I'm trying to redirect http to https on all pages via an htaccess in the main root of the website (shared hosting). I can't understand why this isn't working? This is the entire content of the htaccess file. Whilst there seem to be similar questions already asked on Stackoverflow, I can't find any solutions that would seem to be of help.
There is one folder/directory on the website that requires SSL so I can't disable SSL on the whole website. That folder has its own htaccess file.
The second chunk of code is very standard as it's a Joomla website. I can't imagine the issue would be in there?
RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
##### Joomla! core SEF Section -- BEGIN
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteCond %{REQUEST_URI} !^/index\.php
RewriteCond %{REQUEST_URI} /component/|(/[^.]*|\.(php|html?|feed|pdf|raw|ini|zip|json|file|vcf))$ [NC]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule .* index.php [L]
##### Joomla! core SEF Section -- END
If you use joomla first disable ssl, than use above code because I have use this code also and its working.
RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
Related
I have made a .htaccess file to redirect all website traffic to https://www..
This is my complete .htaccess file:
RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\.example\.com [NC]
RewriteRule ^(.*)$ https://www.example.com/$1 [R=301,L]
The below redirects work exactly as expected:
http://example.com -> https://www.example.com
https://example.com -> https://www.example.com
https://www.example.com -> https://www.example.com
Except:
http://www.example.com -> http://www.example.com
As shown above, if you go to http://www. it doesn't redirect to the HTTPS version.
Can anyone help me understand why the other redirects are working fine, but that one is not?
Additional Notes: I have looked at a number of posts on StackOverflow, but most of their solutions end in redirect loop errors.
After contacting 123-Reg (my hosting provider), they submitted this solution, which works perfectly:
RewriteEngine on
RewriteCond %{HTTP_HOST} ^example.com [NC]
RewriteRule ^(.*)$ http://www.example.com/$1 [L,R=301,NC]
RewriteCond %{ENV:HTTPS} !=on
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]
Basically they have set the script to do two tasks: Change domain to WWW, if it isn't already, THEN change to HTTPS. Also, they used ENV:HTTPS, which is different to what was found in their documentation (ENV:SSL).
Glad to have to this sorted, and maybe this will help out others using 123-Reg Hosting.
RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\.example\.com [NC]
RewriteRule ^(.*)$ https://www.example.com/$1 [R=301,L]
As you have found, this won't redirect when requesting the canonical hostname (ie. www.example.com) regardless of whether it is HTTP or HTTPS.
You need to change this to something like:
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} !^www\.example\.com
RewriteRule (.*) https://www.example.com/$1 [R=301,L]
This will trigger a redirect to the canonical URL if HTTPS is "off" or it's not the canonical hostname.
...but most of their solutions end in redirect loop errors.
If you are behind a proxy (eg. CloudFlare) that is managing your SSL cert then this could still result in a redirect loop because the connection between you and the proxy might be HTTP, not HTTPS. This would mean that your server only serves content over HTTP, not HTTPS. If this is the case then there are additional headers that can be checked on the request (eg. X-Forwarded-Proto) or set a "page rule" in the case of CloudFlare (Flexible SSL - free service).
UPDATE#1: 123-Reg provide a help document regarding SSL. It seems they set an SSL environment variable when "the connection is SSL-secured". This would mean that you could potentially do something like the following instead:
RewriteCond %{ENV:SSL} ^$ [OR]
RewriteCond %{HTTP_HOST} !^www\.example\.com
RewriteRule (.*) https://www.example.com/$1 [R=301,L]
This is, however, non-standard and "unique" to 123-Reg. (Aside: The PHP code suggestion in the 123-Reg linked document is not the recommended way to check the environment variable, as this would result in an E_NOTICE if the variable is not set!?)
You should also ensure your browser cache is cleared before testing.
