I'm fixing my Apache (2.4.12) config files on a server that serves three different domain names. I have a different config file for each site. I cannot for the life of me figure out how to accomplish both of the following:
Redirect all http requests to https, keeping the entire rest of the request (subdomain/host AND document path) exactly the same
Redirect all www requests to non-www
I've read that this can be done in one step if I have only one *:80 VirtualHost and put the rewrite rules there (the remainder of my subdomains are all *:443 VirtualHosts with the exception of www), but I can't figure out how to do it. These answers on SO did not work:
The accepted answer in this question is not correct (only does the https redirect)
This answer does not work for me--only the https redirect works.
This question doesn't deal with a wildcard subdomain and is thus inapplicable.
This question is also inapplicable because it doesn't deal with subdomains.
EDIT: This is the code I reference in the comments for mike.k's answer below.
<VirtualHost *:80>
RewriteEngine On
RewriteCond %{HTTP_HOST} www.example.com
RewriteRule ^(.*)$ https://example.com/$1 [R=permanent,L]
RewriteCond %{HTTPS} off
RewriteRule (.*) https://example.com%{REQUEST_URI}
</VirtualHost>
This is from my production system and works.
THE_HOSTNAME is for instance server, and then THE_FQHN is server.domain.edu, which helps for SSL certificates if you don't want to support wildcards and multiple domain names.
# redirect to FQHN
RewriteEngine on
RewriteCond %{HTTP_HOST} THE_HOSTNAME$
RewriteRule ^(.*)$ https://THE_FQHN/ $1 [R=permanent,L]
# redirect to HTTPS
RewriteCond %{HTTPS} off
RewriteRule (.*) https://THE_FQHN%{REQUEST_URI}
In your case www.domain.com would be where THE_HOSTNAME is, and THE_FQHN would be domain.com, just flipped around
Related
I have already tried different solutions from other threads but somehow none is working. So I have a domain called my-domain.com and I want that all http requests to http://my-domain.com or http:///*.my-domain.com are redirected to the corresponding https page. In the folder /etc/apache2/sites-enabled/ I have a configuration file which looks like this:
<VirtualHost *:80>
ServerName my-domain.com
ServerAlias *.my-domain.com
RewriteEngine On
RewriteCond %{HTTP_HOST} ^(.+)\.my-domain\.com$
RewriteRule ^(.*)$ https://%1.my-domain.com/$1 [R=302,L]
</VirtualHost>
But still there are no redirects. All requests are failing because of a timeout. Is there something I am missing?
In your RewriteRule, the %1 is not doing what you think it will be doing.
# bad
RewriteRule ^(.*)$ https://%1.my-domain.com/$1 [R=302,L]
Try this:
# good
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
What we are doing here is taking ANY request that is NOT HTTPS, and rewriting it. We don't care about looking at the %{HTTP_HOST}, nor the %{REQUEST_URI}, because we will just use them blindly.
This is a "blind forward" to HTTPS. I don't care what you asked for, but since you did it over HTTP, you will have to do it over HTTPS.
At that point, it becomes a different rule to redirect further.
Additionally, 302 is a temporary redirect. You may wish to consider a 301, for a permanent redirect across ports.
Let me explain my setup here, I have two domains, for the sake of naming them lets call them domain1.com and domain2.com. I have shared hosting that runs cPanel.
Domain1.com is my main domain, and is what I have my hosting account setup using. I have a website hosted at that domain. Domain2.com is set as an add-on domain, and directs to a folder inside of the main domains root. That has it's own website (a Ghost blog).
