Redirecting to https with wildcard urls (htaccess) - apache

I have the following problem. I have a site where some pages must be redirected to the https-secured equivalent of the link.
I tried several things but in the end it seems that the server ends up in a loop redirecting :(
Now I redirect every page to the https page but that is not what I want to.
This is the code I use right now:
RewriteCond %{http_host} ^www.domain.nl
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^(.*)$ https://www.domain.nl/$1 [L,R=301]
I would like to have al urls starting with bo- have https.
examples:
http://www.domain.nl/bo-users -> redirects to https://www.domain.nl/bo-users
http://www.domain.nl/bo-groups -> redirects to https://www.domain.nl/bo-groups
but
http://www.domain.nl/about-us -> stays at http://www.domain.nl/about-us
It is clear to me I need some wildcards in the rewrite condition for all urls startin with bo-.
We are using apache on the server.
Hope someone can send me in the right direction.
Thanks,
Frank
Update after the tips from Anubhava.
I current;y have this htaccess but I can't get it working (even when clearing the cache in my browser)
Options +FollowSymlinks
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} ^www.domain\.nl$ [NC]
RewriteCond %{HTTPS} on
RewriteRule !^bo- http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301,NC,NE]
RewriteCond %{HTTP_HOST} ^www.domain\.nl$ [NC]
RewriteCond %{HTTPS} off
RewriteRule ^bo- https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301,NC,NE]
#rewrites een url to www.
RewriteCond %{HTTP_HOST} ^[a-z0-9-]+\.[a-z]{2,6}$ [NC]
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$0 [L,R=301]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php/$1 [L]
Hope for some extra help!
Thanks,
Frank
I just opened another call. The initial answer worked fine!

Use this rule:
# force HTTPS for bo- URIs
RewriteCond %{HTTP_HOST} ^(www\.)?domain\.nl$ [NC]
RewriteCond %{HTTPS} off
RewriteRule ^bo- https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301,NC,NE]
# force HTTP for non bo- URIs
RewriteCond %{HTTP_HOST} ^www.domain\.nl$ [NC]
RewriteCond %{HTTPS} on
RewriteRule !^bo- http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301,NC,NE]

Related

.htcaccess file assistance needed for canonicalization

My website currently has two version to google, https://www.example.com and a https://example.com This is apparently not good for SEO as its leaking all my seo 'juice' away. I have already told google to use just the www version around 5 weeks ago but come results on google still show the non-www version. I was wondering if anyone could help with my .htaccess to get the redirect right to just www.
The htcaccess file is copied below:
RewriteEngine on
# Force SSL
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond $1 !^(blog)
RewriteCond %{HTTP_HOST} ^`.com$ [NC,OR]
RewriteCond %{HTTP_HOST} ^www.`.com$
RewriteCond %{REQUEST_URI} !public/
RewriteRule (.*) /public/$1 [L]
RewriteRule ^(.+)$ /index.php [L]
For a simple redirect you can use:
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule .* https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
If you want to also force HTTPS:
RewriteCond %{HTTPS} off
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Note: This block goes above the www. rewrite rules to make sure both rules take hold

www and non-www http requests to https://www with full path

I created redirect from non-www and www http request to https and www request that was quite easy. I used following rules in .htaccess
RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}%{REQUEST_URI}$1 [R=301,L]
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI}$1
But now the problem is when someone enters old non-secure url like domain and project-about.html at the end .htaccess redirect to https but adds request at the end again so the request after the domain look like:
/project-about.htmlproject-about.html
How can I fix it? Thanks
Change it to this:
RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^ https://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
Use this:
RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\. [NC,OR]
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://www.example.com%{REQUEST_URI} [R=301,L,NE]
This method removes the need for an extra RewriteRule also, helping to speed up your website.
Make sure you clear your cache before testing this.