UPDATE#2: To help with debugging... to find out what values are being returned, you could assign some Apache values to environment variables and check the values of these in your server-side script (eg. PHP?). For example:
RewriteCond %{HTTPS} (.*)
RewriteRule ^ - [E=APACHE_HTTPS:%1]
# You don't really need this, but for completeness...
RewriteCond %{ENV:SSL} (.*)
RewriteRule ^ - [E=APACHE_SSL:%1]
RewriteCond %{HTTP:X-Forwarded-Proto} (.*)
RewriteRule ^ - [E=APACHE_PROTO:%1]
Then check the environment variables APACHE_HTTPS, APACHE_SSL and APACHE_PROTO in your server-side script. (eg. in PHP, use the getenv() function.)
After lots of issues with 123 Reg and redirecting all versions of pages to single relevant https page with Wordpress, this is what has worked for me across multiple sites now and has proven effective in terms of SEO. Hope it helps!
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{ENV:HTTPS} !=on
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
I have 3 domains and one hosting. I am trying to use the same hosting for all of my three domains through htaccess. So, I created a subdomains with that name on my domain linked with hosting, which looks something like below.
www.site1.com [Main domain linked with hosting]
site2.site1.com [subdomain for www.site2.com]
site3.site1.com [subdomain for www.site3.com]
What I want to achieve is, user shouldn't go to subdomain site2.site1.com, instead they would be able to go to www.site2.com only and request will be sent to site2.site1.com at backend.
Up to here, all is done and worked well. The only problem comes afterwards, when I adds SSL on site. I have SSL for all of these domain and subdomain. If a user visit non-ssl, then he should be redirected to SSL one. Some of SSL works well but when I add SSL for all of them, then I start getting 500 error.
Here is my .htaccess file
RewriteEngine On
DirectoryIndex index.php
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{HTTP_HOST} ^site2.com
RewriteRule ^(.*) https://site2.site1.com/$1 [P]
RewriteCond %{HTTP_HOST} ^www.site2.com
RewriteRule ^(.*) https://site2.site1.com/$1 [P]
RewriteCond %{HTTP_HOST} ^site3.com
RewriteRule ^(.*) https://site3.site1.com/$1 [P]
RewriteCond %{HTTP_HOST} ^www.site3.com
RewriteRule ^(.*) https://site3.site1.com/$1 [P]
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
As I add https on redirection link, so it start giving me 500 error whereas when I make redirection to http then it will not load my page because non-secured site http://site2.site1.com will be loaded over secured https://www.site2.com and in a result, nothing will be shown.
Here I need help to resolve this problem. I have looked over different questions but haven't found any question relevant to me because I need to keep my .htaccess working with redirection and SSL. Moreover, I also need to redirect to www one, if not added in URL.
Any help will be appreciated.
Like, all the times I experienced here I have resolved my problem myself. The resolution to my problem was the following htaccess
RewriteEngine On
DirectoryIndex index.php
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{HTTP_HOST} ^site2.com
RewriteRule ^(.*) site2/$1
RewriteCond %{HTTP_HOST} ^www.site2.com
RewriteRule ^(.*) site2/$1
RewriteCond %{HTTP_HOST} ^site3.com
RewriteRule ^(.*) site3/$1
RewriteCond %{HTTP_HOST} ^www.site3.com
RewriteRule ^(.*) site3/$1
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
In this way instead of pointing the URL to subdomain having https I have reference that to the directory instead because path will be same for that, and now when I enter the URL with https page opens and don't give any error.
I have a forum and a website which were located in / (root) and /website/. Now, I moved my forum to /forum/ in order to organize the web server better and to be actually able to find something when needed.
What I want to do is somehow redirect requests like
www.mywebsite.com
http://mywebsite.com/
http://www.mywebsite.com/
to /website/ and any request made to my base url but followed by a page (www.mywebsite.com/index.php as an example) to my /forum subfolder.
Is that even possible to do en-mase ? Or can I least redirect if I match a specific file ?
Rule that redirects requests to base url over to my website folder that I have in my .htacces already.
