I've got a client who recently changed their name. They had an SSL certificate for their site, and I was using mod_rewrite to ensure all requests to domain1.com and www.domain1.com went to https://domain1.com.
Now that they are domain2.com, I'd like everything to go to https://domain2.com. Not so easy, it turns out. I have everything working right except for requests to https://domain1.com. That doesn't get rewritten and it trips the domain mismatch error for the SSL cert.
Here's my rewrite rules:
RewriteEngine On
RewriteCond %{HTTP_HOST} !^domain2\.com$ [NC]
RewriteRule .? https://domain2.com%{REQUEST_URI} [R=301,L]
Any advice you could provide would be greatly appreciated!
Aaron.
You need a SSL certificate including domain1.com and domain2.com (costs more).
Related
My site has a certificate but it's not a wildcard certificate. So it's for example.com, not for *.example.com.
Not a problem I thought, I'll just redirect any visitor to the proper URL through mod_rewrite:
RewriteEngine On
RewriteBase /
# Following two lines to strip machine name
RewriteCond %{HTTP_HOST} !^example.com [NC]
RewriteRule ^(.*)$ https://example.com%{REQUEST_URI} [L,R=301]
# Following two lines make sure the https version is always served
RewriteCond %{HTTPS} off
RewriteRule (.*) https://example.com%{REQUEST_URI} [L,R=301]
Now, the redirect actually works. When someone types in https://www.example.com/page, he will eventually be redirected to https://example.com/page.
But...
The browser first displays a warning that https://www.example.com is insecure. Only when I add an exception, will it be redirected to https://example.com/page which does not give a certificate error...
What am I doing wrong here?
Nothing. SSL negotiation occurs at the transport (TCP) level, not HTTP (even when using SNI) but the point is that the certificate is not valid for the requested domain. When the connection is initiated to www. the browser will request the certificate and compare the url with the CN in the cert and since it isn't there, it'll raise the alert.
To resolve this issue you will need a certificate that includes both ServerName and ServerAlias names. You could maybe try some DNS provider that offers DNS HTTP redirection, but getting a certificate is quite easy this days.
I have tried a zillion variations of .htaccess rewrites and cannot get this to work.
I have a previous HTTPS old-domain.com that I need to forward to new-domain.io. Both are HTTPS but only the new domain has SSL certs on the server. This makes the browser trying to load old-domain.com just spin in the browser.
I already have a DNS forward that works fine ONLY with http, not https. I am thinking that I need to use something like %{HTTP:X-Forwarded-Proto} but not exactly sure how. Nothing has worked so far.
https://old-domain.com
AND https://www.old-domain.com
both need to redirect to https://new-domain.io (along with any URI like/something/this.html)
Something like this looks like it should work, but redirects infinitely.
RewriteEngine On
RewriteCond %{HTTP_HOST} ^old-domain\.com$ [OR]
RewriteCond %{HTTP_HOST} ^www\.old-domain\.com$
RewriteRule (.*)$ https://new-domain.io/$1 [R=301,L]
RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule (.*)$ https://new-domain.io/$1 [R=301,L]
SOLUTION --------
The new domain .htaccess file cannot fix a HTTPS redirected link by itself.
There are two ways to correctly fix it.
Remove DNS forwarding at the old domain DNS. Then make sure there are still valid SSL certs AND put a redirect on its .htaccess file to handle the redirects with something like this:
RewriteEngine On
RewriteCond %{HTTP_HOST} (w*)domain.com$ [NC]
RewriteRule ^ http://newdomain.com%{REQUEST_URI} [L,R=301]
Leave the DNS forwarding of the old domain and add a new multi-domain SSL cert at the new domain which includes BOTH domains. This is tricky because you will have to manually authenticate the old domain because the cert won't be living at the old domain host.
I choose and implemented #1 successfully.
I am trying to have all variations of my root domain 301 (properly) to the https:// version while using CloudFlare w/ Flexible SSL enabled and hosted on an Apache webserver.
My goal is for the following versions to always 301 to https:// domain.tld version ...
http:// domain.tld
http:// www.domain.tld
https:// www.domain.tld
Here is the current code I have...
Options +FollowSymLinks -MultiViews
RewriteEngine on
RewriteCond %{HTTP:CF-Visitor} '"scheme":"http"' [NC]
RewriteRule ^ https://domain.tld%{REQUEST_URI} [R=301,L]
Here is the documentation CloudFlare provides for those on "Flexible SSL"; can someone please assist me with this? It will be useful for almost every domain I have w/ CloudFlare enabled. Thanks!
Why aren't you just trying to use the Always Use Https:// option found in your CloudFlare PageRule settings?
I'm trying to do which might be not possible at all.
Let's say I own mydomain.com and have standard (no wildcard) RapidSSL certificate which works for www.mydomain.com and mydomain.com.
I'd like to redirect (.htaccess) subdomain.mydomain.com to mydomain.com/?param=subdomain.
I already managed to redirect it to subdomain.mydomain.com/?param=subdomain but the problem is that on every redirection I get browser warning concerning my certificate which doesn't cover any subdomain.
Is it possible to redirect it without the warning? I need subdomain only for pretty passing the parameter and I don't need it after redirection.
I think you want to capture the subdomain in the URL as shown in the 2nd RewriteCond and then use it as the parameter value:
<IfModule mod_rewrite.c>
Options +FollowSymLinks
Options +Indexes
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} !www.mydomain.com$ [NC]
RewriteCond %{HTTP_HOST} ^(www.)?([a-z0-9-]+).mydomain.com [NC]
RewriteRule (.*)?param=%2/$1 [L]
</IfModule>
This is a link to the above solution... http://www.mediacollege.com/internet/server/apache/mod-rewrite/subdomains.html
Hope this helps!
... (no wildcard) RapidSSL certificate which works for www.example.com and example.com .... like to redirect (.htaccess) subdomain.example.com to example.com/?param=subdomain
This is not possible, at least not without warnings about invalid certificates.
The redirection is done within HTTP. But with HTTPS the HTTP layer is embedded inside a SSL layer so that you first have to successfully establish the SSL connection before you can redirect. But to successfully establish the SSL connection you have to have a valid certificate for subdomain.example.com, which you don't have.
I am a little confused over the correct method to redirect/forward a domain alias (sub domain) to a directory on my website using apache.
I want the following domains http://helpdesk.xxxx.com and https://helpdesk.xxxx.com to redirect to https://www.xxxx.com/helpdesk.
I don't have a wildcard SSL cert so I am not sure if using rewrite would be the best method, I just want the server to forward any requests to those Alias on ports 443/80 to correct patch on the server.
Thanks
You can have this rule in root .htaccess:
RewriteEngine On
RewriteCond %{HTTP_HOST} ^(helpdesk)\.(.+)$ [NC]
RewriteRule ^ https://www.%2/%1%{REQUEST_URI} [L,R=301,NE]