We Keep Coding

.htaccess file sub-folder redirect

I know this has been posted in other places, but I have not been able to make it work properly. I am just trying to get a simple redirect from my root / to /html folder and add a .html extension so the url isn’t www.websites.com/html/file.html but rather www.website.com/file. Does anyone have any idea how to do this type of rewrite?
This is about all I have working properly.
RewriteOptions inherit
RewriteEngine on
<FilesMatch "\.(ico|pdf|flv|jpg|jpeg|png|gif|js|css|swf)#$">
Header set Cache-Control "max-age=604800, public"
</FilesMatch>
RewriteBase /html/

This probably is what you are looking for:
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond /html%{REQUEST_URI}.html -f
RequestRule ^ /html%{REQUEST_URI}.html [END]
For this to work the rewriting module needs to be loaded into the http server. Best is to implement such rules in the actual host configuration of the http server. If you do not have access to that (cheap hosting provider), then you can use a distributed configuration file (".htaccess"), but that needs to be enabled too.

How to apply chunk / modx template changes?

I make changes to the template files, upload them via ftp (or through the admin panel). In the admin panel the chunk's code changes, but the site itself does not change. Why?
I tried:
Clear the cache through the modx admin panel - "Management - Clear
the cache"
Delete the cache folder, which is located in the "core \ cache"
directory
I tried to completely delete the template folder to check if there
would be changes.
Modify the .htaccess file
None of this helped. There are changes in the admin panel, but everything remains as it was on the site
Website on MODX Revolution 2.6.5
In the settings of the server (hosting) it is written that Apache 2. * and PHP 7.1 are used
Here is the .htaccess file
# MODX supports Friendly URLs via this .htaccess file. You must serve web
# pages via Apache with mod_rewrite to use this functionality, and you must
# change the file name from ht.access to .htaccess.
#
# Make sure RewriteBase points to the directory where you installed MODX.
RewriteRule ^.*[-/]v(\d+)-.*$ index\.php?id=$1&%{QUERY_STRING} [L]
RewriteRule ^v(\d+)-.*$ index\.php?id=$1&%{QUERY_STRING} [L]
RewriteRule ^k(\d+)[-/].*[-/]v(\d+)-.*$ index\.php?id=$1-$2&%{QUERY_STRING} [L]
RewriteRule ^k(\d+)[-/]v(\d+)[-/].*$ index\.php?id=$1-$2&%{QUERY_STRING} [L]
RewriteRule ^v(\d+)[-/].*[-/]k(\d+)[-/].*$ index\.php?id=$2-$1&%{QUERY_STRING} [L]
RewriteRule ^v(\d+)[-/]k(\d+)[-/].*$ index\.php?id=$2-$1&%{QUERY_STRING} [L]
RewriteRule ^.*[-/]v(\d+)[-/]k(\d+)[-/].*$ index\.php?id=$2-$1&%{QUERY_STRING} [L]
RewriteRule ^.*[-/]v(\d+)[-/].*[-/]k(\d+)[-/].*$ index\.php?id=$2-$1&%{QUERY_STRING} [L]
RewriteRule ^.*[-/]k(\d+)[-/].*[-/]v(\d+)[-/].*$ index\.php?id=$1-$2&%{QUERY_STRING} [L]
RewriteRule ^.*[-/]k(\d+)[-/]v(\d+)[-/].*$ index\.php?id=$1-$2&%{QUERY_STRING} [L]
RewriteEngine On
RewriteBase /
# The Friendly URLs part
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?q=$1 [L,QSA]
#php_flag register_globals Off
#php_flag zlib.output_compression On
#php_value zlib.output_compression_level 5
#ExpiresActive On
#ExpiresByType image/gif A2592000
#ExpiresByType image/jpeg A2592000
#ExpiresByType image/png A2592000
#BrowserMatch "MSIE" brokenvary=1
#BrowserMatch "Mozilla/4.[0-9]{2}" brokenvary=1
#BrowserMatch "Opera" !brokenvary
#SetEnvIf brokenvary 1 force-no-vary
What to do?
Maybe someone came across a similar one?

