to identify the subdomains that it should apply to. For example:
RewriteCond %{HTTP_HOST} ^(?:www\.)?((?:subdomain1|subdomain2|subdomain3)\.example\.com) [NC]
Test with a 302 (temporary) redirect to avoid potential caching issues. You will need to clear your browser cache before testing.
RewriteCond %{HTTPS} !on
RewriteCond %{SERVER_PORT} ^80$
RewriteCond %{HTTP_HOST} ^subdomain\.example\.com$ [NC]
RewriteRule .? https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
This is along the right lines, but it fails to target HTTPS or the www sub-subdomain. Also, checking %{HTTPS} !on and %{SERVER_PORT} ^80$ are really the same thing.
You can use the following :
RewriteEngine on
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www\.
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+) [NC]
RewriteRule ^ https://%1%{REQUEST_URI} [R,L]
This will redirect all subdomains from http://www to https:// .
For the subdomain.example.com you can use the following :
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} ^subdomain\.example\.com [NC]
RewriteRule ^ https://subdomain.example.com%{REQUEST_URI} [R,L]

Https to http redirect using htaccess for a single PHP file

I am trying to redirect https://demo.aurazoscript.com/surf.php?id=15 to http://demo.aurazoscript.com/surf.php?id=15. I tried the following in .htaccess but that doesn't work. It turns off forced HTTPS redirection for the whole website which I don't want. I only want it to be turned off for that single page surf.php.
I tried in .htaccess
# FORCE HTTPS
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} \/(surf.php)
RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]
# DISABLE HTTPS
RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} !\/(surf.php) [NC]
RewriteRule ^(.*)$ http://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]
I am using Flexible SSL from CloudFlare.
I think you do it opposite way , try this at the beginning of .htaccess file after RewriteEngine On:
RewriteCond %{HTTP:X-Forwarded-Proto} https [OR]
RewriteCond %{HTTPS} on
RewriteRule ^surf\.php http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{HTTP:X-Forwarded-Proto} !https [OR]
RewriteCond %{HTTPS} off
RewriteRule !^surf\.php https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Note: clear browser cache then test .

.htaccess allow one url to be accessed either via HTTPS or HTTP

I have a rewrite rule in .htaccess that redirects our site to HTTPS
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule .* https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
I need to leave one url open to work both HTTP and HTTPS (http://www.myhost.com/api and https://www.myhost.com/api). How do I need to modify my above code
Try below rule,
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} !^/support/registration_service
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule .* https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Above rule excluding the uri /api to be forced to https so you can use www.myhost.com/api for both scheme.

Combining Rules in .htaccess file?

I'm wondering how to connect these two rewrite rules in one .htaccess file. Currently, I force https connections to my website with this rule:
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteCond %{ENV:HTTPS} !=on
RewriteCond %{HTTP_HOST} !=SERVER_NAME
RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]
Now I want to redirect from my www-subdomain to my real domain. There is a high rated answere here:
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ http://%1/$1 [R=301,L]
But I fail to put these two together.
You can use:
RewriteEngine On
# if with www, redirect to https domain without www
RewriteCond %{HTTP_HOST} ^www\.(.+) [NC]
RewriteRule ^ https://%1%{REQUEST_URI} [NE,L,R=301]
# if http, redirect to https
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [NE,L,R=301]
If you test first for www and redirect to https, no need to test for http://www.
Or like #PanamaJack said, you just can use:
RewriteEngine On
RewriteCond %{HTTP_HOST} ^www\. [NC,OR]
RewriteCond %{HTTPS} off
RewriteRule ^ https://domain.com%{REQUEST_URI} [NE,L,R=301]
But you need to change the domain name.

Mod rewrite, redirect all to https except specific URI and redirect that URI from https to http

So I've been hitting a wall have have tried many different options, and configurations. I'm trying to redirect my site to https with the exception of one specific URI which I want to be redirected from https to http and then remain http. I would greatly appreciate any help. This is being done from the virtualhost configuration. Below are the settings I have tried in pairs with ssl.conf and mysite.conf. However I keep either getting a redirect loop or a page that doesn't load.
mysite.conf
RewriteEngine on
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} !/example
RewriteRule ^(.*)$ https://my.site.com$1 [R,L]
or
RewriteCond %{HTTPS} !=on
RewriteCond %{REQUEST_URI} ^(/|page1|page2)
RewriteRule ^(.*)$ https://my.site.com$1 [R,L]
or
RewriteCond %{HTTPS} !=on
RewriteCond %{REQUEST_URI} !=/example
RewriteRule ^(.*)$ https://my.site.com$1 [R,L]
or
RewriteCond %{REQUEST_URI} =/example
RewriteRule ^(.*)$ http://my.site.com$1 [R,L]
Plus one of the above.
Then in ssl.conf
RewriteEngine on
RewriteCond %{REQUEST_URI} =/example
RewriteRule ^(.*)$ http://my.site.com$1 [R,L]
This should do it for you. Place the most specific rule (that for /example) first.
RewriteEngine on
RewriteCond %{HTTPS} =on
RewriteRule ^/?example$ http://my.site.com/example [R=301,L]
RewriteCond %{HTTPS} !=on
RewriteCond %{REQUEST_URI} !^/?example$
RewriteRule ^/?(.*)$ https://my.site.com/$1 [R=301,L]
This should work in either server (.conf) or directory (.htaccess) context.