Could anyone tell me how I can force https on my whole website but not on a single folder or url.
At the moment I have this code:
RewriteEngine On
RewriteCond %{HTTP_HOST} ^thatmysite\.com [NC]
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://thatmysite.com/$1 [R,L]
But if I add this second code in the root htaccess to remove https from the /thatsite.com/printing folder, I get a redirect loop because I am forcing on the code http to https and not https to http...
RewriteCond %{HTTP:X-Forwarded-SSL} !on
RewriteCond %{REQUEST_URI} ^\/(printing)
RewriteRule (.*) https://%{HTTP_HOST}/$1 [L,R=301]
RewriteCond %{HTTP:X-Forwarded-SSL} =on
RewriteCond %{REQUEST_URI} !^\/(printing)
RewriteRule (.*) http://%{HTTP_HOST}/$1 [L,R=301]
Do you know a way around this please? I have been looking all over the internet and cannot find a single good answer.
Try these 2 rules at top of your .htaccess:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{THE_REQUEST} !/printing [NC]
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{HTTPS} on
RewriteCond %{THE_REQUEST} /printing [NC]
RewriteRule ^ http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
I solved this issue by placing this code in an .htaccess file the root folder of the directory that hosts the http site (e.g. public_html)
RewriteEngine on
RewriteCond %{REQUEST_URI} !^/TheFolderYouCanAccessWithoutHttp/
RewriteRule (.*) https://yourdomain.xyz/$1 [R=301,L]
Related
I have a problem that I don't understand with symfony. I would like to force https and www on my .htaccess, but I don't understand anything with symfony.
Here is my .htaccess inside www file
RewriteEngine on
RewriteBase /
RewriteCond %{REQUEST_URI} !^/public/
RewriteRule ^(.*)$ /public/$1 [L]
And in my public file
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ index.php [QSA,L]
I don't know what I need to write and where ...
Include in your .htaccess file:
RewriteCond %{HTTPS} off
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule .* https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
The first two lines are for redirecting to https, the second two lines for www.
try this in your .htaccess file :
RewriteCond %{SERVER_PORT} !^443$
RewriteRule .? https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
I was trying to configure my htaccess file which will redirect from http to https with following lines of statement. But it couldn't .
Note: i don't want the www before the site URL as well.
What could be possible error of my code. Anyone please suggest.
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ https://%1%{REQUEST_URI} [R=301,L]
Problem appears to be this line:
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
This line makes this rule work for domain with starting www only.
You need to make starting www optional by using:
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]
RewriteRule ^ https://%1%{REQUEST_URI} [R=301,L,NE]
As another solution, if you have only one domain name (www.)example.com, you can use more readable:
RewriteEngine on
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www [NC]
RewriteRule ^ https://example.com%{REQUEST_URI} [R=301,L,NE]
Try the following:
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]
Also, you can also redirect based on port number, for example:
RewriteCond %{SERVER_PORT} ^80$
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]
This will redirect all requests received on port 80 to HTTPS.
I've played around with this for hours, trying to get it right. It seems to be working the way I want, but I'm getting this Apache error.
I want to set it up so if someone visits my main URL they're directed to https and www, so I have this in the htaccess file in the main public_html directory.
Options +FollowSymLinks
RewriteEngine On
RewriteCond %{HTTP_HOST} !^www.domain.com
RewriteRule ^(.*)$ https://www.domain.com/$1 [R=301,L]
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301,NE]
Next I want anyone who hits subdomain.domain.com or domain.com/subdomainname to redirect to https://subdomain.domain.com, so I have this in the .htaccess file in the subdomain folder.
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
RewriteCond %{HTTP_HOST} ^subdomain\.domain\.com$ [OR]
RewriteCond %{HTTP_HOST} ^www\.subdomain\.domain\.com$
RewriteRule ^/?$ "https\:\/\/subdomain\.domain\.com\/" [R=301,L]
Any hints as to what I'm doing wrong?
