We are running a web-site with both HTTP and HTTPs protocols. We need a rule for .htaccess file where we can handle these requests i.e. non-https page should redirect with http:// and https page should redirect with https:// protocol.
We are using apache. Any help would greatly appreciate.
Add this to your .htaccess file at your site's root directory.
RewriteEngine on
# Force http://
RewriteCond %{HTTPS} =on
RewriteCond %{REQUEST_URI} ^(/|/dl/memorandum.*)$ [NC]
RewriteRule ^ http://%{HTTP_HOST}/ [R=301,L]
# Force SSL
RewriteCond %{HTTPS} !=on
RewriteCond %{REQUEST_URI} ^/contact$ [NC]
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
You can match on multiple pages by using the | OR operator.
^/(contact|profile|transactions)$ [NC]
If the URLs are long you can drop the $ and do a prefix match as
^/(contact|profile|transactions) [NC]
This will match on /contact-page or /contact/page as well now.
Use negation to force HTTP on all the rules that do not require SSL.
RewriteEngine on
# Force http://
RewriteCond %{HTTPS} =on
RewriteCond %{REQUEST_URI} !^/(contact|login|cart|register|forgot-your-password|request)$ [NC]
RewriteRule ^ http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
# Force SSL
RewriteCond %{HTTPS} !=on
RewriteCond %{REQUEST_URI} ^/(contact|login|cart|register|forgot-your-password|request)$ [NC]
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
Related
I'm trying to create an htaccess file in the root directory that will also affect subdomain directories (the subdomain works from a directory in the root).
Firstly, will this work if I have one htaccess file in the root? (will it work for subdomains in browsers (as they are actually just directories from root?) ).
The problem that I'm having is that when I try to visit http://demo.example.com, instead of it redirecting to https://demo.example.com it just remains using http://. This also is the case when trying to view http://www.example.com (it doesn't redirect to https).
This is my entire htaccess file as it currently stands. It seems quite bloated to me. Is there a way I can just redirect everything to https, regardless of subdomain / root ?
<IfModule mod_rewrite.c>
RewriteEngine On
# redirect subdomain to https
RewriteCond %{HTTP_HOST} ^(?!www\.)([^.]+)\.example\.com$ [NC]
RewriteCond %{HTTPS} !on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L,NE]
RewriteCond %{HTTPS} !on [OR]
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteCond %{HTTP_HOST} ^(?:www\.)?(example\.com)$ [NC]
RewriteRule ^ https://www.%1%{REQUEST_URI} [R=301,L,NE]
</IfModule>
Can you try these rules in your site root .htaccess:
RewriteEngine On
# add www and https to main domain
RewriteCond %{HTTPS} !on [OR]
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteCond %{HTTP_HOST} ^(?:www\.)?(example\.com)$ [NC]
RewriteRule ^ https://www.%1%{REQUEST_URI} [R=301,L,NE]
# redirect everything to https
RewriteCond %{HTTPS} !on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L,NE]
Test it in a new browser or completely clear your browser cache before testing.
I am trying to redirect https://demo.aurazoscript.com/surf.php?id=15 to http://demo.aurazoscript.com/surf.php?id=15. I tried the following in .htaccess but that doesn't work. It turns off forced HTTPS redirection for the whole website which I don't want. I only want it to be turned off for that single page surf.php.
I tried in .htaccess
# FORCE HTTPS
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} \/(surf.php)
RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]
# DISABLE HTTPS
RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} !\/(surf.php) [NC]
RewriteRule ^(.*)$ http://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]
I am using Flexible SSL from CloudFlare.
I think you do it opposite way , try this at the beginning of .htaccess file after RewriteEngine On:
RewriteCond %{HTTP:X-Forwarded-Proto} https [OR]
RewriteCond %{HTTPS} on
RewriteRule ^surf\.php http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{HTTP:X-Forwarded-Proto} !https [OR]
RewriteCond %{HTTPS} off
RewriteRule !^surf\.php https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Note: clear browser cache then test .
I made the switch of my website from http to https. Now, I want to 301 redirect all http content to https.
I want to use this rule:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
The issue is I also have another rule already in place which redirects all non-www pages to www ones.
RewriteEngine On
RewriteCond %{HTTP_HOST} ^example.com [NC]
RewriteRule ^(.*) http://www.example.com/$1 [last,redirect=301]
How can I combine it so whatever link users write (http non-www ; http www ; https non-www) all redirect to https://www.example.com
Cheers!
You can use this single rule to add www and http->https in single rule:
RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\. [NC,OR]
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]
RewriteRule ^ https://www.%1%{REQUEST_URI} [R=301,L,NE]
This rule should be kept just below RewriteEngine line and make sure to clear your browser cache when testing this change.
I just installed the Origin CA certificate in CentOS 7.3 with the help of this link
Then I redirected all the http requests to https and www to non-www with the following .htaccess commands
RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule ^ https://%1%{REQUEST_URI} [R=301,L]
here are the following issues,
1) When I set RewriteCond %{HTTPS} off it gives Too Many Redirects error
2) When I access the site with follwing URL http://website.com, It doesn't redirect to https
3) but, http://www.website.com works fine (with WWW)
Not sure if I'm doing anything wrong in the SSL configuration, any help would be appreciated.
You can replace both http->https and www->non-www redirect rules with this single rule:
RewriteEngine On
# remove www and turn on https rule
RewriteCond %{HTTP_HOST} ^www\. [NC,OR]
RewriteCond %{HTTP:X-Forwarded-SSL} =off
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]
RewriteRule ^ https://%1%{REQUEST_URI} [R=301,L,NE]
I want to redirect my domain from http to https:
http://www.domain.com --> https://www.domain.com
Is it possible? I've been searching around the internet but I only found:
http://domain.com --> https://www.domain.com
The question is, how about peoples arriving directly on http://www.domain.com? Aren't they be served with non-https url? Same as the vice versa. I just want a simple redirection from the HTTP to HTTPS. Is it possible?
Thank you
I just want a simple redirection from the HTTP to HTTPS
Try this simple rule as first rule on your .htaccess:
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L,NE]
It will work for ALL versions of php and will force SSL and www to all naked domains and links:
RewriteCond %{HTTP_HOST} !^$
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteCond %{HTTPS} off
RewriteRule ^ https://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L,NE]
We DO need the NE
www. is optional in 4th line
"off" is required to be.
Use the following code for force www and SSL usage:
RewriteCond %{HTTP_HOST} !^$
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteCond %{HTTPS}s ^on(s)|
RewriteRule ^ http%1://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} off
# Now, rewrite any request to the wrong domain to use www.
RewriteCond %{HTTP_HOST} !^www\.
RewriteCond %{HTTP_HOST} ^tatwerat\.com [NC]
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI}
</IfModule>