What about your browser cache? How do you flush it? Is it the problem with just one chunk or with all of them? How do you call them? I mean like this - [[!...]]? Each resource has "cacheable" setting, what about it?
PS: setting "cacheable" should be on the tab "Settings" with other resource settings, like whether it is a container or not, etc.
https://docs.modx.com/revolution/2.x/making-sites-with-modx/structuring-your-site/resources

issues in creating 301 redirects in Apache 2.4.3x using htaccess

I have recently upgraded my website from http to https protocol.
I have added the following code to my .htaccess file to redirect all http traffic to https on my website.
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.example.com/$1 [R=301,L]
Now when i search for articles on my website using google (which were previously indexed by google when the site was using http protocol.) and click on the search results it is redirected to https://www.example.com.
For eg :
if i click on the http://www.example.com/my-article-1 (or type it in browser bar) it would redirect to https://www.example.com.
I would want to redirect all those http links to https
For eg :
if i click on the http://www.example.com/my-article-1 it should go to https://www.example.com/my-article-1
I tried creating 301 redirects in the .htaccess file
redirect /my-article-1 https://www.example.com/my-article-1
I didnt work.The above code was added right below the first code in this question
How do i create a proper 301 redirect for all my webpages ?
I am using Linux hosting with Apache 2.4.33 and a Drupal 7 CMS running the website.
I have clean URLS Enabled in my Drupal CMS
I found out about an article in Drupal org about putting clean URLs and tried the following combinations
# Various rewrite rules.
<IfModule mod_rewrite.c>
RewriteEngine on
# Added by Me
RewriteBase /
#RewriteRule ^/(.*)$ https://www.domain.in/serial-programming-tutorials [R=301,L]
#Above statement redirects to https://www.domain.in/
#RewriteRule ^serial-programming-tutorials$ https://www.domain.in/serial-programming-tutorials [R=301,L]
#Above statement gives "The page isn’t redirecting properly" Error in Browser
#RewriteRule ^/serial-programming-tutorials$ https://www.domain.in/serial-programming-tutorials [R=301,L]
#Above statement redirects to https://www.domain.in/
Below is my .htaccess file.
#
# Apache/PHP/Drupal settings:
#
# Protect files and directories from prying eyes.
<FilesMatch "\.(engine|inc|info|install|make|module|profile|test|po|sh|.*sql|theme|tpl(\.php)?|xtmpl)(~|\.sw[op]|\.bak|\.orig|\.save)?$|^(\.(?!well-known).*|Entries.*|Repository|Root|Tag|Template|composer\.(json|lock))$|^#.*#$|\.php(~|\.sw[op]|\.bak|\.orig\.save)$">
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
Order allow,deny
</IfModule>
</FilesMatch>
# Don't show directory listings for URLs which map to a directory.
Options -Indexes
# Follow symbolic links in this directory.
Options +FollowSymLinks
# Make Drupal handle any 404 errors.
ErrorDocument 404 /index.php
# Set the default handler.
DirectoryIndex index.php index.html index.htm
# Override PHP settings that cannot be changed at runtime. See
# sites/default/default.settings.php and drupal_environment_initialize() in
# includes/bootstrap.inc for settings that can be changed at runtime.
# PHP 5, Apache 1 and 2.
<IfModule mod_php5.c>
php_flag magic_quotes_gpc off
php_flag magic_quotes_sybase off
php_flag register_globals off
php_flag session.auto_start off
php_value mbstring.http_input pass
php_value mbstring.http_output pass
php_flag mbstring.encoding_translation off
</IfModule>
# Requires mod_expires to be enabled.
<IfModule mod_expires.c>
# Enable expirations.
ExpiresActive On
# Cache all files for 2 weeks after access (A).
ExpiresDefault A1209600
<FilesMatch \.php$>
# Do not allow PHP scripts to be cached unless they explicitly send cache
# headers themselves. Otherwise all scripts would have to overwrite the
# headers set by mod_expires if they want another caching behavior. This may
# fail if an error occurs early in the bootstrap process, and it may cause
# problems if a non-Drupal PHP file is installed in a subdirectory.
ExpiresActive Off
</FilesMatch>
</IfModule>
# Various rewrite rules.
<IfModule mod_rewrite.c>
RewriteEngine on
# Added by Me
RewriteBase /
