.htaccess rewriting for custom coded MVC platform - .htaccess

I am trying to write my own MVC platform in PHP for a school project and facing a problem with my .htaccess file. After following several tutorials and reading answers here on Stackoverflow I am still failing at getting it right. Briefly, I am rewriting requests to the root domain to index.php and then calling my router to get the controller and so on, everything is working fine except for one thing, sometimes and for no apparent reason I type a URL like mydomain.com/page and it changes to mydomain.com/index.php?/page
here is the code I have, a colleague has the same code and it is working!
any help will be appreciated. thanks
DirectoryIndex /index.php
RewriteEngine on
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?/$1 [L]
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ http://%1%{REQUEST_URI} [R=301,QSA,NC,L]
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
AddHandler application/x-httpd-php73 .php .php5 .php4 .php3
if i type the www. before the domain name it always goes to /index.php?/

It seems to me that the first RewriteRule gets applied which rewrites the ${REQUEST_URI} variable and then the second RewriteRule applies which performs a redirect on the already rewritten ${REQUEST_URI}. As RewriteCond only ever apply to one RewriteRule you can check the www. and http first:
DirectoryIndex /index.php
RewriteEngine on
RewriteBase /
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ http://%1%{REQUEST_URI} [R=301,QSA,NC,L]
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?/$1 [L]
AddHandler application/x-httpd-php73 .php .php5 .php4 .php3
This will redirect you first before actually rewriting the URL

Related

.htaccess redirecting to index.php

I am having an issue with my .htaccess file. I am using Slim framework and have a number of routes set up that are working fine.
But when you type the webaddress without www. it is redirected to index.php
Example:
https://www.example.com/Route --- Works
www.example.com/Route --- Works
https://example.com/Route redirects to https://www.example.com/index.php
example.com/Route redirects to https://www.example.com/index.php
.htaccress File:
<IfModule mod_rewrite.c>
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule (.*) https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</IfModule>
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^ index.php [QSA,L]
I am pretty sure it is an issue with the .htaccess file but just cant figure it out.
Any help would be great or pointers.

.htaccess force www and force https for certain path and Concrete5 pretty URLs

edit: This question is now moot as the whole site will be served using HTTPS
My .htaccess is causing a redirect loop.
I need all three sections to work, the purpose of each is in the comment.
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
# Force HTTPS for /book unless dev or already there
RewriteCond %{HTTP_HOST} !^dev\.
RewriteCond %{HTTPS} !^on$
RewriteRule ^book https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# Force www prefix unless dev or already there
RewriteCond %{HTTP_HOST} !^dev\.
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ %{REQUEST_PROTOCOL}://www.%{HTTP_HOST}/$1 [L,R=301]
# Concrete5 pretty URLs
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME}/index.html !-f
RewriteCond %{REQUEST_FILENAME}/index.php !-f
RewriteRule . index.php [L]
</IfModule>
I'm having to work on the live server because the certificate is only valid there (with www. required).
I've tried many variations of the above, but am stumped, so am hoping fresh eyes on this will help, many thanks in advance.
Your 2nd rule isn't looking right as REQUEST_PROTOCOL has value of HTTP/1.1.
You can use this code:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
# Force HTTPS for /book unless dev or already there
RewriteCond %{HTTP_HOST} !^dev\.
RewriteCond %{HTTPS} !^on$
RewriteRule ^book https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301,NE]
# Force www prefix unless dev or already there
RewriteCond %{HTTPS}s on(s)|
RewriteCond %{HTTP_HOST} !^(?:www|dev)\. [NC]
RewriteRule ^ http%1://www.%{HTTP_HOST}%{REQUEST_URI} [NE,L,R=301]
# Concrete5 pretty URLs
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME}/index.html !-f
RewriteCond %{REQUEST_FILENAME}/index.php !-f
RewriteRule . index.php [L]
</IfModule>

Excluding specific pages from HTTPS in mod_rewrite

I am trying to setup a codeigniter app to force HTTPS across all pages except one. However, I cannot get the rules to only redirect if the user is not on the page in question.
The page that should be excluded has the following URL's:
http://mydomain.com/kpi/reports/67
http://mydomain.com/kpi/reports/67/overview/2013-02-01/2013-02-28
http://mydomain.com/index.php?/kpi/reports/67
http://mydomain.com/index.php?/kpi/reports/67/overview/2013-02-01/2013-02-28
The number 67 and the dates can all change in the URL's above hence the user of regular expressions below.
I have tested the regular expressions and they seem to match the URL's fine. However, the htaccess just seems to redirect it to https:// anyway.
My .htaccess file is as follows...
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
#Disallow access to system dir
RewriteCond %{REQUEST_URI} ^system.*
RewriteRule ^(.*)$ /index.php?/$1 [L]
#Disallow access to application dir
RewriteCond %{REQUEST_URI} ^application.*
RewriteRule ^(.*)$ /index.php?/$1 [L]
#Force https when not on overview report
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} !^/index\.php\?/kpi/reports/?([0-9]+)$
RewriteCond %{REQUEST_URI} !^/index\.php\?/kpi/reports/?([0-9]+)/overview/?([0-9]+)-?([0-9]+)-?([0-9]+)/?([0-9]+)-?([0-9]+)-?([0-9]+)$
RewriteCond %{REQUEST_URI} !^/kpi/reports/?([0-9]+)$
RewriteCond %{REQUEST_URI} !^/kpi/reports/?([0-9]+)/overview/?([0-9]+)-?([0-9]+)-?([0-9]+)/?([0-9]+)-?([0-9]+)-?([0-9]+)$
RewriteRule ^(.*)$ https://%{SERVER_NAME}%{REQUEST_URI} [R=302,L]
#If not a valid file, redirect request through index.php
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?/$1 [L]
</IfModule>
Any help would be greatly appreciated!
Maybe this will do what you need:
#Force https when not on overview report
RewriteCond %{HTTPS} off
RewriteCond %{QUERY_STRING} !kpi/reports/[0-9]+/?$ [NC]
RewriteCond %{QUERY_STRING} !kpi/reports/[0-9]+/overview/[^/]+/[^/]+/? [NC]
RewriteCond %{REQUEST_URI} !kpi/reports/[0-9]+/?$ [NC]
RewriteCond %{REQUEST_URI} !kpi/reports/[0-9]+/overview/[^/]+/[^/]+/? [NC]
RewriteRule ^(.*)$ https://%{SERVER_NAME}%{REQUEST_URI} [R=302,L]
#If not a valid file, redirect request through index.php
Replace all lines between the comments.