Redirect all from http to https except contact page

How do I redirect all pages on a site from https to http except the /contact page which I always want to be redirected to the https domain?
I can redirect all from http to https as follows:
RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
However, I'm having trouble adding the exception for the contact page which I want to always redirect from http to https
update
I've added the rules as suggested but /contact is now redirecting to /index.php?q=contact.
I'm using ModX which has the rules:
# The Friendly URLs part
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?q=$1 [L,QSA]
Why is this conflicting with the new rule to redirect /contact (http) to /contact (https)?
Thanks :)
Use this:
RewriteEngine On
RewriteCond %{HTTPS} =off
RewriteCond %{REQUEST_URI} !^\/contact\/
RewriteRule (.*) https://%{HTTP_HOST}/$1 [L,R=301]
RewriteCond %{HTTPS} =on
RewriteCond %{REQUEST_URI} \/contact\/
RewriteRule (.*) http://%{HTTP_HOST}/$1 [L,R=301]
You can try this rules:
RewriteEngine On
RewriteBase /
RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} !^/contact$
RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
RewriteCond %{HTTPS} off
RewriteRule ^contact$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
You can test your .htaccess file using this online tool (note that it doesn't includes all Apache functionalities and the result might slightly differ from your production server but works well for simple rules).
Try this:-
RewriteEngine On
RewriteBase /
//Turn https on for /page/contact
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} ^/page/contact
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
//Turn https off everthing but /page/contact
RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} !^/page/contact
RewriteRule ^(.*)$ http://%{HTTP_HOST}/$1 [R=301,L]
The first rule set will make sure the page /page/contact will redirected back to https if they are accessed via http. The second rule set will redirect all page to http that are accessed by https except /page/contact.

Forcing https on the whole site but not on one folder

Could anyone tell me how I can force https on my whole website but not on a single folder or url.
At the moment I have this code:
RewriteEngine On
RewriteCond %{HTTP_HOST} ^thatmysite\.com [NC]
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://thatmysite.com/$1 [R,L]
But if I add this second code in the root htaccess to remove https from the /thatsite.com/printing folder, I get a redirect loop because I am forcing on the code http to https and not https to http...
RewriteCond %{HTTP:X-Forwarded-SSL} !on
RewriteCond %{REQUEST_URI} ^\/(printing)
RewriteRule (.*) https://%{HTTP_HOST}/$1 [L,R=301]
RewriteCond %{HTTP:X-Forwarded-SSL} =on
RewriteCond %{REQUEST_URI} !^\/(printing)
RewriteRule (.*) http://%{HTTP_HOST}/$1 [L,R=301]
Do you know a way around this please? I have been looking all over the internet and cannot find a single good answer.
Try these 2 rules at top of your .htaccess:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{THE_REQUEST} !/printing [NC]
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{HTTPS} on
RewriteCond %{THE_REQUEST} /printing [NC]
RewriteRule ^ http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
I solved this issue by placing this code in an .htaccess file the root folder of the directory that hosts the http site (e.g. public_html)
RewriteEngine on
RewriteCond %{REQUEST_URI} !^/TheFolderYouCanAccessWithoutHttp/
RewriteRule (.*) https://yourdomain.xyz/$1 [R=301,L]

apache rewrite all URLs to HTTPS except for one

I have a website that I'm directing all non SSL traffic to use the https protocol.
I've used
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
This works great, but I need the url
http://www.mywebsite.com/update-db.php
to not follow this rule.
How can I do this?
Here is an example where I need to redirect my downloads for IE8 because it has a bug when using SSL. Just take out the RewriteCond %{HTTP_USER_AGENT} ^(.)MSIE\ 8.(.)$ [NC] and replace viewpdf with your php file in your case.
RewriteEngine On
#Fix for IE8 SSL Bug downloading PDF
RewriteCond %{HTTPS} on
RewriteCond %{HTTP_USER_AGENT} ^(.*)MSIE\ 8\.(.*)$ [NC]
RewriteCond %{REQUEST_URI} ^/(viewpdf.*)$ [NC]
RewriteRule ^/?(viewpdf.*)$ http://%{HTTP_HOST}%{REQUEST_URI} [L,NC]
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} !^/(viewpdf.*)$ [NC]
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [L]
Simply just:
RewriteCond %{REQUEST_URI} !^/update-db.php$
RewriteCond %{HTTPS} off
RewriteRule ^(.*) https://%{HTTP_HOST}%{REQUEST_URI}