#RewriteRule ^/(.*)$ https://www.domain.in/serial-programming-tutorials [R=301,L]
#Above statement redirects to https://www.xanthium.in/
#RewriteRule ^serial-programming-tutorials$ https://www.domain.in/serial-programming-tutorials [R=301,L]
#Above statement gives "The page isn’t redirecting properly" Error in Browser
#RewriteRule ^/serial-programming-tutorials$ https://www.domain.in/serial-programming-tutorials [R=301,L]
#Above statement redirects to https://www.domain.in/
# Set "protossl" to "s" if we were accessed via https://. This is used later
# if you enable "www." stripping or enforcement, in order to ensure that
# you don't bounce between http and https.
RewriteRule ^ - [E=protossl]
RewriteCond %{HTTPS} on
RewriteRule ^ - [E=protossl:s]
# Make sure Authorization HTTP header is available to PHP
# even when running as CGI or FastCGI.
RewriteRule ^ - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
# Block access to "hidden" directories whose names begin with a period. This
# includes directories used by version control systems such as Subversion or
# Git to store control files. Files whose names begin with a period, as well
# as the control files used by CVS, are protected by the FilesMatch directive
# above.
#
# NOTE: This only works when mod_rewrite is loaded. Without mod_rewrite, it is
# not possible to block access to entire directories from .htaccess, because
# <DirectoryMatch> is not allowed here.
#
# If you do not have mod_rewrite installed, you should remove these
# directories from your webroot or otherwise protect them from being
# downloaded.
RewriteRule "/\.|^\.(?!well-known/)" - [F]
# If your site can be accessed both with and without the 'www.' prefix, you
# can use one of the following settings to redirect users to your preferred
# URL, either WITH or WITHOUT the 'www.' prefix. Choose ONLY one option:
#
# To redirect all users to access the site WITH the 'www.' prefix,
# (http://example.com/... will be redirected to http://www.example.com/...)
# uncomment the following:
# RewriteCond %{HTTP_HOST} .
# RewriteCond %{HTTP_HOST} !^www\. [NC]
# RewriteRule ^ http%{ENV:protossl}://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
#
# To redirect all users to access the site WITHOUT the 'www.' prefix,
# (http://www.example.com/... will be redirected to http://example.com/...)
# uncomment the following:
# RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
# RewriteRule ^ http%{ENV:protossl}://%1%{REQUEST_URI} [L,R=301]
# Modify the RewriteBase if you are using Drupal in a subdirectory or in a
# VirtualDocumentRoot and the rewrite rules are not working properly.
# For example if your site is at http://example.com/drupal uncomment and
# modify the following line:
# RewriteBase /drupal
#
# If your site is running in a VirtualDocumentRoot at http://example.com/,
# uncomment the following line:
# RewriteBase /
# Pass all requests not referring directly to files in the filesystem to
# index.php. Clean URLs are handled in drupal_environment_initialize().
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !=/favicon.ico
RewriteRule ^ index.php [L]
# Rules to correctly serve gzip compressed CSS and JS files.
# Requires both mod_rewrite and mod_headers to be enabled.
<IfModule mod_headers.c>
# Serve gzip compressed CSS files if they exist and the client accepts gzip.
RewriteCond %{HTTP:Accept-encoding} gzip
RewriteCond %{REQUEST_FILENAME}\.gz -s
RewriteRule ^(.*)\.css $1\.css\.gz [QSA]
# Serve gzip compressed JS files if they exist and the client accepts gzip.
RewriteCond %{HTTP:Accept-encoding} gzip
RewriteCond %{REQUEST_FILENAME}\.gz -s
RewriteRule ^(.*)\.js $1\.js\.gz [QSA]
# Serve correct content types, and prevent mod_deflate double gzip.
RewriteRule \.css\.gz$ - [T=text/css,E=no-gzip:1]
RewriteRule \.js\.gz$ - [T=text/javascript,E=no-gzip:1]
<FilesMatch "(\.js\.gz|\.css\.gz)$">
# Serve correct encoding type.
Header set Content-Encoding gzip
# Force proxies to cache gzipped & non-gzipped css/js files separately.
Header append Vary Accept-Encoding
</FilesMatch>
</IfModule>
</IfModule>
# Add headers to all responses.
<IfModule mod_headers.c>
# Disable content sniffing, since it's an attack vector.
Header always set X-Content-Type-Options nosniff
</IfModule>
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.domain.in/$1 [R=301,L]