That all works fine. However the websites hosted at the two domains are quite different and I did not want the subdomain to work, but as far as I can tell add-on domains in cPanel have to have a subdomain in order to be added to the account. The redirect options for the subdomains in cPanel aren't good enough for me, as I wanted anyone accessing say domain1.com/domain2 to get a 404 error as if it didn't exist. So I set up the .htaccess file for domain1.com to look like this:
RewriteEngine On
#301 (permenant) redirects all HTTP requests to HTTPS (SSL)
RewriteCond %{HTTPS} !on
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
#404 redirects all domain.com/subdomain requests
RewriteCond %{HTTP_HOST} ^(www.)?domain1.com$ [NC]
RewriteCond %{REQUEST_URI} ^/domain2/(.*)$
RewriteRule ^(.*)$ - [L,R=404]
#404 redirects all subdomain.domain.com & www.subdomain.domain.com requests
RewriteCond %{HTTP_HOST} ^domain2.domain1.co.uk$ [OR]
RewriteCond %{HTTP_HOST} ^www.domain2.domain1.co.uk$ [OR]
RewriteCond %{REQUEST_URI} ^/$
RewriteRule ^(.*)$ - [L,R=404]
This worked perfectly, anyone tryting to access domain2 via domain1 would get a 404 error. But that was before I installed Ghost on domain2 After getting Ghost installed I created an .htaccess file in the domain2 folder inside of domain1's root.I had to put this in it in order for Ghost for to run, as it uses NodeJS:
RewriteEngine on
RewriteRule ^(.*)$ http://127.0.0.1:55555555/$1 [P,L]
This also works perfectly except for one aspect. Now all requests to the domain using domain1.com have started working again. For example if I type domain2.domain1.com it will now show me the Ghost blog where as before it was correctly displaying a 404 Not Found error. Why is this and how do I go about rectifying this issue?
As a side note, I also started trying to have all http requests redirect to https. I added the following to the domain1.com htaccess file as I wanted all requests on both domains to redirect to https and I assumed this was necessary:
RewriteCond %{HTTPS} !on
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Now this kind of works. All requests, whatever they are (with or without www for instance), redirect to https, and when I visit it in my browser I get a green the icon indicating it's secured with SSL. Again even with this the previous issue of the domain redirect still doesn't work. But I have another odd issue here.
If I type in my browser simply "domain1.com" (ie without https:// or www. or a combination of the two), it will show just "domain1.com" in the address bar but with the green icon and say it is secured. If however I type in "domain2.com" (again with no https:// or www etc.) it does the same thing except it states it is not secure, suggesting it requested http.
And yet if I type in www.domain2.com or http://domain2.com, that works and I get the secured icon. It is highly puzzling. It seems that the https redirect works on every request except for just "domain2.com" while any other variation (www.domain2.com, http://domain2.com etc) works fine. Any clues? I mean clearly I've done something wrong with the htaccess files but I don't know what, I got most of what I'd put in them from searching sites like Stackexchange, but personally I don't really know anything about them or how they work.
I think I have fixed my own problem here.
I corrected the main htaccess so the https redirect acts like this;
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
From what I can tell it's better to do it this way than the way I had it previously. This in itself didn't fix the problems. What fixed it for me is editing the domain2.com htaccess to look like this:
RewriteEngine on
#Force WWW if it isn't in the request
RewriteCond %{HTTP_HOST} !^www\. [NC,OR]
#Or include WWW even if it is in the request
RewriteCond %{HTTP_HOST} ^www\. [NC]
#Then Force it to use https
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
#Defines this domain so main htaccess rules for subdomains work
RewriteCond %{HTTP_HOST} ^(.*)?domain2.com$ [NC]
#Proxy for Ghost
RewriteRule ^(.*)$ http://127.0.0.1:55555555/$1 [P,L]
Now everything works. All requests are redirected to https. All requests to the subdomain from the main domain fail with a 404. domain2.com now redirects to https://www.domain2.com or https://domain2.com so it is now always secured by SSL. I'm a novice at htaccess as is probably evident and I've no doubt some or all of this could have unnecessary elements removed or simplified so if anyone wants to correct my syntax so it's less messy I'd appreciate it.
I have a domain example.com added to the DigitalOcean (Ubuntu 16.04) with Apache2.4.18 and have Wordpress installed on it. The site is running properly.
