Forcing HTTPS on All Traffic and All Pages - .htaccess

I have a Codeigniter application which was developed and tested on the normal http. We recently moved to SSL certificate and all page the website doesn't redirect properly in .htaccess.it done only for front page http://grdagrd.com/. but it does not work for other pages: Sonbol Roud dam
How Forcing HTTPS on All Traffic and All Pages for base url https://grdagrd.com/?
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^([\s\S]*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Your thinking was correct to solve the problem, but regex was NOT correct. We need NOT to match everything here, since whole URL itself we need to change to https hence .* will work while rewriting rule. Could you please try following, if you have any other Rules too then keep these rules at very first/starting of .htaccess file. In case RewriteCond %{HTTPS} !on doesn't work then change it to RewriteCond %{HTTPS} off. Please make sure you clear your cache of your browser before you test URLs.
RewriteEngine ON
RewriteCond %{HTTPS} !on
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [NE,L]
With OP's shown .htaccess it could be as follows, its a simple copy/paste from OP's question + my rules combinations, since I am not sure what exactly OP is dealing with other rules(moreover that is outside of focus of the question too).
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{HTTPS} !on
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [NE,L]
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^([\s\S]*)$ /index.php [L,B,QSA]
</IfModule>

After installing an SSL certificate, your website is available over HTTP and HTTPS. However, it’s better to use only the latter because it encrypts and secures your website’s data.
you can see the full tutorial here
https://tutsfx.com/force-https-traffic-using-htaccess/
Forcing HTTPS on All Traffic
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
IMPORTANT: Make sure that the line RewriteEngine On is not repeated twice. In case the line already exists, simply copy the rest of the code without it.

Related

How can I create an exception in .htaccess?

I try to solve folling problem with .htaccess.
I use it to rewrite everything to "https://" and put "www" in front of every url.
Now I want to use a SSL-certificate. To validate it, I put a html-file in a certain folder. I do not want this to be redirected to "www.". How can I create an exception only for this one file?
Thank you very much for helping me with this maybe kind of stupid question.
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule .* https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</IfModule>
You did not provide an example of URL that should not be redirected to https. But here is an example. This is a simplified version of your .htaccess file.
I have combined the https and www redirect in one directive.
Assume your domain name is example.com.
There is a negative condition (note the exclamation mark). If the request URI does not begin with index.html then the rule fails and is not enforced.
So http://example.com/index.html will not be converted to https, but there is one important caveat: in this case the www. will not be added either. I understand this what you want, then we can have a simplified set or rules.
RewriteEngine On
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteCond %{REQUEST_URI} !^/index.html
RewriteRule (.*) https://www.example.com/$1 [L,R=301]

why is htaccess file causing too many redirects when trying to redirect to https

I am trying to update my htaccess file to redirect from http to https but I am getting too many redirects. I have never used this type of file before so not sure if doing something very obviously wrong
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule .* https://www.xxxx.org.uk%{REQUEST_URI} [L,R=301]
I have had a solution which works for those that face a similar problem in the future.
RewriteEngine On
RewriteCond %{ENV:HTTPS} !=on
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]

Force www. in URL name through .htaccess

I know that there are a bunch of answers for this question already on this forum and over the internet. But everything I tried is not working for me and I have no clue why. So that's why I'm asking this question.
I'm running a website with ExpressionEngine CMS. To remove index.php from the URL there is a small .htaccess rule which mentioned below and working fine.
RewriteCond $1 !\.(gif|jpe?g|png)$ [NC]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ /index.php/$1 [L]
Everything running fine with this code in the htaccess file. But now I want to force www. in the URL because some AJAX scripts are not working when the URL is without www.. So I found some threads on this forum:
.htaccess - how to force "www." in a generic way?
https://expressionengine.stackexchange.com/questions/9853/site-doesnt-work-with-www-at-the-start-of-the-address/9864#9864
https in htaccess and order of rules (using Expression Engine)
The last has the most clear solution in my opinion so I added this to my .htaccess file.
# Add www.
RewriteCond %{HTTP_HOST} !^www\.(.*)$ [NC]
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]
My .htaccess file now looks like this:
RewriteEngine on
# Add www.
RewriteCond %{HTTP_HOST} !^www\.(.*)$ [NC]
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]
# remove index.php
RewriteCond $1 !\.(gif|jpe?g|png)$ [NC]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ /index.php/$1 [L]
This however give's me a ERR_TOO_MANY_REDIRECTS error.
I tried all other kind of methods but I keep getting this error and I don't know why. Everything I try to force www. through htaccess doesn't work or gives me this error.
What is going on? Is it possible that DNS settings have to do something with this?
You need to change it on Plesk control panel, you access the domain in question and change the non-www to www or set it to none.
The option you look for is located at subscription > Web Hosting Settings > Preferred Domain.
In case you set it to none then you can use the .htaccess rule.

Redirect entire site to https

I want to redirect my entire site, including all subdomains to https.
Will this work?
RewriteEngine on
RewriteCond %{HTTPS} !=on
RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]
While your code may work alright but I would recommend using %{HTTP_HOST} instead of %{SERVER_NAME}. Please understand the difference between 2 variables. %{SERVER_NAME} is the name of the server as configured in your Apache config but later one is the domain name received in real time in HTTP request. So instead of your code use this:
Options +FollowSymLinks -MultiViews
# Turn mod_rewrite on
RewriteEngine On
RewriteBase /
RewriteCond %{HTTPS} Off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
In order to exclude above rule for a particular sub-domain use something like this code:
RewriteCond %{HTTP_HOST} !^sub\.domain\.com$ [NC]
RewriteCond %{HTTPS} Off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
Yes, that will work.
The important thing is to make sure that rule is before any routing rules you may have and that no other rules redirect to http://.

.htaccess mod_rewrite redirection between domains

I have two domains, cshen.ca and cshen.net, both point to the same place.
I'm trying to accomplish the following with mod_rewrite:
cshen.net is 301 redirected to cshen.ca
www.cshen.net or www.cshen.ca are both redirected to cshen.ca
the path after the domain is preserved after being redirected, for example www.cshen.net/foo/bar/ would be redirected to cshen.ca/foo/bar/
I've tried a variety of rules, but can't seem to get it to work.
RewriteCond %{HTTP_HOST} ^cshen\.net$ [NC,OR]
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule ^(.*)$ http://cshen.ca/$1 [R=301,L]
This accomplishes the first two rules, but redirects everything back to the home page, and does not preserve the rest of the URL.
RewriteCond %{HTTP_HOST} ^cshen\.net$ [NC,OR]
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule ^/(.*)$ http://cshen.ca/$1 [R=301,L]
Making a small change and adding a slash '/' to the RewriteRule preserves the rest of the URL, but only www.cshen.ca is being redirected. Neither cshen.net nor www.cshen.net are being redirected anywhere.
I've also tried Apache's guide and used this code:
RewriteCond %{HTTP_HOST} !^cshen\.ca [NC]
RewriteCond %{HTTP_HOST} !^$
RewriteRule ^/(.*) http://cshen.ca/$1 [L,R]
I thought this would work, since it should redirect any url that isn't cshen.ca, however, like the second piece of code, it does nothing to cshen.net or www.cshen.net.
I've just about ran out of ideas of other things to try. I would appreciate it if someone could help out!
Addendum: in case it matters, I'm using WordPress's pretty URLs, and the rewrite rules for that are:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
I've tried putting my rules before and after the WordPress rules (when I put it before I'd of course add RewriteEngine On before my rules), doesn't make any difference.
Thanks!
don't know how to edit, solved by placing the code from apache before WP's
must have forgotten to test this earlier.

Resources