Using multiple URLs inside htaccess RewriteCond - apache

I'm using the following code inside my .htaccess file to prevent certain URL from being served from https. How can I modify this code to include additional URLs? For example, I don't want the about page to load from https either. Adding an extra line similar to the careers link didn't work.
<IfModule mod_rewrite.c>
RewriteEngine On
# Go to https if not on careers
RewriteCond %{SERVER_PORT} =80
RewriteCond %{THE_REQUEST} !/careers/[\s?] [NC,OR]
RewriteCond %{THE_REQUEST} !/capital/[\s?] [NC,OR]
RewriteCond %{THE_REQUEST} !/summer/[\s?] [NC]
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]
# Go to http if you are on careers
RewriteCond %{SERVER_PORT} !=80
RewriteCond %{THE_REQUEST} /careers/[\s?] [NC,OR]
RewriteCond %{THE_REQUEST} /capital/[\s?] [NC,OR]
RewriteCond %{THE_REQUEST} /summer/[\s?] [NC]
RewriteRule ^(.*)$ http://www.example.com/$1 [R,L]
</IfModule>

Better use regex alternation and minimize your code:
<IfModule mod_rewrite.c>
RewriteEngine On
# Go to https if not on careers
RewriteCond %{SERVER_PORT} =80
RewriteCond %{THE_REQUEST} !/(careers|capital|summer)/[\s?] [NC]
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]
# Go to http if you are on careers
RewriteCond %{SERVER_PORT} !=80
RewriteCond %{THE_REQUEST} /(careers|capital|summer)/[\s?] [NC]
RewriteRule ^(.*)$ http://www.example.com/$1 [R,L]
</IfModule>

Related

redirect to https url with get parameter

I have .htaccess file and code gives only https on pages of woocommerce shop and works perfectly. So how can I add rule that let https on page with GET parameter 'yandex_money=check' for example https://example.com/?yandex_money=check
RewriteEngine On
# Force HTTPS for /(cart|checkout|my-account|product-category|shop|product)
RewriteCond %{HTTPS} !=on
RewriteCond %{THE_REQUEST} ^[A-Z]+\s/(cart|checkout|my-account|product-category|shop|product) [NC]
RewriteRule ^(cart|checkout|my-account|product-category|shop|product) https://%{HTTP_HOST}%{REQUEST_URI} [NC,R=301,L]
# Force HTTP for anything which isn't /(cart|checkout|my-account|product-category|shop|product)
RewriteCond %{HTTPS} =on
RewriteCond %{THE_REQUEST} !^[A-Z]+\s/(cart|checkout|my-account|product-category|shop|product) [NC]
RewriteRule !^(cart|checkout|my-account|product-category|shop|product) http://%{HTTP_HOST}%{REQUEST_URI} [NC,R=301,L]
So the solution is
adding RewriteCond about %{REQUEST_URI} with [OR]
replace RewriteRule [L] with RewriteRule [N] and RewriteRule [L].
[N] key allows to check Next RewriteRule
[L] last is RewriteRule.
fixed .htaccess file:
RewriteEngine On
# RewriteCond %{HTTPS} on
# RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
# Force HTTPS for /(cart|checkout|my-account|product-category|shop|product|wp-admin|wp-login) GET[yandex_money]
RewriteCond %{THE_REQUEST} ^[A-Z]+\s/(cart|checkout|my-account|product-category|shop|product|wp-admin|wp-login) [OR,NC]
#RewriteCond %{QUERY_STRING} ^yandex_money=check [NC]
RewriteCond %{HTTPS} !=on
RewriteRule ^(cart|checkout|my-account|product-category|shop|product|wp-admin|wp-login) https://%{HTTP_HOST}%{REQUEST_URI}?%{QUERY_STRING}[NC,R=301,N]
RewriteRule ^(yandex_money) https://%{HTTP_HOST}%{REQUEST_URI}?%{QUERY_STRING}[NC,R=301,L]
# Force HTTP for anything which isn't /(cart|checkout|my-account|product-category|shop|product|wp-admin|wp-login)
RewriteCond %{HTTPS} =on
RewriteCond %{THE_REQUEST} !^[A-Z]+\s/(cart|checkout|my-account|product-category|shop|product|wp-admin|wp-login) [NC]
RewriteCond %{QUERY_STRING} !^yandex_money=check [NC]
RewriteRule !^(cart|checkout|my-account|product-category|shop|product|wp-admin|wp-login) http://%{HTTP_HOST}%{REQUEST_URI}?%{QUERY_STRING}

Reduce number of redirects in htaccess

I currently force HTTP to HTTPS and also drop www for my domain ahtag.com, but when you request the root it redirects to ahtag.com/en/home.
Here's the .htaccess rewrite rules that I'm using.
<IfModule mod_rewrite.c>
RewriteEngine On
# strip www subdomain
RewriteCond %{HTTP_HOST} !^$
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ http://%1%{REQUEST_URI} [R=301,L]
SetEnvIf HOST "ahtag\.com$" LIVE=1
# forbid non-GET on non-HTTPS
RewriteCond %{ENV:LIVE} 1
RewriteCond %{HTTPS} !=on
RewriteCond %{REQUEST_METHOD} !=GET
RewriteRule .* - [F,L]
# force HTTPS
RewriteCond %{ENV:LIVE} 1
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
# cakephp rewrite rule
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
</IfModule>
This works fine, but I want to add some specific rules for the root domain. This will reduce redirects and improve response time for first time visitors.
How can I rewrite the following (including schema, host and path).
http://www.ahtag.com --> https://ahtag.com/en/home
http://ahtag.com --> https://ahtag.com/en/home
https://www.ahtag.com --> https://ahtag.com/en/home
https://ahtag.com --> https://ahtag.com/en/home
You get the idea. I just want to redirect on a special URL to the default home URL.
I've read the Apache manual for RewriteCond but I don't feel confident enough to push changes to the production server.
You can add this rule just below RewriteEngine line:
RewriteEngine On
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www\. [NC]
RewriteCond %{HTTP_HOST} ^(?:www\.)?(ahtag\.com)$ [NC]
RewriteRule ^/?$ http://%1/en/home [L,R=301]
# strip www subdomain
RewriteCond %{HTTP_HOST} !^$
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ http://%1%{REQUEST_URI} [R=301,L]
SetEnvIf HOST "ahtag\.com$" LIVE=1
# forbid non-GET on non-HTTPS
RewriteCond %{ENV:LIVE} 1
RewriteCond %{HTTPS} !=on
RewriteCond %{REQUEST_METHOD} !=GET
RewriteRule .* - [F,L]
# force HTTPS
RewriteCond %{ENV:LIVE} 1
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
# cakephp rewrite rule
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]

Force HTTPS on all pages except one

I have a WordPress site that I want fully secured using SSL, with the exception of one page (it has a third party script who will not serve over SSL - let's say it's called /booking/), I also want all URL's redirected to the www version.
I've seen similar answers for the other way around, but not this specific use case.
Is this achievable using .htaccess?
Edit:
Here is my .htaccess file:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
# BEGIN Custom
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_HOST} ^00\.00\.00\.00
RewriteRule (.*) https://www.mysite.co.uk/$1 [R=301,L]
RewriteCond %{HTTP_HOST} !^www\. [OR]
RewriteCond %{HTTPS} off
RewriteRule ^((?!online-booking).*) https://www.mysite.co.uk/$1 [NC,L,R,NE]
</IfModule>
# END Custom
*real IP replaced with zeros, this is to redirect the server IP to the actual website.
This code is for the page being at mysite.co.uk/online-booking/
Have it this way:
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} ^00\.00\.00\.00
RewriteRule ^ https://www.mysite.co.uk%{REQUEST_URI} [R=301,L,NE]
RewriteCond %{HTTPS} on
RewriteCond %{THE_REQUEST} /online-booking [NC]
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]
RewriteRule ^ http://www.%1%{REQUEST_URI} [L,R=302,NE]
RewriteCond %{HTTPS} off
RewriteCond %{THE_REQUEST} !/online-booking [NC]
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]
RewriteRule ^ https://www.%1%{REQUEST_URI} [L,R=302,NE]
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteCond %{HTTPS}s on(s)|
RewriteRule ^ http%1://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=302,NE]
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . index.php [L]
And make sure to test it after clearing your browser cache.
This should work :
RewriteEngine on
#--Redirect non-www or http requests excluding "/booking" to https--#
RewriteCond %{HTTP_HOST} !^www\. [OR]
RewriteCond %{HTTPS} off
RewriteRule ^((?!booking).*) https://www.example.com/$1 [NC,L,R,NE]

