www to non-www redirect not working using apache config or htaccess - apache

I've placed the following lines in my apache config and in the .htaccess, but neither approach redirects to the non-www url. I need the www url to go to the non-www url based on how the SSL cert is registered.
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} ^www\.mydomain\.com$ [NC]
RewriteRule ^(.*)$ https://mydomain/$1 [L,R=301]

This is not fixable, other than making sure that all links to your site use mydomain.com instead of the www-variant. With https, during the handshake, the browser will verify the certificate that is being used. When it detects that the certificate is invalid, it won't continue with the request, because from that point on, the certificate can be of anyone, and thus the connection is not secure.
Long story short: Because the browser will not go through with the request, the server will never have the chance to issue a redirect. Only if the user clicks through, the request will be finished and the browser will continue with the redirect.

Related

301 Redirect in .htaccess gives certificate warning on original URL first

My site has a certificate but it's not a wildcard certificate. So it's for example.com, not for *.example.com.
Not a problem I thought, I'll just redirect any visitor to the proper URL through mod_rewrite:
RewriteEngine On
RewriteBase /
# Following two lines to strip machine name
RewriteCond %{HTTP_HOST} !^example.com [NC]
RewriteRule ^(.*)$ https://example.com%{REQUEST_URI} [L,R=301]
# Following two lines make sure the https version is always served
RewriteCond %{HTTPS} off
RewriteRule (.*) https://example.com%{REQUEST_URI} [L,R=301]
Now, the redirect actually works. When someone types in https://www.example.com/page, he will eventually be redirected to https://example.com/page.
But...
The browser first displays a warning that https://www.example.com is insecure. Only when I add an exception, will it be redirected to https://example.com/page which does not give a certificate error...
What am I doing wrong here?
Nothing. SSL negotiation occurs at the transport (TCP) level, not HTTP (even when using SNI) but the point is that the certificate is not valid for the requested domain. When the connection is initiated to www. the browser will request the certificate and compare the url with the CN in the cert and since it isn't there, it'll raise the alert.
To resolve this issue you will need a certificate that includes both ServerName and ServerAlias names. You could maybe try some DNS provider that offers DNS HTTP redirection, but getting a certificate is quite easy this days.

301 redirect from another domain

WE have a whole bunch of subdomains from another domain that are pointing to our server. So I am trying to do a 301 redirect from any subdomain at that domain to point to ours
eg.
sub1.domain.com 301 redirect to ourdomain.com
sub2.domain.com 301 redirect to ourdomain.com
There could be any number of subdomains pointing to it.
What should the 301 redirect look like for this?
I have this:
RewriteCond %{HTTP_HOST} *\.domain\.net\.au$ [NC]
RewriteRule ^ https://ourdomain.com%{REQUEST_URI} [R=301,L,NE]
but this returns a internal error, if I replace the * with an actual domain it sort of works.
PArt two of this question is about https, our site is always https, when you click on a link in google that goes to one of these domains, its tries to take them to https://sub1.domain.com
Even when I put in the redirect , it still tries to go to https://sub1.domain.com, which causes the browser to give a "this is not safe" error, is there any way via the 301, to make it so it goes directly to our domain without it giving the https error on the other domain first?
Here is part one:
RewriteCond %{HTTP_HOST} [^.]+\.domain\.net\.au$
RewriteRule ^ https://ourdomain.com%{REQUEST_URI} [R=301,L]
As for part two, no, that can't be done. HTTPS certificate negotiation has to happen before the connection is established to issue the redirect. All you can do is get a wildcard SSL certificate or provide a valid certificate for the subdomains in some other way. It can't be done without a valid certificate unless you accept the "not safe" errors, which most visitors won't. But once the redirects are in place for a while, the listings will be dropped by Google anyway.

Web server keeps redirecting to HTTP

I'm trying to use CloudFlare page rule to redirect to https but when I set it up it gives me the redirect loop and keeps changing back and fourth between http and https. I deleted my .htaccess file and deleted every redirect I had in the control panel. Still not working. Neither my webhost support or CloudFlare support can help. This is my page rule setup as CloudFlare support told me to set it:
URL pattern: http://.kohlercoding.dk/
setting: always use https
If you can edit the .htaccess file try this:
RewriteCond %{HTTP_HOST} ^website.com [NC]
RewriteRule ^(.*)$ https://www.website.com/$1 [L,R=301]
RewriteCond %{HTTPS} =off
RewriteCond %{HTTP_HOST} ^www.website.com$
RewriteRule ^(.*)$ https://www.website.com/$1 [R=301,L]
I just found out the problem is that I had my SSL setting on "Full" on CloudFlare. That means I have to have a verified certificate on my webhost which I didn't. That's why it didn't work. So changing it to "Flexible" fixed my problem. Or having a self-signed certificate on the webhost if they support it and, unlike UnoEuro, doesn't make you pay for HTTPS Protection.

Redirect subdomain to parameter without wildcard SSL certificate

I'm trying to do which might be not possible at all.
Let's say I own mydomain.com and have standard (no wildcard) RapidSSL certificate which works for www.mydomain.com and mydomain.com.
I'd like to redirect (.htaccess) subdomain.mydomain.com to mydomain.com/?param=subdomain.
I already managed to redirect it to subdomain.mydomain.com/?param=subdomain but the problem is that on every redirection I get browser warning concerning my certificate which doesn't cover any subdomain.
Is it possible to redirect it without the warning? I need subdomain only for pretty passing the parameter and I don't need it after redirection.
I think you want to capture the subdomain in the URL as shown in the 2nd RewriteCond and then use it as the parameter value:
<IfModule mod_rewrite.c>
Options +FollowSymLinks
Options +Indexes
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} !www.mydomain.com$ [NC]
RewriteCond %{HTTP_HOST} ^(www.)?([a-z0-9-]+).mydomain.com [NC]
RewriteRule (.*)?param=%2/$1 [L]
</IfModule>
This is a link to the above solution... http://www.mediacollege.com/internet/server/apache/mod-rewrite/subdomains.html
Hope this helps!
... (no wildcard) RapidSSL certificate which works for www.example.com and example.com .... like to redirect (.htaccess) subdomain.example.com to example.com/?param=subdomain
This is not possible, at least not without warnings about invalid certificates.
The redirection is done within HTTP. But with HTTPS the HTTP layer is embedded inside a SSL layer so that you first have to successfully establish the SSL connection before you can redirect. But to successfully establish the SSL connection you have to have a valid certificate for subdomain.example.com, which you don't have.

How to redirect a page both to https and to the 'www' version of the site

I recently installed my SSL certificate, and I'm attempting to enforce a https connection to all my pages. However, previously I also redirected all requests to the www version of the request page. When combining an http redirect to https and concurrently redirecting traffic to www, I get a looping redirect warning on browsers. Hence, how can I make .htcaccess rule (I actually just use the directory config file) that will achieve what i want: always https://'www'
Here's the current combination that I have:
RewriteEngine on
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^/(.*) https://%{HTTP_HOST}$1 [NC,R=301,L]
RewriteCond %{HTTP_HOST} ^mydomain.com
RewriteRule (.*) https://www.mydomain.com$1 [R=301,L]
Your question is a duplicate of htaccess redirect to https://www
Also, you can solve the WWW problem with DNS by simply pointing your naked domain to WWWizer's free naked domain redirect service's IP 174.129.25.170