RewriteCond %{HTTP_HOST} ^domain.com$ [OR]
RewriteCond %{HTTP_HOST} ^www.domain.com$
RewriteRule ^/?$ "http\:\/\/www.domain\.com\/website_folder\/" [R=301,L]
Thank you for your help.
You can use this code in your DOCUMENT_ROOT/.htaccess file:
RewriteEngine On
RewriteRule ^/?$ /website_root/ [L]
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^((?!(?:website_root|forum)/).+)$ /forum/$1 [L,NC]
I have a small blog in generated with Jekyll up on a shared Apache server. I have been following this guide to set up the server so that I can update the site by pushing changes via GitHub, but I haven't even gotten that far yet. The .htaccess rewrite rule to point the domain to the generated /_site subdirectory has me stumped. The code I'm using (below) is redirecting the site correctly, but the guides I've read say that this code should hide the subdirectory from the URL, and this is not happening. It works correctly on the homepage, but subpages still have /_site/ in their URL. Any ideas?
My website
.htaccess file
RewriteEngine on
RewriteCond %{HTTP_HOST} ^(www.)?joejoiner.tk$ [NC]
RewriteCond %{REQUEST_URI} !^/_site/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ /_site/$1
RewriteCond %{HTTP_HOST} ^(www.)?joejoiner.tk$ [NC]
RewriteRule ^(/)?$ _site/index.html [L]
Add a trailing / to the end of line 6 in the above code block, like so:
RewriteRule ^(.*)$ /_site/$1/
I am trying to get SSL working for my site on a LAMP server. When I type any page address on the site as https://www.example.com it gets redirected to http://www.example.com.
I think the SSL would work (or at least I could get it to) if I could get the server to go through HTTPS but it just refuses, and always changes to HTTP. The site utilises Joomla! but I am pretty sure it's not relevant, as:
I have another almost identical Joomla! site on the same server, and SSL works successfully.
SSL certificate has been checked and is valid and installed correctly.
There are no PHP redirects.
There are no .htaccess redirects directly pertaining to HTTP/S, etc.
.htaccess
Options +FollowSymLinks
RewriteEngine On
RewriteCond %{QUERY_STRING} base64_encode[^(]*\([^)]*\) [OR]
RewriteCond %{QUERY_STRING} (<|%3C)([^s]*s)+cript.*(>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
RewriteRule .* index.php [F]
RewriteRule ^order/payment(/?.*)$ /payment [R=301,L]
RewriteRule ^order/complete$ /index.php?option=com_cake&task=orders&id=complete [L]
RewriteRule ^order2$ /index.php?option=com_cake&task=orders&id=index [L]
RewriteRule ^order/2$ /index.php?option=com_cake&task=orders&id=index [L]
RewriteRule ^payment/(.+)$ /index.php?option=com_cake&task=payments&id=$1 [L]
RewriteRule ^admin/(.+)$ /index.php?option=com_cake&task=admin&id=$1 [L]
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteCond %{REQUEST_URI} !^/index\.php
RewriteCond %{REQUEST_URI} /component/|(/[^.]*|\.(php|html?|feed|pdf|vcf|raw))$ [NC]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule .* index.php [L]
So why is the site redirecting? Any ideas?
For anyone who knows Joomla! I tried installing this plugin http://www.yireo.com/software/joomla-extensions/ssl-redirect and tried enabling the 'Secure' option on my home page and it doesn't work. I assume this is because it probably is working but the server is redirecting to HTTP again, for some unknown reason.
The easy way to rule out any Joomla configuration issues is to upload an empty file in to the root directory. Call it ssltest.html, then access that file using https. If it still redirects then you have a server/certificate installation issue and your host needs to check it out.
TRY
RewriteEngine on
Options +FollowSymLinks
# Rewrite to https
RewriteCond %{HTTPS} off
RewriteRule ^(.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L,QSA]
If you have the Joomla Force SSL option in global configuration set and it's not working would you please report it as a bug?