Here is the rewrite rule I am using:
RewriteCond %{SERVER_PORT} ^443$
RewriteCond %{HTTP_HOST} !^(www.)secure.\ [NC]
RewriteRule (.*) https://secure.%{HTTP_HOST}%{REQUEST_URI} [R,L]
This rule is supposed to be applied if the port is 443 (SSL port) and if the requested domain does not start with secure or www.secure .
Instead, it redirects to secure.secure and then returns a 404 error. Alternatively, if I remove the secure from rewrite rule creating
RewriteCond %{SERVER_PORT} ^443$
RewriteCond %{HTTP_HOST} !^(www.)secure.\ [NC]
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
I get a too many redirects error.
I admit, I am not a mod_rewrite expert, but I consider myself able to function with referring to the documentation. On this however, I am stumped. Thanks!
The grouping (www.) is not conditional. This should be something like (www.)?.
http://httpd.apache.org/docs/current/rewrite/intro.html for more extensive documentation.
Related
I'm having trouble coming up with the proper syntax to accomplish both forcing the SSL and no WWW.
EDIT
I've been able to accomplish each task separately but when combining the two i find myself stuck in a redirection loop.
working syntax to force no WWW:
RewriteCond %{HTTP_HOST} !^domain\.com$
RewriteRule (.*) http://domain.com/$1 [R=301,L]
My attempt to force no WWW and SSL
RewriteCond %{SERVER_PORT} !^443$
RewriteCond %{HTTP_HOST} !^domain\.com$
RewriteRule (.*) https://domain.com/$1 [R=301,L]
Thanks for any suggestions!
For SSL you could use something like:
Redirect / https://domain.com/
Place this only in the section of your virtual host you configure for HTTP, not HTTPS, to not run clients into endless loops.
Here's what I'm using on one of my sites - it seems to work a little better than most of the other methods I've seen:
# The code below tells apache to always require secure (ssl/tls) connections
# to the website. If a client tries connecting over port 80 (http://),
# then the client will be redirected to https:// (over port 443).
RewriteCond %{REMOTE_ADDR} !127\.0\.0\.0
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://example.com/$1 [R,L]
For the no-www rule, check out the .htaccess files on any open-source CMS, like Drupal or Wordpress, to see some of the best practices.
By 'no WWW' I assume you mean you want to remove any 'WWW.' prefix of the hostname? Try this:
RewriteCond "%{HTTP_HOST}" "^(?:www\.)?(.*)" [NC]
RewriteCond "%{HTTPS}" "=on"
RewriteRule "(.*)" "https://%1$1" [R=301,L]
If you're doing this in a .htaccess file, change that last line to
RewriteRule "(.*)" "https://%1/$1" [R=301,L]
If you want to be able to remove the 'WWW.' prefix regardless of SSL-ness or not, try this:
RewriteCond "%{HTTP_HOST}" "^(?:www\.)?(.*)" [NC]
RewriteCond "%{HTTPS}" "=on"
RewriteRule "(.*)" "https://%1/$1" [R=301,L]
RewriteCond "%{HTTP_HOST}" "^(?:www\.)?(.*)" [NC]
RewriteRule "(.*)" "http://%1/$1" [R=301,L]
I found this to work for a couple of my client sites:
# Force SSL
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule (.*) https://%1%{REQUEST_URI} [L,R=301]
# Rewrite all http to https
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
I'm running a server with multiple vhosts and phpMyadmin is set up as an alias which can be access via anydomain.com/phpmyadmin. I would like to use an .htaccess redirect rule so that if phpmyadmin is NOT accessed on the server-admin-url, the visitor is redirected to, say, Google.
The correct URL would be: https://server.domain.com:9090/phpmyadmin
Could anyone help me, please?
Thanks!
The easiest way you can do this
RewriteEngine On
RewriteCond %{HTTP_HOST} !^server.domain.com$ [NC]
RewriteRule ^(.*)$ http://www.google.com/$1 [L,R]
Maybe you want also check the port, then use
RewriteCond %{SERVER_PORT} !^9090$ [OR]
RewriteCond %{HTTP_HOST} !^server.domain.com$ [NC]
RewriteRule ^(.*)$ http://www.google.com/$1 [L,R]
Update
Reading again your question I see you're also trying to switch from http to https.
I suggest to add a check if https is off:
RewriteCond %{HTTPS} !=on [OR]
RewriteCond %{HTTP_HOST} !^server.domain.com$ [NC]
RewriteRule ^(.*)$ http://www.google.com/$1 [L,R]
If your VirtualHost is configured with https you should pay particular attention to how VirtualHost matching works
Hello i try to redirect all my top level domains to another one and this is already working but i also want to force https. With the following code it is working fine for all top level domains such as '.de', '.net' and so on.
