I am trying to write a mod_rewrite rule for my apache server. My requirement is that I have three web applications on a server, out of which all request to HTTP scheme should be redirected to HTTPS.
Here's what I have written :
RewriteEngine On
RewriteCond $1 ^abc$ [NC]
RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI} [L,R]
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R]
This doesn't seems to be working fine. I am trying to run application with abc context root to run on HTTP and all other requests to be redirected to HTTPS URL.
Can anyone tell me what am I doing wrong.
I see a couple of problems with your first rule:
The rule probably isn't matching, because the REQUEST_URI is /abc, not abc.
If the rule were matching, you'd have an infinite redirect loop, leading to a 500 Internal Server Error to the client, and a "Redirect limit exceeded" error in your logs. The problem is that the rule target is identical to the original request, so it will enter a redirect loop.
I suggest getting rid of the first rule, and adding the /abc exclusion to the second rule:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} !^/abc$ [NC]
RewriteRule $ https://%{HTTP_HOST}%{REQUEST_URI} [L,R]
If you also want to force /abc to be on HTTP and not HTTPS, then you could add a second rule:
RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} ^/abc$ [NC]
RewriteRule $ http://%{HTTP_HOST}%{REQUEST_URI} [L,R]
Related
I have tried using some rewrite to change my /welcome.php page to http. it is located in the root directory, but what I have done has seemingly forced all pages on my site to http instead of just the one. Here is what I have tried:
RewriteEngine On
#Force remove WWW
RewriteCond %{HTTP_HOST} ^www.w5unt.ga
RewriteRule (.*) http://w5unt.ga/$1 [R=301,L]
#Redirect HTTPS to HTTP
RewriteCond %{HTTP:X-Forwarded-Proto} =https
RewriteRule ^(.*)$ http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
As you can see I am also force removing WWW from all urls at the same time I am trying to force my one page (welcome.php) to be http. I believe the error is in this bit of code
RewriteRule ^(.*)$ http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
However I am not sure how to syntactically correct my issue, any advice?
Try with below I've edited the part of your rule and made a check to exclude welcome.php.
RewriteEngine On
#Force remove WWW
RewriteCond %{HTTP_HOST} ^www.w5unt.ga
RewriteCond %{REQUEST_URI} !^/welcome.php
RewriteRule (.*) https://w5unt.ga/$1 [R=301,L]
I have a domain https://www.demo.com . The problem is that when I put demo.com in my browser, there are 2 redirects occurring in the browser:
http://demo.com > https://demo.com > https://www.demo.com
Screenshot: https://www.screencast.com/t/xcK1labt3
As you can see, the server actually returns 2 redirects, which slows the loading.
Does anyone know a way to put both the HTTP and non-www conversions in one request? So if I put demo.com, then the server just returns https://www.demo.com
Here's my current htaccess:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} ^demo.com [NC]
RewriteRule ^(.*)$ https://www.demo.com/$1 [L,R=301]
Try appending [OR] to your first RewriteCond:
RewriteCond %{HTTPS} off [OR]
It should help evaluating both conditions, so your RewriteRule can take place, even if only first RewriteCond is false. Not providing the [OR] flag makes it a [AND] by default.
I'm having some trouble getting multiple redirect rules working in an .htaccess file without it causing a redirect chain:
First I want to force HTTPS
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301]
Then I want to ensure a trailing slash is applied
RewriteCond %{REQUEST_URI} !(/$|\.)
RewriteRule (.*) %{REQUEST_URI}/ [R=301]
However, I want to do these both as ONE redirect. So if a request comes in with:
http://example.com/page
in ONE 301 redirect it should give
https://example.com/page/
I'm using httpstatus.io to test the redirect chains. Many thanks
Try with below,
RewriteCond %{HTTPS} !=on
RewriteCond %{REQUEST_URI} !(/$|\.)
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI}/ [R=301]
I need to redirect everything to my domain to use https://www and below is the .htaccess I am currently using:
RewriteCond %{HTTPS} off
# First rewrite to HTTPS:
# Don't put www. here. If it is already there it will be included, if not
# the subsequent rule will catch it.
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# Now, rewrite any request to the wrong domain to use www.
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
It is working but it makes 2 redirects to the browser one if missing the www and the second if missing the secure which is slow of course and may be bad.
What I want or my question is can this be reduced to single redirect rule to make it add both the www and the https in one rule.
This online test tool shows 2 redirects https://varvy.com/tools/ :
Final status code: 200
2 Redirect(s)
http://domain.com
301 redirect
https://domain.com/
https://domain.com/
301 redirect
https://www.domain.com/
Any good optimizations to this code.
You can use:
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^ https://www.%{HTTP_HOST}%{REQUEST_URI} [NE,L,R=301]
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [NE,L,R=301]
2 rules but never more than one redirection
You can use just 1 single rule
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]
non-www to www redirect is not needed here because you want to redirect both versions to https://www .
Clear your browser's cache before testing this.
I'm using .htaccess to make a couple pages on my site secure -- /renew and /renew-result. I have a script that takes the user's inputs from /renew, sends them offsite to complete something, and then they should be returned to /renew-result. This works without the https rewrite rule, but when I try to implement the rule (see below), instead of returning to /renew-result, the user is redirected to /renew.
Here's the relevant part of my .htaccess file:
RewriteCond %{SERVER_PORT} ^80$
RewriteRule ^renew https://www.mydomain.com/renew [R,L]
RewriteCond %{SERVER_PORT} ^80$
RewriteRule ^renew\-result https://www.mydomain.com/renew-result [R,L]
Thanks in advance for any assistance.
The problem is that /renew-results matches the URL starting with /renew (this is your first rule). There are few ways to bypass this 'problem'..
First (the longest URL to match goes first):
RewriteCond %{HTTPS} off
RewriteRule ^renew-result https://www.mydomain.com/renew-result [R,L]
RewriteCond %{HTTPS} off
RewriteRule ^renew https://www.mydomain.com/renew [R,L]
Second (limit URL to exact match with $ at the end)
RewriteCond %{HTTPS} off
RewriteRule ^renew$ https://www.mydomain.com/renew [R,L]
RewriteCond %{HTTPS} off
RewriteRule ^renew-result$ https://www.mydomain.com/renew-result [R,L]
Third, combination of both cases in one rule. ^renew(-result)?$ matches only /renew or /renew-result capturing -result if it exists in request. While https://www.mydomain.com/renew$1 redirects to https version of /renew or /renew-result if capture presents.
RewriteCond %{HTTPS} off
RewriteRule ^renew(-result)?$ https://www.mydomain.com/renew$1 [R,L]
With out testing, this is something similar to what I have.
RewriteCond %{SERVER_PORT} 80
RewriteRule ^renew https://www.domain.com/renew [L,R=301]