.htaccess make friendly url

I have a problem with making friendly URL. I need to convert url from http://blabla.eu/stats_details?date=01-2012 to http://blabla.eu/stats_details/01-2012. Other Rewrite rules are working properly beside the last one. What is the problem?
Here is code of .htaccess:
AddDefaultCharset utf-8
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteRule ^admin/users/$ /admin/users/view.php [L]
RewriteRule ^admin/loans/$ /admin/loans/view.php [L]
RewriteRule ^stats_details/(.*)$ stats_details.php?date=$1 [L,QSA]
</IfModule>
I think this must to work, try to paste
RewriteEngine On
RewriteBase /
# Removes index.php from ExpressionEngine URLs
RewriteCond %{THE_REQUEST} ^GET.*index\.php [NC]
RewriteCond %{REQUEST_URI} !/system/.* [NC]
RewriteRule (.*?)index\.php/*(.*) /$1$2 [R=301,NE,L]
# Directs all EE web requests through the site index file
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ /index.php/$1 [L]

Remove www site-wide, force https on certain directories and http on the rest?

Firstly, I would like to remove the www. from my domain name
http://www.example.com => http://example.com
I would also like for certain directories to be secure (https), while the rest remain http
http://example.com/login => https://example.com/login
Obviously it needs to work for all conditions, for example if someone types in:
http://www.example.com/login => https://example.com/login
Also when people navigate away from the login page it returns to http. Currently in the .htaccess is the following which is done automatically by the software I am using and I suppose needs to be there for it to work:
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule .* ./index.php
Any ideas on how I can achieve dream control all these things?
Thanks in advance!
===================
#Gumbo Following your advice this is my complete .htaccess
RewriteEngine On
# remove www from host
RewriteCond %{HTTP_HOST} ^www\.(.+)
RewriteCond %{HTTPS}s/%1 ^(on(s)|offs)/(.+)
RewriteRule ^ http%2://%3%{REQUEST_URI} [L,R=301]
# force HTTPS
RewriteCond %{HTTPS} =off
RewriteRule ^(login)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# force HTTP
RewriteCond %{HTTPS} =on
RewriteRule !^(login)$ http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule .* ./index.php
Options -Indexes
Navigating to http://example/login still goes to http://example/index.php when it should go to https://example/login Do I have the order wrong?
Try these rules:
# remove www from host
RewriteCond %{HTTP_HOST} ^www\.(.+)
RewriteCond %{HTTPS}s/%1 ^(on(s)|offs)/(.+)
RewriteRule ^ http%2://%3%{REQUEST_URI} [L,R=301]
# force HTTPS
RewriteCond %{HTTPS} =off
RewriteRule ^(login|foo|bar|…)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# force HTTP
RewriteCond %{HTTPS} =on
RewriteRule !^(login|foo|bar|…)$ http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
You also might want to add some additional conditions to only change the protocol on GET and HEAD requests but not on POST requests.
This code works for me:
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ https://%1/$1 [R=301,L]
RewriteCond %{HTTPS} !=on
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
</IfModule>
remove www (tested):
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{HTTP_HOST} ^www\.yoursite\.com$ [NC]
RewriteRule ^(.*)$ http://yoursite.com/$1 [L,R=301]
redirect (not tested):
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{THE_REQUEST} \/login/?.*\ HTTP [NC]
RewriteRule ^(.*)$ https://yoursite.com/login [L,R=301]
After reading this all post time line i have get success for following error: My website(c4dprime.com) was attached https: in mozilla firefox browser. Google and internet explore are show domain address as http: (The real problem in firefox) I did not want https: for my domain in any browser because one unknow redirect attached with my domain by https: (Cause for this error)after Installing following plugins in wordpress,(Easy redirect for ssl).... I have told to every one do not use any low level plugins for wordpress.
Anyway! After reading many articles and tutorials at this topic via google search engine. Now i am happy to say i have solve this problem from this post tips. Remember one thing about me i am new to in this form and wordpress.
This tip is help full for me
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{HTTP_HOST} ^www\.yoursite\.com$ [NC]
RewriteRule ^(.*)$ http://yoursite.com/$1 [L,R=301]
After edit or some changes in my .htaccess file following code i have use now with solved this error.
AddHandler c4d-prime .com
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} on
RewriteBase /
RewriteRule ^$ http://www.c4dprime.com/ [R=301,L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress

Resources