RewriteEngine On
RewriteCond %{HTTP_HOST} !^(www\.)?domain\.com$ [NC]
RewriteRule ^(.*) https://domain.com/$1 [R=301,NE,L]
My problem is i also want to force https for my main tld => '.com'
Well, and here we are:
RewriteEngine On
RewriteCond (http://) !^(www\.)?domain\.com$ [NC]
RewriteRule ^(.*) https://domain.com/$1 [R=301,NE,L]
For my bad, this is not working. I get an 'Too many redirects' error. My question is now is it the code/redirection or is there something else wrong maybe with the server configuration of my provider? I noticed the 'Too many redirects' error in any way i tried till now for redirect from 'http://' to 'https://' and i tried so many different ways... .
Try:
RewriteEngine On
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} !^(www\.)?domain\.com$ [NC]
RewriteRule ^(.*) https://domain.com/$1 [R=301,NE,L]
Adds an "or" condition so that it redirects if there's no HTTPS OR if the domain is different.
The (http://) isn't a variable, it's a literal "http://", which will obviously never match ^(www\.)?domain\.com$, which is why that condition is always true.
Since you're using cloudflare, which internally routes requests (that are not HTTPS), you can't use the %{HTTPS} variable, you need to look at the forwarding protocol:
RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-Proto} !https [OR]
RewriteCond %{HTTP_HOST} !^(www\.)?domain\.com$ [NC]
RewriteRule ^(.*) https://domain.com/$1 [R=301,NE,L]
I'm having trouble coming up with the proper syntax to accomplish both forcing the SSL and no WWW.
EDIT
I've been able to accomplish each task separately but when combining the two i find myself stuck in a redirection loop.
working syntax to force no WWW:
RewriteCond %{HTTP_HOST} !^domain\.com$
RewriteRule (.*) http://domain.com/$1 [R=301,L]
My attempt to force no WWW and SSL
RewriteCond %{SERVER_PORT} !^443$
RewriteCond %{HTTP_HOST} !^domain\.com$
RewriteRule (.*) https://domain.com/$1 [R=301,L]
Thanks for any suggestions!
For SSL you could use something like:
Redirect / https://domain.com/
Place this only in the section of your virtual host you configure for HTTP, not HTTPS, to not run clients into endless loops.
Here's what I'm using on one of my sites - it seems to work a little better than most of the other methods I've seen:
# The code below tells apache to always require secure (ssl/tls) connections
# to the website. If a client tries connecting over port 80 (http://),
# then the client will be redirected to https:// (over port 443).
RewriteCond %{REMOTE_ADDR} !127\.0\.0\.0
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://example.com/$1 [R,L]
For the no-www rule, check out the .htaccess files on any open-source CMS, like Drupal or Wordpress, to see some of the best practices.
By 'no WWW' I assume you mean you want to remove any 'WWW.' prefix of the hostname? Try this:
RewriteCond "%{HTTP_HOST}" "^(?:www\.)?(.*)" [NC]
RewriteCond "%{HTTPS}" "=on"
RewriteRule "(.*)" "https://%1$1" [R=301,L]
If you're doing this in a .htaccess file, change that last line to
RewriteRule "(.*)" "https://%1/$1" [R=301,L]
If you want to be able to remove the 'WWW.' prefix regardless of SSL-ness or not, try this:
RewriteCond "%{HTTP_HOST}" "^(?:www\.)?(.*)" [NC]
RewriteCond "%{HTTPS}" "=on"
RewriteRule "(.*)" "https://%1/$1" [R=301,L]
RewriteCond "%{HTTP_HOST}" "^(?:www\.)?(.*)" [NC]
RewriteRule "(.*)" "http://%1/$1" [R=301,L]
I found this to work for a couple of my client sites:
# Force SSL
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule (.*) https://%1%{REQUEST_URI} [L,R=301]
# Rewrite all http to https
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
I have a SSL certificate that is registered to my www domain, but all my urls point to my domain without www.
i tried this sentence:
RewriteRule ^[https://mydomain.org](.*)$ https://www.mydomain.org$1 [R=301,nc]
but for some unknown reason, it also redirects all the calls made to http://mydomain.org as well. i realy cant think of a reason for this
Try this rule:
RewriteCond %{HTTP_HOST} ^example\.com$ [NC]
RewriteRule ^ https://www.example.com%{REQUEST_URI} [R=301,L]
But the invalid certificate message won’t go away since the SSL connection is accomplished before HTTP is taking part (since HTTPS is HTTP over SSL/TSL).
Someone should correct me if i'm wrong but i don't think the RewriteRule directive has access to the protocol part of the requested uri. Try this instead:
RewriteCond %{HTTP_HOST} ^https://domain\.com$ [NC]
RewriteRule ^(.*)$ https://www.domain.com/$1 [R=301,L]
How about detecting the server port?
RewriteEngine On
RewriteCond %{SERVER_PORT} ^443$
RewriteRule ^(.*)$ https://www.domain.com/$1 [L,R]
so litterally, if you are connecting to https (since you are using port 443) the url will have WWW.