You have put the HTTP to HTTPS redirect in the wrong place. It needs to go at the top of your .htaccess file, not at the end.
By placing it at the end, the Drupal "front-controller" has already rewritten the request to index.php. The later HTTP to HTTPS redirect then converts this to an external redirect (in the next round of processing) and essentially redirects everything to the document root.
The order of (mod_rewrite) directives in .htaccess is important.

The order of how the statements are posted is important to the functioning of the .htaccess file as pointed out by #MrWhite.
I have changed my htaccess file as shown below to solve the problem.
# Various rewrite rules.
<IfModule mod_rewrite.c>
RewriteEngine on
#------------------------------------------------------------------#
# Added by to redirect all http to https
# Placing it here solved my problem
#------------------------------------------------------------------#
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.domain.in/$1 [R=301,L]
#-------------------------------------------------------------------#
# Set "protossl" to "s" if we were accessed via https://. This is used later
# if you enable "www." stripping or enforcement, in order to ensure that
# you don't bounce between http and https.
RewriteRule ^ - [E=protossl]
RewriteCond %{HTTPS} on
RewriteRule ^ - [E=protossl:s]
# If your site can be accessed both with and without the 'www.' prefix, you
# can use one of the following settings to redirect users to your preferred
# URL, either WITH or WITHOUT the 'www.' prefix. Choose ONLY one option:
#
# To redirect all users to access the site WITH the 'www.' prefix,
# (http://example.com/... will be redirected to http://www.example.com/...)
# uncomment the following:
RewriteCond %{HTTP_HOST} .
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^ http%{ENV:protossl}://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Placing the below statement just below IfModule mod_rewrite.c (in .htaccess file)as shown solved all my problems
<IfModule mod_rewrite.c>
RewriteEngine on
#------------------------------------------------------------------#
# Added by to redirect all http to https
# Placing it here solved my problem
#------------------------------------------------------------------#
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.domain.in/$1 [R=301,L]
#-------------------------------------------------------------------#
Now
http://www.domain.in redirects to https://www.domain.in
and
http://www.domain.in/tutorial-1 redirects to https://www.domain.in/tutorial-1