The problem is, that all the request www.example.com redirects to example.com. I need example.com to redirect to www.example.com.
I see there are 2 ways to do it. 1. .htaccess and 2. Apache config file, currently using 000-default.conf file. I installed letsencrypt ssl, which added the following RewriteRule to 000-default.conf
RewriteEngine on
RewriteCond %{SERVER_NAME} =www.example.com [OR]
RewriteCond %{SERVER_NAME} =example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
based on the research online, I did modify the 000-default.conf to
RewriteRule ^ https://www.%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
and also tried the following code in .htaccess file.
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,L]
Upon doing either of these, I get error of multiple redirection loop. Which basically redirecting example.com to www.example.com and www.example.com to example.com and so on. I tested the same on Redirectcheck.com.
The main issue is I can't seem to find out the first 301 Redirect which is all the request being redirected to exmple.com. If I can disable or overwrite the main 301 Redirect rule then I can achieve all the request to be redirected to www.example.com.
I did my research but I'm hitting my head hard here, any help would be really appreciated. Thank You!
So, I finally traced it down, all the configuration were correct, the only issue was in the WordPress -> Admin Panel -> Setting -> General. I have placed the site_url and main_url as example.com and when I updated it to www.example.com and tested again, It did fix it.
I have a SSL on my site and would like to redirect all my http pages to https
I find something below and work for www.yourdomain.com.
If I also need transfer all yourdomain.com(without www) to https what should I add to htaccess? Thanks!
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.yourdomain.com/$1 [R,L]
<!-- Please put the redirect without www here, thanks-->
A simple Google search reveals hundreds of results. For example, this official FAQ.
RewriteEngine On
# This will enable the Rewrite capabilities
RewriteCond %{HTTPS} !=on
# This checks to make sure the connection is not already HTTPS
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
# This rule will redirect users from their original location, to the same location but using HTTPS.
# i.e. http://www.example.com/foo/ to https://www.example.com/foo/
# The leading slash is made optional so that this will work either in httpd.conf
# or .htaccess context
I have three domains, two of which are supposed to be redirected to the other.
www.example.com
www.example.net
www.example.org
I already have the DNS entries setup so that they all will go to the same IP address.
What I want to have happen is for the .com and .net urls to be permanently redirected to the .org address. So:
http://www.example.com -> http://www.example.org
http://www.example.net -> http://www.example.org
http://example.com -> http://www.example.org
http://example.net -> http://www.example.org
In my .htaccess file I have the following configuration which I setup from the best of my understanding of http://httpd.apache.org/docs/2.2/rewrite/remapping.html#canonicalhost
RewriteEngine on
RewriteCond %{HTTP_HOST} !^www.example.org$ [NC]
RewriteCond %{HTTP_HOST} !^$
RewriteRule ^/?(.*)$ http://www.example.org/$1 [L,R=301]
Theoretically, what should happen is that any requests to the site where the HTTP_HOST is not www.example.org, then it should be permenantly redirected to http://www.example.org/ followed by any original path that was on the URL.
I'm sure this is easy to do and I'm just missing something obvious, but it seems like all of the other questions and search results talk about redirecting subdomains and file paths, but none of them talk about redirecting a top level domain in a URL.
Thats almost the same that I use:
RewriteEngine on
RewriteCond %{HTTP_HOST} !^www.example.org$
RewriteRule ^/(.*)$ http://www.example.org/$1 [R=301,L]
Turns out I was on the right track. My final code wound up being this:
RewriteEngine on
RewriteCond %{HTTP_HOST} !^www.example.org$ [NC]
RewriteRule ^(.*)$ http://www.example.org/$1 [L,R=301]
The root of the problem for me was that my host was unaware I had multiple domains. So when requests would come into the site after being resolved, the host would throw up a page saying there it couldn't find a site. So I added my example.com and example.net sites to my host and parked them to example.org.
Perhaps somebody else can better explain what happened here than I, but the real issue was not with the rewrite but with my hosting provider.