Replace your subdomain .htaccess by this:
RewriteEngine On
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} !=subdomain.domain.com
RewriteRule ^(.*)$ https://subdomain.domain.com/$1 [R=302,NE,L]
Per: https://exp-resso.com/blog/post/2011/08/securing-your-expressionengine-website-with-https
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond $1 ^(member|account|checkout|system) [NC]
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
This tells your server “If HTTPS is off, and the request starts with
member OR account OR checkout OR system (not case sensitive), redirect
to https://current-domain/current-page”. It’s a nice simple method of
locking down entire subfolders / template groups.
I've added this to my htaccess file like this:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond $1 ^(sign-in|sign-up) [NC]
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</IfModule>
However, when I go to my http://mydomain.com/sign-in, the URL doesn't change to https://mydomain.com/sign-in. Any idea what's wrong?
EDIT 1:
My htaccess also has the following (to remove "www") and I wonder if having both might be causing the problem?
RewriteCond %{HTTPS} !=on
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule ^ http://%1%{REQUEST_URI} [R=301,L]
EDIT 2:
Process of elimination, it turns out this is causing the problem:
<IfModule mod_rewrite.c>
RewriteEngine On
# Removes index.php from ExpressionEngine URLs
RewriteCond $1 !\.(gif|jpe?g|png)$ [NC]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ /index.php/$1 [L]
</IfModule>
When I comment out the RewriteRule, the https:// is forces. What's causing the conflict?
Try to put (sign-in|sign-up) condition inside RewriteRule:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(sign-in|sign-up)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,NC,R=301]
What about this? (If port == 80 then redirect )
RewriteEngine on
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} member [OR]
RewriteCond %{REQUEST_URI} account [OR]
RewriteCond %{REQUEST_URI} checkout [OR]
RewriteCond %{REQUEST_URI} system
RewriteRule ^(.*)$ https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]
First make sure that rewrite works on your server and that the htaccess is read (e.g. by issuing a redirect on every URL).
Then use RewriteCond %{REQUEST_URI} ^/(sign-in|sign-up) instead of RewriteCond $1 ^(sign-in|sign-up) [NC]
It works and is easier to read too
So you htaccess should look like this
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteCond %{REQUEST_URI} ^/(sign-in|sign-up) [NC]
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
I have the following problem. I have a site where some pages must be redirected to the https-secured equivalent of the link.
I tried several things but in the end it seems that the server ends up in a loop redirecting :(
Now I redirect every page to the https page but that is not what I want to.
This is the code I use right now:
RewriteCond %{http_host} ^www.domain.nl
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^(.*)$ https://www.domain.nl/$1 [L,R=301]
I would like to have al urls starting with bo- have https.
examples:
http://www.domain.nl/bo-users -> redirects to https://www.domain.nl/bo-users
http://www.domain.nl/bo-groups -> redirects to https://www.domain.nl/bo-groups
but
http://www.domain.nl/about-us -> stays at http://www.domain.nl/about-us
It is clear to me I need some wildcards in the rewrite condition for all urls startin with bo-.
We are using apache on the server.
Hope someone can send me in the right direction.
Thanks,
Frank
Update after the tips from Anubhava.
I current;y have this htaccess but I can't get it working (even when clearing the cache in my browser)
Options +FollowSymlinks
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} ^www.domain\.nl$ [NC]
RewriteCond %{HTTPS} on
RewriteRule !^bo- http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301,NC,NE]
RewriteCond %{HTTP_HOST} ^www.domain\.nl$ [NC]
RewriteCond %{HTTPS} off
RewriteRule ^bo- https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301,NC,NE]
#rewrites een url to www.
RewriteCond %{HTTP_HOST} ^[a-z0-9-]+\.[a-z]{2,6}$ [NC]
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$0 [L,R=301]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php/$1 [L]
Hope for some extra help!
Thanks,
Frank
I just opened another call. The initial answer worked fine!
Use this rule:
# force HTTPS for bo- URIs
RewriteCond %{HTTP_HOST} ^(www\.)?domain\.nl$ [NC]
RewriteCond %{HTTPS} off
RewriteRule ^bo- https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301,NC,NE]
# force HTTP for non bo- URIs
RewriteCond %{HTTP_HOST} ^www.domain\.nl$ [NC]
RewriteCond %{HTTPS} on
RewriteRule !^bo- http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301,NC,NE]