Drupal 7 .htaccess File Not Forcing Redirects to HTTPS

I installed a security certificate installed on my website, and want to force all urls to use 'https' as well as 'www'. I updated the .htaccess by uncommenting:
RewriteCond %{HTTP_HOST} .
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^ http%{ENV:protossl}://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
However, upon saving, the site was not enforcing either the https or the www. I cleared cache and even restarted the server, and still no change- so I suspect there is a conflict in the file somewhere, but it may be something else as well. What would be the most efficient way to trouble shoot this to get the redirect to work properly? The file is currently as follows:
#
# Apache/PHP/Drupal settings:
#
# Protect files and directories from prying eyes.
<FilesMatch "\.(engine|inc|info|install|make|module|profile|test|po|sh|.*sql|theme|tpl(\.php)?|xtmpl)(~|\.sw[op]|\.bak|\.orig|\.save)?$|^(\..*|Entries.*|Repository|Root|Tag|Template)$|^#.*#$|\.php(~|\.sw[op]|\.bak|\.orig\.save)$">
Order allow,deny
</FilesMatch>
# Don't show directory listings for URLs which map to a directory.
Options -Indexes
# Follow symbolic links in this directory.
Options +FollowSymLinks
# Make Drupal handle any 404 errors.
ErrorDocument 404 /index.php
# Set the default handler.
DirectoryIndex index.php index.html index.htm
# Override PHP settings that cannot be changed at runtime. See
# sites/default/default.settings.php and drupal_environment_initialize() in
# includes/bootstrap.inc for settings that can be changed at runtime.
# PHP 5, Apache 1 and 2.
<IfModule mod_php5.c>
php_flag magic_quotes_gpc off
php_flag magic_quotes_sybase off
php_flag register_globals off
php_flag session.auto_start off
php_value mbstring.http_input pass
php_value mbstring.http_output pass
php_flag mbstring.encoding_translation off
</IfModule>
# Requires mod_expires to be enabled.
<IfModule mod_expires.c>
# Enable expirations.
ExpiresActive On
# Cache all files for 2 weeks after access (A).
ExpiresDefault A1209600
<FilesMatch \.php$>
# Do not allow PHP scripts to be cached unless they explicitly send cache
# headers themselves. Otherwise all scripts would have to overwrite the
# headers set by mod_expires if they want another caching behavior. This may
# fail if an error occurs early in the bootstrap process, and it may cause
# problems if a non-Drupal PHP file is installed in a subdirectory.
ExpiresActive Off
</FilesMatch>
</IfModule>
# Various rewrite rules.
<IfModule mod_rewrite.c>
RewriteEngine on
# Set "protossl" to "s" if we were accessed via https://. This is used later
# if you enable "www." stripping or enforcement, in order to ensure that
# you don't bounce between http and https.
RewriteRule ^ - [E=protossl]
RewriteCond %{HTTPS} on
RewriteRule ^ - [E=protossl:s]
# Make sure Authorization HTTP header is available to PHP
# even when running as CGI or FastCGI.
RewriteRule ^ - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
# Block access to "hidden" directories whose names begin with a period. This
# includes directories used by version control systems such as Subversion or
# Git to store control files. Files whose names begin with a period, as well
# as the control files used by CVS, are protected by the FilesMatch directive
# above.
#
# NOTE: This only works when mod_rewrite is loaded. Without mod_rewrite, it is
# not possible to block access to entire directories from .htaccess, because
# <DirectoryMatch> is not allowed here.
#
# If you do not have mod_rewrite installed, you should remove these
# directories from your webroot or otherwise protect them from being
# downloaded.
RewriteRule "(^|/)\." - [F]
# If your site can be accessed both with and without the 'www.' prefix, you
# can use one of the following settings to redirect users to your preferred
# URL, either WITH or WITHOUT the 'www.' prefix. Choose ONLY one option:
#
# To redirect all users to access the site WITH the 'www.' prefix,
# (http://example.com/... will be redirected to http://www.example.com/...)
# uncomment the following:
RewriteCond %{HTTP_HOST} .
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^ http%{ENV:protossl}://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
#
# To redirect all users to access the site WITHOUT the 'www.' prefix,
# (http://www.example.com/... will be redirected to http://example.com/...)
# uncomment the following:
# RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
# RewriteRule ^ http%{ENV:protossl}://%1%{REQUEST_URI} [L,R=301]
# Modify the RewriteBase if you are using Drupal in a subdirectory or in a
# VirtualDocumentRoot and the rewrite rules are not working properly.
# For example if your site is at http://example.com/drupal uncomment and
# modify the following line:
# RewriteBase /drupal
#
# If your site is running in a VirtualDocumentRoot at http://example.com/,
# uncomment the following line:
# RewriteBase /
# Pass all requests not referring directly to files in the filesystem to
# index.php. Clean URLs are handled in drupal_environment_initialize().
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !=/favicon.ico
RewriteRule ^ index.php [L]
# Rules to correctly serve gzip compressed CSS and JS files.
# Requires both mod_rewrite and mod_headers to be enabled.
<IfModule mod_headers.c>
# Serve gzip compressed CSS files if they exist and the client accepts gzip.
RewriteCond %{HTTP:Accept-encoding} gzip
RewriteCond %{REQUEST_FILENAME}\.gz -s
RewriteRule ^(.*)\.css $1\.css\.gz [QSA]
# Serve gzip compressed JS files if they exist and the client accepts gzip.
RewriteCond %{HTTP:Accept-encoding} gzip
RewriteCond %{REQUEST_FILENAME}\.gz -s
RewriteRule ^(.*)\.js $1\.js\.gz [QSA]
# Serve correct content types, and prevent mod_deflate double gzip.
RewriteRule \.css\.gz$ - [T=text/css,E=no-gzip:1]
RewriteRule \.js\.gz$ - [T=text/javascript,E=no-gzip:1]
<FilesMatch "(\.js\.gz|\.css\.gz)$">
# Serve correct encoding type.
Header set Content-Encoding gzip
# Force proxies to cache gzipped & non-gzipped css/js files separately.
Header append Vary Accept-Encoding
</FilesMatch>
</IfModule>
</IfModule>
Bonus question (and thank you for making it this far!)- I downloaded a copy of Drupal to replace the htaccess file in case there was an issue, and it came unformatted, while the version that had been installed is certainly easier to read as it is formatted nicely w/ breaks and such. I'm assuming there's a trick to viewing the file so it is not crunched together- but any insight on that would be greatly appreciated!
**Formatting was indeed notepad- once dropping into sublime it worked as expected, thanks to msg.
**Update to issue:
Thank you msg - so with your comment about working out of the box, I decided to redownload the same version of Drupal and copied over the htaccess file, then uncommented as before, and added the 3 lines of code just below "RewriteEngine" - www is now properly working, but the force to use secure is still not. the section of relevant code (as far as I can tell) is:
# Various rewrite rules.
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# Set "protossl" to "s" if we were accessed via https://. This is used later
# if you enable "www." stripping or enforcement, in order to ensure that
# you don't bounce between http and https.
RewriteRule ^ - [E=protossl]
RewriteCond %{HTTPS} on
RewriteRule ^ - [E=protossl:s]
# Make sure Authorization HTTP header is available to PHP
# even when running as CGI or FastCGI.
RewriteRule ^ - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
Are the lines added potentially conflicting with other code that was uncommented?

The default .htaccess should work out of the box, so I'd begin with the checklist:
Verify that mod_rewrite is loaded: apache2ctl -D DUMP_MODULES
Make sure that .htaccess files aren't forbidden: There is no AllowOverride None in the server configuration.
Enable rewrite log
As for the formatting, looks like the editor doesn't show line feeds properly. Notepad by any chance?
EDIT: Upon having a second look, this doesn't actually redirect to the https version of the page, just makes sure that keeps the same protocol as the original request. Try adding this after RewriteEngine on:
RewriteCond %{HTTPS} off
RewriteRule ^ https://www.yoursitehere.com [R,L]
EDIT2: It shouldn't, but I've a couple of things to point out:
X-Forwarded-Proto could be causing problems if it's not set. If you don't have a loadbalancer or proxy, try commenting it out.
I have sometimes encountered instances where %{HTTPS} isn't set and I resorted to using %{SERVER_PORT} o %{SERVER_PROTOCOL}.
I'm not sure if it's a bug or just behaviour dependent on apache version. This is where some debugging or trial and error comes in.
Other than that, some of the rules are now a bit inefficient. Let's have a look:
RewriteCond %{HTTPS} off
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
This checks if the request came via regular HTTP and if that the case, it redirects to https in whatever ServerAlias the request came in and stops further processing ([L]). This is the perfect opportunity to redirect to a canonical version.
You still have to check if the request came in via the canonical version, just in case, as it's done in the block:
RewriteCond %{HTTP_HOST} !^www\.
That would cause another redirection for the client.
Or you could combine that Cond with ours with [OR] flag and be done.

Thank you for your help #msg. Unfortunately in my case that I ultimately ended up using iis to redirect, which I noticed only updated settings.config. If you have any insight on what connection there might be there I'd be very interested to hear it though.

