Differences & benefits between HTTPS .htaccess Redirects examples - .htaccess

In the past I've always used the following code to force redirect to https:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
I since renewed my hosting and ran into some issues with SSL.
I was advised to use the following:
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteCond %{HTTP_HOST} ^(www\.)?coolexample\.com
RewriteRule ^(.*)$ https://www.coolexample.com/$1 [R,L]
As per this guide.
What's the difference here, and are there any benefits to using a specific version?
I've checked similar questions, such as this, but doesn't help with these examples. Thank you.

Related

Forcing HTTPS on All Traffic and All Pages

I have a Codeigniter application which was developed and tested on the normal http. We recently moved to SSL certificate and all page the website doesn't redirect properly in .htaccess.it done only for front page http://grdagrd.com/. but it does not work for other pages: Sonbol Roud dam
How Forcing HTTPS on All Traffic and All Pages for base url https://grdagrd.com/?
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^([\s\S]*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Your thinking was correct to solve the problem, but regex was NOT correct. We need NOT to match everything here, since whole URL itself we need to change to https hence .* will work while rewriting rule. Could you please try following, if you have any other Rules too then keep these rules at very first/starting of .htaccess file. In case RewriteCond %{HTTPS} !on doesn't work then change it to RewriteCond %{HTTPS} off. Please make sure you clear your cache of your browser before you test URLs.
RewriteEngine ON
RewriteCond %{HTTPS} !on
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [NE,L]
With OP's shown .htaccess it could be as follows, its a simple copy/paste from OP's question + my rules combinations, since I am not sure what exactly OP is dealing with other rules(moreover that is outside of focus of the question too).
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{HTTPS} !on
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [NE,L]
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^([\s\S]*)$ /index.php [L,B,QSA]
</IfModule>
After installing an SSL certificate, your website is available over HTTP and HTTPS. However, it’s better to use only the latter because it encrypts and secures your website’s data.
you can see the full tutorial here
https://tutsfx.com/force-https-traffic-using-htaccess/
Forcing HTTPS on All Traffic
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
IMPORTANT: Make sure that the line RewriteEngine On is not repeated twice. In case the line already exists, simply copy the rest of the code without it.

Complete domain redirect (301) - All version to https://example.com

Looking to redirect an entire domain to its https://example.com version for any variants that are requested (http://, https://www., and www.) in the most SEO friendly way possible.
(I am aware that there are a lot of similar Q/A's, but they seem to be specific so I decided to start with a clean post).
I am currently using this:
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://example.com/$1 [R,L]
But I have been told that the redirect is not 301, and it also does not redirect the https://www. version.
Is there a simple way to do this all in one go?
Thank you in advance!
Take care
You can use a single rule in your site root .htaccess for this:
RewriteEngine On
# remove www and turn on https in same rule
RewriteCond %{HTTP_HOST} ^www\. [NC,OR]
RewriteCond %{HTTPS} !on
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]
RewriteRule ^ https://%1%{REQUEST_URI} [R=301,L,NE]
Use a new browser to test the change.

forcing HTTPS with .htaccess resulting in redirect loop

I'm trying to force all users coming to my page access it through https. I have googled a lot and found tons (mostly the same) .htaccess solutions but with all of them I get the "This webpage has a redirect loop Reload" in chrome and similar in firefox.
This is what I have currently in my .htaccess file.
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
link to site.
Can anyone advise what the issue might be because I have no idea.
Thanks
Try this rule:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{SERVER_PORT} =80
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=302,NE,L]
Just make sure this is very first rule in your .htaccess file.

Force all requests to use https:// and prepend www

I have spent countless hours trying to solve this problem and it's doing my head in. I'm sure that it is very simple but none of the answers I have found either on stackoverflow.com or other sites work for me.
I am using an SSL certificate that is only valid for www.example.com and for a myriad of silly corporate reasons I am stuck with only this certificate.
I would like to force all requests to use SSL and prepend www. to the domain. All of the following domains rewrite correctly:
example.com/
http://example.com/
http://www.example.com/
https://www.example.com/
The domain that is not rewritten and is the one problem I cannot find the answer to anywhere is
https://example.com
It simply spits out the usual "Certificate Is Not Valid" warning.
I have the following code in my .htaccess file:
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]
RewriteCond %{http_host} ^example.com [NC]
RewriteRule ^(.*)$ https://www.example.com/$1 [R=301,L]
I really hope that somebody has a solution for me because I cannot find the answer anywhere.
This should work:
RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [L,R=302]
RewriteCond %{HTTPS} =off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [NC,R=302,L]
It will check to see if it has www in the url, if it doesn't then it will add it. Then it will check and see if it is https and if it isn't then it will add it.

Mod Rewrite - multiple condition

I have a certain sub-domain which requires an SSL connection for all pages on that subdomain.
This is my current .htaccess script:
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R,L]
I have a single page on the subdomain which must not have SSL access (causes issues with accessing files on another server without a certificate).
My mod_rewrite knowledge is very limited. I've done a search but can't find what I need.
My question is, the page which must not have https is called 'tutorial.php'. Is there a way to redirect all pages except tutorial.php to https?
I guess in pseudo-code, the RewriteCond would be similar to:
RewriteCond %{SERVER_PORT} 80 AND {WEB_PAGE}!='tutorial.php'
Thanks
Try this:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} !/tutorial\.php
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R,L]
RewriteCond %{HTTPS} on
RewriteRule ^tutorial\.php$ http://%{HTTP_HOST}/tutorial.php [R,L]

Resources