htaccess redirect all but three pages to https

I know this sounds like a duplicate but I have tried as many methods as I can find and I still have not gotten this to work. So please do not auto mark this as a duplicate.
I am trying to redirect all pages of http://www.domian.com to https://www.domain.com with the exception of three pages:/products/product1, /products/product2, /products/product3
I also want those pages to always direct to http since if an https page links to it via a relative link, it will naturally have the https already there.
Also in play is that this is an expression engine site where I am removing the index.php from the URI.
Current Htaccess, which results in those three pages still being https even I go to Http for those pages.
### secure .htaccess file
<Files .htaccess>
order allow,deny
deny from all
</Files>
### EE 404 page for missing pages
ErrorDocument 404 /index.php/site/404
###Block Access to directories with no index file
Options -Indexes
### Simple 404 for missing files
<FilesMatch "(\.jpe?g|gif|png|bmp|css|js|flv)$">
ErrorDocument 404 "File Not Found"
</FilesMatch>
### Although highly unlikely, your host may have +FollowSymLinks enabled at the root level, yet disallow its addition in .htaccess; in which case, adding +FollowSymLinks will break your setup (probably a 500 error), so just remove it, and your rules should work fine.
###Options +FollowSymlinks
RewriteEngine On
RewriteBase /
###Removes index.php from ExpressionEngine URLs
RewriteCond %{THE_REQUEST} ^GET
RewriteCond %{THE_REQUEST} ^[^/]*/index\.php [NC]
RewriteRule ^index\.php(.+) $1 [R=301,L]
### Add the www
RewriteCond %{HTTP_HOST} ^domain\.com
RewriteRule ^(.*)$ http://www.domain.com/$1 [R=permanent,L]
###each option I try I replace in this block as a reference
RewriteCond %{SERVER_PORT} 80
RewriteCond %{HTTPS} !on
RewriteCond %{REQUEST_URI} !^/products/product3
RewriteCond %{REQUEST_URI} !^/products/product1
RewriteCond %{REQUEST_URI} !^/products/product2
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R=301,L]
######
RewriteCond $1 !\.(gif|jpe?g|png)$ [NC]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?/$1 [L]
###
Also have tried this which results in the same as above:
RewriteCond %{HTTPS} !on
RewriteCond %{HTTP_HOST} !^(domain\.com/products/product1|domain\.com/products/product2|domain\.com/products/product2) [NC]
RewriteRule ^(.*)$ https://www.domain.com/$1 [R,L]
RewriteCond %{HTTPS} on
RewriteCond %{HTTP_HOST} ^(domain\.com/products/product1|domain\.com/products/product2|domain\.com/products/product2) [NC]
RewriteRule ^(.*)$ http://www.domain.com/$1 [R,L]
Tried this alone just to see if would be able to navigate to http://www.domain.com/products/product1 and at least not have it rewrite, but it still rewrites to https
RewriteCond %{HTTPS} !on
RewriteCond %{REQUEST_URI} !/products/product1 [NC,OR]
RewriteCond %{REQUEST_URI} !/products/product2 [NC,OR]
RewriteCond %{REQUEST_URI} !/products/product3 [NC,OR]
RewriteRule ^(.*)$ https://www.domain.com/$1 [R,L]
Tried this as well, which again still writes those pages to https. Plus if I try to go to http , it rewrites to https and doesn't remove the index.php
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} !^/products/product3
RewriteCond %{REQUEST_URI} !^/products/product1
RewriteCond %{REQUEST_URI} !^/products/product2
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R=301,L]
RewriteCond %{SERVER_PORT} 80
