How to rewrite all non ssl request not containing a phrase? - apache

I have a special problem. I need to rewrite all request which goes to http => https, also, I want to fix the url if its missing www, so therefore I also have a rewrite rule for that.
Now, there is one exception, which should not be rewrited. If the request is for
http://www.mydomain.com/api2/.../..
everything under api2 should not be rewrited to https...
Here is my current .htaccess :
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ /index.php/$1 [L]
# Start A2 Switcher Block
# Do not remove or modify this block! Added by PHP Switcher from cPanel to use an alterna$
<IfModule mod_suphp.c>
AddHandler application/x-httpd-php-5.4.13 .php
</IfModule>
# End A2 Switcher Block
Can anyone help?

Have your code like this:
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule !^api2/ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301,NC]
RewriteCond %{HTTPS} off
RewriteRule !^api2/ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301,NC]
RewriteCond %{HTTPS} on
RewriteRule ^api2/ http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301,NC]
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^api2/ http://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301,NC]
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ /index.php/$1 [L]
# Start A2 Switcher Block
# Do not remove or modify this block! Added by PHP Switcher from cPanel to use an alterna$
<IfModule mod_suphp.c>
AddHandler application/x-httpd-php-5.4.13 .php
</IfModule>
# End A2 Switcher Block

Related

redirect to https url with get parameter

I have .htaccess file and code gives only https on pages of woocommerce shop and works perfectly. So how can I add rule that let https on page with GET parameter 'yandex_money=check' for example https://example.com/?yandex_money=check
RewriteEngine On
# Force HTTPS for /(cart|checkout|my-account|product-category|shop|product)
RewriteCond %{HTTPS} !=on
RewriteCond %{THE_REQUEST} ^[A-Z]+\s/(cart|checkout|my-account|product-category|shop|product) [NC]
RewriteRule ^(cart|checkout|my-account|product-category|shop|product) https://%{HTTP_HOST}%{REQUEST_URI} [NC,R=301,L]
# Force HTTP for anything which isn't /(cart|checkout|my-account|product-category|shop|product)
RewriteCond %{HTTPS} =on
RewriteCond %{THE_REQUEST} !^[A-Z]+\s/(cart|checkout|my-account|product-category|shop|product) [NC]
RewriteRule !^(cart|checkout|my-account|product-category|shop|product) http://%{HTTP_HOST}%{REQUEST_URI} [NC,R=301,L]
So the solution is
adding RewriteCond about %{REQUEST_URI} with [OR]
replace RewriteRule [L] with RewriteRule [N] and RewriteRule [L].
[N] key allows to check Next RewriteRule
[L] last is RewriteRule.
fixed .htaccess file:
RewriteEngine On
# RewriteCond %{HTTPS} on
# RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
# Force HTTPS for /(cart|checkout|my-account|product-category|shop|product|wp-admin|wp-login) GET[yandex_money]
RewriteCond %{THE_REQUEST} ^[A-Z]+\s/(cart|checkout|my-account|product-category|shop|product|wp-admin|wp-login) [OR,NC]
#RewriteCond %{QUERY_STRING} ^yandex_money=check [NC]
RewriteCond %{HTTPS} !=on
RewriteRule ^(cart|checkout|my-account|product-category|shop|product|wp-admin|wp-login) https://%{HTTP_HOST}%{REQUEST_URI}?%{QUERY_STRING}[NC,R=301,N]
RewriteRule ^(yandex_money) https://%{HTTP_HOST}%{REQUEST_URI}?%{QUERY_STRING}[NC,R=301,L]
# Force HTTP for anything which isn't /(cart|checkout|my-account|product-category|shop|product|wp-admin|wp-login)
RewriteCond %{HTTPS} =on
RewriteCond %{THE_REQUEST} !^[A-Z]+\s/(cart|checkout|my-account|product-category|shop|product|wp-admin|wp-login) [NC]
RewriteCond %{QUERY_STRING} !^yandex_money=check [NC]
RewriteRule !^(cart|checkout|my-account|product-category|shop|product|wp-admin|wp-login) http://%{HTTP_HOST}%{REQUEST_URI}?%{QUERY_STRING}

Force HTTPS for only a couple URLs?

I have tried every single thing I've come across to get only 2 specific URLs to redirect to https. NOTHING has worked. Here's what I have right now in .htaccess
RewriteCond %{REQUEST_FILENAME} topdeal(.*)
RewriteCond %{REQUEST_FILENAME} watchstore(.*)
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule .? https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Try this rule with THE_REQUEST variable instead of REQUEST_FILENAME:
RewriteCond %{THE_REQUEST} watchstore|topdeal [NC]
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [NE,L,R=301]
You can use the following in your .htaccess file. What the below does is force everything to HTTP except for the directories watchstore and topdeal. Both are forced to HTTPs.
RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-SSL} !on
RewriteCond %{REQUEST_URI} ^\/(watchstore|topdeal)
RewriteRule (.*) https://%{HTTP_HOST}/$1 [L,R=301]
RewriteCond %{HTTP:X-Forwarded-SSL} =on
RewriteCond %{REQUEST_URI} !^\/(watchstore|topdeal)
RewriteRule (.*) http://%{HTTP_HOST}/$1 [L,R=301]
Make sure you clear your cache before testing this.
EDIT:
RewriteEngine On
RewriteBase /
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} ^\/(watchstore|topdeal)
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} !^\/(watchstore|topdeal)
RewriteRule ^(.*)$ http://%{HTTP_HOST}/$1 [R=301,L]