how to remove cookies for cookieless domain

I have a subdomain called cdn.domain.com, from which I serve CSS, JS and some images.
When I run Google Chrome's audit, it says that I can imporve speed by serving those files from a cookieless domain.
I've searched on the internet and found mostly this:
<FilesMatch "\.(js|css|jpg|png|jpeg|gif|xml|json|txt|pdf|mov|avi|otf|woff|ico|swf)$">
RequestHeader unset Cookie
Header unset Cookie
Header unset Set-Cookie
</FilesMatch>
But when I add this to my .htaccess in my root, I see no change in my requests, when I add this to the .htaccess of the cdn.domain.com, nothing happens as well.
When I look into the request headers I always see this:
Cookie:__utma=124771992.1672641002.1393489852.1393489852.1393489852.1; __utmz=124771992.1393489852.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); cve=7%2BOFANPFY6bPsm9274j8hJIz%2BPvLQRT%2FJZG9ftr2o7c%3D; cvp=dNuYumBN%2F642JaRgONUeEq1upp2y%2F%2FtDjt%2BBbV87W%2BA%3D
The subdomain is a subfolder of the global domain.
Both the global and the subdomain have this .htaccess:
# http://www.askapache.com/htaccess/htaccess.html
## ERRORDOCUMENTS
# http://askapache.com/htaccess/apache-status-code-headers-errordocument.html
ErrorDocument 400 /include/html/errorPages/400.html
ErrorDocument 403 /include/html/errorPages/403.html
ErrorDocument 404 /include/html/errorPages/404.html
ErrorDocument 500 /include/html/errorPages/500.html
<IfModule mod_headers.c>
SetEnvIf Origin "http(s)?://(www\.)?(copperviper.com)$" AccessControlAllowOrigin=$0$1
Header set Access-Control-Allow-Origin %{AccessControlAllowOrigin}e env=AccessControlAllowOrigin
Header set Access-Control-Allow-Credentials true
</IfModule>
<FilesMatch "\.(js|css|jpg|png|jpeg|gif|xml|json|txt|pdf|mov|avi|otf|woff|ico|swf)$">
RequestHeader unset Cookie
Header unset Cookie
Header unset Set-Cookie
</FilesMatch>
order deny,allow
deny from all
allow from 62.132.244.73
# Possible values for the Options directive are "None", "All", or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
RewriteEngine On
RewriteBase /cdn/
# REWRITE TO WWW
RewriteCond %{REQUEST_URI} !^/robots\.txt$ [NC]
RewriteCond %{HTTP_HOST} !^www\.[a-z-]+\.[a-z]{2,6} [NC]
RewriteCond %{HTTP_HOST} ([a-z-]+\.[a-z]{2,6})$ [NC]
RewriteRule ^/(.*)$ http://%1/$1 [R=301,L]
# REWRITE TO SEF URL'S
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)/(.*)/(.*)/(.*) index.php?a=$1&b=$2&c=$3&d=$4 [QSA,L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)/(.*)/(.*) index.php?a=$1&b=$2&c=$3 [QSA,L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)/(.*) index.php?a=$1&b=$2 [QSA,L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*) index.php?a=$1 [QSA,L]
# COMPRESSION
SetOutputFilter DEFLATE
AddOutputFilterByType DEFLATE text/plain text/html text/x-php text/xml text/css application/xml application/xhtml+xml application/rss+xml application/javascript application/x-javascript application/x-httpd-php application/octet-stream image/svg+xml application/font-woff image/svg+xml
# REMOVE BROWSER BUGS
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4\.0[678] no-gzip
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
Header append Vary User-Agent
# enable PHP error logging
php_flag log_errors on
php_flag display_startup_errors on
php_flag display_errors on
php_flag html_errors on
php_value docref_root 3
php_value docref_ext 3
php_value upload_max_filesize 2000M
php_value post_max_size 2000M
php_value max_execution_time 200000
php_value max_input_time 200000
# CACHED FOREVER
# MOD_REWRITE TO RENAME EVERY CHANGE
ExpiresActive On
ExpiresDefault A29030400
Header set Cache-Control "public"
Header set Expires "Thu, 15 Apr 2010 20:00:00 GMT"
Header unset Last-Modified
# PROTECT .htaccess
<Files ~ "^.*\.([Hh][Tt][Aa])">
order allow,deny
deny from all
satisfy all
</Files>
# Commonly used filename extensions to character sets.
AddDefaultCharset UTF-8
DefaultLanguage en-US
# Set the Time Zone of your Server
SetEnv TZ Etc/GMT
# ServerAdmin: This address appears on some server-generated pages, such as error documents.
SetEnv SERVER_ADMIN bug#copper-viper.com
# SEND CUSTOM HEADERS
Header set P3P "policyref='http://www.askapache.com/w3c/p3p.xml'"
Header set X-Pingback "http://www.askapache.com/xmlrpc.php"
Header set Content-Language "en-US"
Header set Vary "Accept-Encoding"
# ADD VALUES FROM HTTP HEADERS
SetEnvIfNoCase ^If-Modified-Since$ "(.+)" HTTP_IF_MODIFIED_SINCE=$1
SetEnvIfNoCase ^If-None-Match$ "(.+)" HTTP_IF_NONE_MATCH=$1
SetEnvIfNoCase ^Cache-Control$ "(.+)" HTTP_CACHE_CONTROL=$1
SetEnvIfNoCase ^Connection$ "(.+)" HTTP_CONNECTION=$1
SetEnvIfNoCase ^Keep-Alive$ "(.+)" HTTP_KEEP_ALIVE=$1
SetEnvIfNoCase ^Authorization$ "(.+)" HTTP_AUTHORIZATION=$1
SetEnvIfNoCase ^Cookie$ "(.+)" HTTP_MY_COOKIE=$1
# Optionally add a line containing the server version and virtual host
# name to server-generated pages (internal error documents, FTP directory
# listings, mod_status and mod_info output etc., but not CGI generated
# documents or custom error documents).
# Set to "EMail" to also include a mailto: link to the ServerAdmin.
# Set to one of: On | Off | EMail
ServerSignature On
## LIMIT UPLOAD FILE SIZE TO PROTECT AGAINST DOS ATTACK
#bytes, 0-2147483647(2GB)
LimitRequestBody 10240000
## MOST SECURE WAY TO REQUIRE SSL
# http://www.askapache.com/htaccess/apache-ssl-in-htaccess-examples.html
#SSLOptions +StrictRequire
#SSLRequireSSL
#SSLRequire %{HTTP_HOST} eq "askapache.com"
#ErrorDocument 403 https://askapache.com
# Safe Request Methods
# Denies any request not using GET,PROPFIND,POST,OPTIONS,PUT,HEAD[403]
RewriteCond %{REQUEST_METHOD} !^(GET|HEAD|POST|PROPFIND|OPTIONS|PUT)$ [NC]
RewriteRule .* - [F,NS,L]
# Forbid Proxies ^
# Denies any POST Request using a Proxy Server. Can still access site, but not comment. http://perishablepress.com/press/2008/04/20/how-to-block-proxy-servers-via-htaccess/
RewriteCond %{REQUEST_METHOD} =POST
RewriteCond %{HTTP:VIA}%{HTTP:FORWARDED}%{HTTP:USERAGENT_VIA}%{HTTP:X_FORWARDED_FOR}%{HTTP:PROXY_CONNECTION} !^$ [OR]
RewriteCond %{HTTP:XPROXY_CONNECTION}%{HTTP:HTTP_PC_REMOTE_ADDR}%{HTTP:HTTP_CLIENT_IP} !^$
RewriteRule .* - [F,NS,L]
# HTTP PROTOCOL ^
# Denies any badly formed HTTP PROTOCOL in the request, 0.9, 1.0, and 1.1 only
RewriteCond %{THE_REQUEST} !^[A-Z]{3,9}\ .+\ HTTP/(0\.9|1\.0|1\.1) [NC]
RewriteRule .* - [F,NS,L]
# SPECIFY CHARACTERS ^
# Denies any request for a url containing characters other than "a-zA-Z0-9.+/-?=&" - REALLY helps but may break your site depending on your links.
RewriteCond %{THE_REQUEST} !^[A-Z]{3,9}\ [a-zA-Z0-9\.\+_/\-\?\=\&]+\ HTTP/ [NC]
RewriteRule .* - [F,NS,L]
# BAD Content Length ^
# Denies any POST request that doesnt have a Content-Length Header
RewriteCond %{REQUEST_METHOD} =POST
RewriteCond %{HTTP:Content-Length} ^$
RewriteRule .* - [F,NS,L]
# BAD Content Type ^
# Denies any POST request with a content type other than application/x-www-form-urlencoded|multipart/form-data
RewriteCond %{REQUEST_METHOD} =POST
RewriteCond %{HTTP:Content-Type} !^(application/x-www-form-urlencoded|multipart/form-data.*(boundary.*)?)$ [NC]
RewriteRule .* - [F,NS,L]
# Missing HTTP_HOST ^
# Denies requests that dont contain a HTTP HOST Header.
RewriteCond %{HTTP_HOST} ^$
RewriteRule .* - [F,NS,L]
# Bogus Graphics Exploit ^
# Denies obvious exploit using bogus graphics
RewriteCond %{HTTP:Content-Disposition} \.php [NC]
RewriteCond %{HTTP:Content-Type} image/.+ [NC]
RewriteRule .* - [F,NS,L]
# No UserAgent, Not POST ^
# Denies POST requests by blank user-agents. May prevent a small number of visitors from POSTING.
RewriteCond %{REQUEST_METHOD} =POST
RewriteCond %{HTTP_USER_AGENT} ^-?$
RewriteRule .* - [F,NS,L]
What am I doing wrong here?

This is what the manual page for setcookie() explains about the $domain argument:
Setting the domain to 'www.example.com' will make the cookie available
in the www subdomain and higher subdomains. Cookies available to a
lower domain, such as 'example.com' will be available to higher
subdomains, such as 'www.example.com'. Older browsers still
implementing the deprecated » RFC 2109 may require a leading . to
match all subdomains.
This implies that in modern browsers (I suppose that means almost all in practice) any cookie set for domain.com will be sent back by the browser to cdn.domain.com as well. That's how the cookie spec works and I don't think there's a clean solution.
Ideally, your cookieless domain should use an entirely different top level domain; or your site should be hosted in a subdomain, such as www.domain.com, so you can fine-tune cookies. I guess none are reasonable options for you at this point so you'll probably have to live with it.