RewriteRule ^/products/product3 http://www.domain.com/products/product3 [R=301,QSA,L,NE]
RewriteRule ^/products/product1 http://www.domain.com/products/product1 [R=301,QSA,L,NE]
RewriteRule ^/products/product2 http://www.domain.com/products/product2 [R=301,QSA,L,NE]
I have honestly tried about 10 -15 versions of all this above and still cannot get it. Including adding index.php? to the request_URI in case that it sees that as part of the request_URI before it's removed. I either end up with the page still rewriting to https or redirect loop land.
Am I missing something simple, is something in the wrong order? I'm just at a loss.
thanks for any help.
UPDATE:
Here's what I used to get it to work:
RewriteCond %{HTTPS} on
RewriteCond %{THE_REQUEST} (\s/products/product1|\s/products/product2|\s/products/product3) [NC]
RewriteRule ^ http://%{HTTP_HOST}%{REQUEST_URI} [R,L]
RewriteCond %{HTTPS} off
RewriteCond %{THE_REQUEST} !\s/products/product1 [NC]
RewriteCond %{THE_REQUEST} !\s/products/product2 [NC]
RewriteCond %{THE_REQUEST} !\s/products/product3 [NC]
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
Here's how we achieved this on a site with a webcam that was in an iframe that wouldn't work on SSL. This was also an ExpressionEngine site.
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
#force www instead of non-www
RewriteCond %{HTTP_HOST} ^domain.co.uk
RewriteRule ^(.*)$ http://www.domain.co.uk/$1 [R=301,L]
# HTTP/HTTPS handling
# Force HTTP for webcam page only
RewriteCond %{HTTPS} on
RewriteCond %{THE_REQUEST} \s/webcam-page [NC]
RewriteRule ^ http://%{HTTP_HOST}%{REQUEST_URI} [R,L]
# Force HTTPS for all pages except webcam
RewriteCond %{HTTPS} off
RewriteCond %{THE_REQUEST} !\s/webcam-page [NC]
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
# Removes index.php from ExpressionEngine URLs
RewriteCond $1 !\.(gif|jpe?g|png)$ [NC]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ /index.php?/$1 [L]
</IfModule>

How to rewrite all non ssl request not containing a phrase?

I have a special problem. I need to rewrite all request which goes to http => https, also, I want to fix the url if its missing www, so therefore I also have a rewrite rule for that.
Now, there is one exception, which should not be rewrited. If the request is for
http://www.mydomain.com/api2/.../..
everything under api2 should not be rewrited to https...
Here is my current .htaccess :
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ /index.php/$1 [L]
# Start A2 Switcher Block
# Do not remove or modify this block! Added by PHP Switcher from cPanel to use an alterna$
<IfModule mod_suphp.c>
AddHandler application/x-httpd-php-5.4.13 .php
</IfModule>
# End A2 Switcher Block
Can anyone help?
Have your code like this:
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule !^api2/ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301,NC]
RewriteCond %{HTTPS} off
RewriteRule !^api2/ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301,NC]
RewriteCond %{HTTPS} on
RewriteRule ^api2/ http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301,NC]
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^api2/ http://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301,NC]
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ /index.php/$1 [L]
# Start A2 Switcher Block
# Do not remove or modify this block! Added by PHP Switcher from cPanel to use an alterna$
<IfModule mod_suphp.c>
AddHandler application/x-httpd-php-5.4.13 .php
</IfModule>
# End A2 Switcher Block