Force HTTPS on all pages except one

I have a WordPress site that I want fully secured using SSL, with the exception of one page (it has a third party script who will not serve over SSL - let's say it's called /booking/), I also want all URL's redirected to the www version.
I've seen similar answers for the other way around, but not this specific use case.
Is this achievable using .htaccess?
Edit:
Here is my .htaccess file:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
# BEGIN Custom
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_HOST} ^00\.00\.00\.00
RewriteRule (.*) https://www.mysite.co.uk/$1 [R=301,L]
RewriteCond %{HTTP_HOST} !^www\. [OR]
RewriteCond %{HTTPS} off
RewriteRule ^((?!online-booking).*) https://www.mysite.co.uk/$1 [NC,L,R,NE]
</IfModule>
# END Custom
*real IP replaced with zeros, this is to redirect the server IP to the actual website.
This code is for the page being at mysite.co.uk/online-booking/
Have it this way:
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} ^00\.00\.00\.00
RewriteRule ^ https://www.mysite.co.uk%{REQUEST_URI} [R=301,L,NE]
RewriteCond %{HTTPS} on
RewriteCond %{THE_REQUEST} /online-booking [NC]
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]
RewriteRule ^ http://www.%1%{REQUEST_URI} [L,R=302,NE]
RewriteCond %{HTTPS} off
RewriteCond %{THE_REQUEST} !/online-booking [NC]
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]
RewriteRule ^ https://www.%1%{REQUEST_URI} [L,R=302,NE]
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteCond %{HTTPS}s on(s)|
RewriteRule ^ http%1://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=302,NE]
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . index.php [L]
And make sure to test it after clearing your browser cache.
This should work :
RewriteEngine on
#--Redirect non-www or http requests excluding "/booking" to https--#
RewriteCond %{HTTP_HOST} !^www\. [OR]
RewriteCond %{HTTPS} off
RewriteRule ^((?!booking).*) https://www.example.com/$1 [NC,L,R,NE]

Using multiple URLs inside htaccess RewriteCond

I'm using the following code inside my .htaccess file to prevent certain URL from being served from https. How can I modify this code to include additional URLs? For example, I don't want the about page to load from https either. Adding an extra line similar to the careers link didn't work.
<IfModule mod_rewrite.c>
RewriteEngine On
# Go to https if not on careers
RewriteCond %{SERVER_PORT} =80
RewriteCond %{THE_REQUEST} !/careers/[\s?] [NC,OR]
RewriteCond %{THE_REQUEST} !/capital/[\s?] [NC,OR]
RewriteCond %{THE_REQUEST} !/summer/[\s?] [NC]
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]
# Go to http if you are on careers
RewriteCond %{SERVER_PORT} !=80
RewriteCond %{THE_REQUEST} /careers/[\s?] [NC,OR]
RewriteCond %{THE_REQUEST} /capital/[\s?] [NC,OR]
RewriteCond %{THE_REQUEST} /summer/[\s?] [NC]
RewriteRule ^(.*)$ http://www.example.com/$1 [R,L]
</IfModule>
Better use regex alternation and minimize your code:
<IfModule mod_rewrite.c>
RewriteEngine On
# Go to https if not on careers
RewriteCond %{SERVER_PORT} =80
RewriteCond %{THE_REQUEST} !/(careers|capital|summer)/[\s?] [NC]
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]
# Go to http if you are on careers
RewriteCond %{SERVER_PORT} !=80
RewriteCond %{THE_REQUEST} /(careers|capital|summer)/[\s?] [NC]
RewriteRule ^(.*)$ http://www.example.com/$1 [R,L]
</IfModule>

Rewrite all to https with htaccess and Magento

We want to redirect every page in Magento to https. We know how to change this in Magento, but we do not know how to do this in our current htaccess? For more information, please see our current htaccess file below, stripped from unnecessary comments.
Current htaccess:
RewriteEngine on
Options +FollowSymLinks
RewriteBase /
DirectoryIndex index.php
RewriteCond %{HTTP_USER_AGENT} libwww-perl.*
RewriteRule .* – [F,L]
RewriteCond %{THE_REQUEST} \s+/index\.php [NC]
RewriteRule ^(.*?)index\.php$ /$1? [L,R=301,NC,NE]
RewriteRule ^api/rest api.php?type=rest [QSA,L]
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteCond %{REQUEST_METHOD} ^TRAC[EK]
RewriteRule .* - [L,R=405]
RewriteCond %{REQUEST_URI} !^/(media|skin|js)/
RewriteRule ^home/?$ /? [R=301,L,NC]
# ADD WWW TO NONE WWW FOR BOTH HTTPS AND NONE HTTPS
RewriteCond %{HTTP_HOST} !^$
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteCond %{HTTPS}s ^on(s)|
RewriteRule ^ http%1://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
#REDIRECT ALL .HTML FILES AND ALL .HTML/ FILES WITH TRAILING SLASH
RewriteRule ^google[0-9a-f]+.html$ - [L]
RewriteRule (.+)\.html$ /$1/ [L,R=301]
RewriteRule (.+)\.html\/$ /$1/ [L,R=301]
# ADD TRAILING SLASH
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-l
# TRAILING SLASH CHECK
RewriteCond %{REQUEST_URI} !(.*)/$
RewriteRule ^(.*)$ $1/ [L,R=301]
#CHECK IF REDIRECT POINTS TO A VALID FILE
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
#REWRITE EVERYTHING ELSE TO INDEX.PHP
RewriteRule .* index.php [L]
Solved by adding:
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R=301,L]
Add the below code
RewriteEngine on
after
RewriteCond %{HTTPS} on
RewriteRule ^$ https://%{HTTP_HOST} [L,R]
And goto admin>SYStem>configuration>General>Web>
change all secure url and unsecure to https:
ex: