Develop Reference

Getting 500 Internal Server Error instead of 404 Not Found Error

So when I was testing my website which is hosted on Bluehost, I wanted to test out my 404.html which was going well. However, I then noticed that I keep getting the default 500 internal server error from Bluehost when I typed something like this, https://www.example.com/folder/webpage/awdawdasd (basically putting a slash after the webpage name and typing random things). In my htaccess, I made it so that it allows users to visit the website without the .html at the back, i.e. hides the extension in the URL. How can I fix it so that when the user type random things after the html page like shown in the example?
Note that I am using Bluehost's file manager only, i.e. hosting my own html pages on Bluehost that I have coded as part of my assignment, I am not using Wordpress or anything.
Here is my htaccess code,
# php -- BEGIN cPanel-generated handler, do not edit
# Set the “ea-php74” package as the default “PHP” programming language.
<IfModule mime_module>
AddHandler application/x-httpd-ea-php74 .php .php7 .phtml
# Prevent user from going to the website's index
Options -Indexes
</IfModule>
## EXPIRES HEADER CACHING ##
<IfModule mod_expires.c>
ExpiresActive On
# Images
ExpiresByType image/jpeg "access plus 1 year"
ExpiresByType image/gif "access plus 1 year"
ExpiresByType image/png "access plus 1 year"
ExpiresByType image/webp "access plus 1 year"
ExpiresByType image/svg+xml "access plus 1 year"
ExpiresByType image/x-icon "access plus 1 year"
# Video
ExpiresByType video/webm "access plus 1 year"
ExpiresByType video/mp4 "access plus 1 year"
ExpiresByType video/mpeg "access plus 1 year"
# Fonts
ExpiresByType font/ttf "access plus 1 year"
ExpiresByType font/otf "access plus 1 year"
ExpiresByType font/woff "access plus 1 year"
ExpiresByType font/woff2 "access plus 1 year"
ExpiresByType application/font-woff "access plus 1 year"
# CSS, JavaScript
ExpiresByType text/css "access plus 1 month"
ExpiresByType text/javascript "access plus 1 month"
ExpiresByType application/javascript "access plus 1 month"
# Others
ExpiresByType application/pdf "access plus 1 month"
ExpiresByType image/vnd.microsoft.icon "access plus 1 year"
</IfModule>
## REWRITE RULES
<IfModule mod_rewrite.c>
RewriteEngine On
# Redirects user from http to https
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]
# Allow browsers to access webpages without .html at the end
RewriteCond %{THE_REQUEST} /([^.]+)\.html [NC]
RewriteRule ^ /%1 [NC,L,R]
# Redirect user to webpage url without .html if they typed .html in the url
RewriteCond %{REQUEST_FILENAME}.html -f
RewriteRule ^ %{REQUEST_URI}.html [NC,L]
# Removes .php extension
RewriteCond %{THE_REQUEST} /([^.]+)\.php [NC]
RewriteRule ^ /%1 [NC,L,R]
# Redirect user to webpage url without .php if they typed .php in the url
RewriteCond %{REQUEST_FILENAME}.php -f
RewriteRule ^ %{REQUEST_URI}.php [NC,L]
# Redirect users to the error webpages if user receives a 404 error, etc.
ErrorDocument 401 /errorpages/401
ErrorDocument 403 /errorpages/403
ErrorDocument 404 /errorpages/404
ErrorDocument 500 /errorpages/500
ErrorDocument 502 /errorpages/502
ErrorDocument 503 /errorpages/503
# End of Apache Rewrite Rules
</IfModule>
# php -- END cPanel-generated handler, do not edit
Bluehost 500 Internal Server Error Message Image
Edit: I have contacted Bluehost and was able to deduce that it was not from their side but the problem lies in the code above. I have also edited the apache rewrite code to redirect users if they type in .html at the back.
Update: Managed to find the error logs and it says
/home2/otakuabr/public_html/.htaccess: RewriteRule: bad flag delimiters

how to remove www from domain name and enforce https?

I wan to achieve two things
remove www from domain name
enforce https
i.e.
http:// www.example.org should be redirect to https://example.org
https:// www.example.org should be redirect to https://example.org
UPDATE:
I am currently using following .htaccess rule
<IfModule mod_rewrite.c>
RewriteCond %{HTTPS} !=on
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule ^ https://%1%{REQUEST_URI} [R=301,L]
</IfModule>
This rule does remove the www from url if present, I redirects the user to https. This happens only when I have www in url. If I access my site with http://exampl.org it doesn't redirect it to https. How can I achieve both?
1) remove www from url
2) enforece https
Here is my htaccess file, I have been trying the mentioned answers but doesn't seems to be working
# ----------------------------------------------------------------------
# Better website experience for IE users
# ----------------------------------------------------------------------
# Force the latest IE version, in various cases when it may fall back to IE7 mode
# github.com/rails/rails/commit/123eb25#commitcomment-118920
# Use ChromeFrame if it's installed for a better experience for the poor IE folk
<IfModule mod_headers.c>
Header set X-UA-Compatible "IE=Edge,chrome=1"
# mod_headers can't match by content-type, but we don't want to send this header on *everything*...
<FilesMatch "\.(js|css|gif|png|jpe?g|pdf|xml|oga|ogg|m4a|ogv|mp4|m4v|webm|svg|svgz|eot|ttf|otf|woff|ico|webp|appcache|manifest|htc|crx|oex|xpi|safariextz|vcf)$" >
Header unset X-UA-Compatible
</FilesMatch>
</IfModule>
# ----------------------------------------------------------------------
# CORS-enabled images (#crossorigin)
# ----------------------------------------------------------------------
# Send CORS headers if browsers request them; enabled by default for images.
# developer.mozilla.org/en/CORS_Enabled_Image
# blog.chromium.org/2011/07/using-cross-domain-images-in-webgl-and.html
# hacks.mozilla.org/2011/11/using-cors-to-load-webgl-textures-from-cross-domain-images/
# wiki.mozilla.org/Security/Reviews/crossoriginAttribute
<IfModule mod_setenvif.c>
<IfModule mod_headers.c>
# mod_headers, y u no match by Content-Type?!
<FilesMatch "\.(gif|png|jpe?g|svg|svgz|ico|webp)$">
SetEnvIf Origin ":" IS_CORS
Header set Access-Control-Allow-Origin "*" env=IS_CORS
</FilesMatch>
</IfModule>
</IfModule>
# ----------------------------------------------------------------------
# Webfont access
# ----------------------------------------------------------------------
# Allow access from all domains for webfonts.
# Alternatively you could only whitelist your
# subdomains like "subdomain.example.com".
<IfModule mod_headers.c>
<FilesMatch "\.(ttf|ttc|otf|eot|woff|font.css)$">
Header set Access-Control-Allow-Origin "*"
</FilesMatch>
</IfModule>
# ----------------------------------------------------------------------
# Proper MIME type for all files
# ----------------------------------------------------------------------
# JavaScript
# Normalize to standard type (it's sniffed in IE anyways)
# tools.ietf.org/html/rfc4329#section-7.2
AddType application/javascript js jsonp
AddType application/json json
# Audio
AddType audio/ogg oga ogg
AddType audio/mp4 m4a f4a f4b
# Video
AddType video/ogg ogv
AddType video/mp4 mp4 m4v f4v f4p
AddType video/webm webm
AddType video/x-flv flv
# SVG
# Required for svg webfonts on iPad
# twitter.com/FontSquirrel/status/14855840545
AddType image/svg+xml svg svgz
AddEncoding gzip svgz
# Webfonts
AddType application/vnd.ms-fontobject eot
AddType application/x-font-ttf ttf ttc
AddType font/opentype otf
AddType application/x-font-woff woff
# Assorted types
AddType image/x-icon ico
AddType image/webp webp
AddType text/cache-manifest appcache manifest
AddType text/x-component htc
AddType application/xml rss atom xml rdf
AddType application/x-chrome-extension crx
AddType application/x-opera-extension oex
AddType application/x-xpinstall xpi
AddType application/octet-stream safariextz
AddType application/x-web-app-manifest+json webapp
AddType text/x-vcard vcf
AddType application/x-shockwave-flash swf
AddType text/vtt vtt
# ----------------------------------------------------------------------
# Gzip compression
# ----------------------------------------------------------------------
<IfModule mod_deflate.c>
# Force deflate for mangled headers developer.yahoo.com/blogs/ydn/posts/2010/12/pushing-beyond-gzipping/
<IfModule mod_setenvif.c>
<IfModule mod_headers.c>
SetEnvIfNoCase ^(Accept-EncodXng|X-cept-Encoding|X{15}|~{15}|-{15})$ ^((gzip|deflate)\s*,?\s*)+|[X~-]{4,13}$ HAVE_Accept-Encoding
RequestHeader append Accept-Encoding "gzip,deflate" env=HAVE_Accept-Encoding
</IfModule>
</IfModule>
# Compress all output labeled with one of the following MIME-types
<IfModule mod_filter.c>
AddOutputFilterByType DEFLATE application/atom+xml \
application/javascript \
application/json \
application/rss+xml \
application/vnd.ms-fontobject \
application/x-font-ttf \
application/xhtml+xml \
application/xml \
font/opentype \
image/svg+xml \
image/x-icon \
text/css \
text/html \
text/plain \
text/x-component \
text/xml
</IfModule>
</IfModule>
# ----------------------------------------------------------------------
# Expires headers (for better cache control)
# ----------------------------------------------------------------------
# These are pretty far-future expires headers.
# They assume you control versioning with filename-based cache busting
# Additionally, consider that outdated proxies may miscache
# www.stevesouders.com/blog/2008/08/23/revving-filenames-dont-use-querystring/
# If you don't use filenames to version, lower the CSS and JS to something like
# "access plus 1 week".
<IfModule mod_expires.c>
ExpiresActive on
# Perhaps better to whitelist expires rules? Perhaps.
ExpiresDefault "access plus 1 month"
# cache.appcache needs re-requests in FF 3.6 (thanks Remy ~Introducing HTML5)
ExpiresByType text/cache-manifest "access plus 0 seconds"
# Your document html
ExpiresByType text/html "access plus 0 seconds"
# Data
ExpiresByType text/xml "access plus 0 seconds"
ExpiresByType application/xml "access plus 0 seconds"
ExpiresByType application/json "access plus 0 seconds"
# Feed
ExpiresByType application/rss+xml "access plus 1 hour"
ExpiresByType application/atom+xml "access plus 1 hour"
# Favicon (cannot be renamed)
ExpiresByType image/x-icon "access plus 1 week"
# Media: images, video, audio
ExpiresByType image/gif "access plus 1 month"
ExpiresByType image/png "access plus 1 month"
ExpiresByType image/jpeg "access plus 1 month"
ExpiresByType video/ogg "access plus 1 month"
ExpiresByType audio/ogg "access plus 1 month"
ExpiresByType video/mp4 "access plus 1 month"
ExpiresByType video/webm "access plus 1 month"
# HTC files (css3pie)
ExpiresByType text/x-component "access plus 1 month"
# Webfonts
ExpiresByType application/x-font-ttf "access plus 1 month"
ExpiresByType font/opentype "access plus 1 month"
ExpiresByType application/x-font-woff "access plus 1 month"
ExpiresByType image/svg+xml "access plus 1 month"
ExpiresByType application/vnd.ms-fontobject "access plus 1 month"
# CSS and JavaScript
ExpiresByType text/css "access plus 1 year"
ExpiresByType application/javascript "access plus 1 year"
</IfModule>
# ----------------------------------------------------------------------
# ETag removal
# ----------------------------------------------------------------------
# FileETag None is not enough for every server.
<IfModule mod_headers.c>
Header unset ETag
</IfModule>
# Since we're sending far-future expires, we don't need ETags for
# static content.
# developer.yahoo.com/performance/rules.html#etags
FileETag None
# ----------------------------------------------------------------------
# Start rewrite engine
# ----------------------------------------------------------------------
# Turning on the rewrite engine is necessary for the following rules and
# features. FollowSymLinks must be enabled for this to work.
# Some cloud hosting services require RewriteBase to be set: goo.gl/HOcPN
# If using the h5bp in a subdirectory, use `RewriteBase /foo` instead where
# 'foo' is your directory.
# If your web host doesn't allow the FollowSymlinks option, you may need to
# comment it out and use `Options +SymLinksIfOwnerMatch`, but be aware of the
# performance impact: goo.gl/Mluzd
<IfModule mod_rewrite.c>
Options +FollowSymlinks
# Options +SymLinksIfOwnerMatch
RewriteEngine On
# RewriteBase /
</IfModule>
# ----------------------------------------------------------------------
# Suppress or force the "www." at the beginning of URLs
# ----------------------------------------------------------------------
# The same content should never be available under two different URLs -
# especially not with and without "www." at the beginning, since this can cause
# SEO problems (duplicate content). That's why you should choose one of the
# alternatives and redirect the other one.
# By default option 1 (no "www.") is activated.
# no-www.org/faq.php?q=class_b
# If you'd prefer to use option 2, just comment out all option 1 lines
# and uncomment option 2.
# IMPORTANT: NEVER USE BOTH RULES AT THE SAME TIME!
# ----------------------------------------------------------------------
# Option 1:
# Rewrite "www.example.com -> example.com".
#<IfModule mod_rewrite.c>
# RewriteCond %{HTTPS} !=on
# RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
# RewriteRule ^ http://%1%{REQUEST_URI} [R=301,L]
#</IfModule>
<IfModule mod_rewrite.c>
RewriteEngine On
#RewriteCond %{HTTPS} off [OR]
#RewriteCond %{HTTP:X-Forwarded-SSL} off [OR]
#RewriteCond %{HTTP_HOST} ^www\.
#RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$
#RewriteRule ^ https://%1%{REQUEST_URI} [NE, L, R]
#RewriteCond %{SERVER_PORT} ^80$
#RewriteRule ^(.*)$ https://%{SERVER_NAME} %{REQUEST_URI} [R=301,L]
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www\.
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$
RewriteRule ^ https://%1%{REQUEST_URI} [NE,L,R]
#RewriteCond %{HTTP_HOST} ^(^www\.)
#RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
#RewriteRule ^ http://%1%{REQUEST_URI} [R=301,L]
</IfModule>
#<IfModule mod_rewrite.c>
# RewriteEngine On
# RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
# RewriteRule ^ https://%1%{REQUEST_URI} [R=301,L]
# RewriteCond %{HTTPS} !=on
# RewriteCond %{SERVER_PORT} 80
# RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R,L]
#</IfModule>
# ----------------------------------------------------------------------
# Prevent 404 errors for non-existing redirected folders
# ----------------------------------------------------------------------
# without -MultiViews, Apache will give a 404 for a rewrite if a folder of the
# same name does not exist.
# webmasterworld.com/apache/3808792.htm
Options -MultiViews
# ----------------------------------------------------------------------
# Custom 404 page
# ----------------------------------------------------------------------
# You can add custom pages to handle 500 or 403 pretty easily, if you like.
# If you are hosting your site in subdirectory, adjust this accordingly
# e.g. ErrorDocument 404 /subdir/404.html
ErrorDocument 404 /404.html
# ----------------------------------------------------------------------
# UTF-8 encoding
# ----------------------------------------------------------------------
# Use UTF-8 encoding for anything served text/plain or text/html
AddDefaultCharset utf-8
# Force UTF-8 for a number of file formats
AddCharset utf-8 .atom .css .js .json .rss .vtt .xml
# ----------------------------------------------------------------------
# A little more security
# ----------------------------------------------------------------------
# To avoid displaying the exact version number of Apache being used, add the
# following to httpd.conf (it will not work in .htaccess):
# ServerTokens Prod
# "-Indexes" will have Apache block users from browsing folders without a
# default document Usually you should leave this activated, because you
# shouldn't allow everybody to surf through every folder on your server (which
# includes rather private places like CMS system folders).
<IfModule mod_autoindex.c>
Options -Indexes
</IfModule>
# Block access to "hidden" directories or files whose names begin with a
# period. This includes directories used by version control systems such as
# Subversion or Git.
<IfModule mod_rewrite.c>
RewriteCond %{SCRIPT_FILENAME} -d [OR]
RewriteCond %{SCRIPT_FILENAME} -f
RewriteRule "(^|/)\." - [F]
</IfModule>
# Block access to backup and source files. These files may be left by some
# text/html editors and pose a great security danger, when anyone can access
# them.
<FilesMatch "(\.(bak|config|sql|fla|psd|ini|log|sh|inc|swp|dist)|~)$">
Order allow,deny
Deny from all
Satisfy All
</FilesMatch>
# Increase cookie security
<IfModule php5_module>
php_value session.cookie_httponly true
</IfModule>
<IfModule mod_rewrite.c>
RewriteEngine On
#<IfModule mod_vhost_alias.c>
# RewriteBase /
#</IfModule>
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ app.php [QSA,L]
</IfModule>

try this:
RewriteCond %{HTTPS} !^on [OR]
Rewritecond %{HTTP_HOST} !^example\.com
RewriteRule ^(.*)$ https://example.com/$1 [R=301,L]

To remove www and to enforce https you can use the following :
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www\.
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$
RewriteRule ^ https://%1%{REQUEST_URI} [NE,L,R]
Option 2, on apache 2.4 you can also use this :
RewriteEngine on
RewriteCond %{REQUEST_SCHEME}#%{HTTP_HOST} ^http#(?:www\.)?(.+)$
RewriteRule ^ https://%1%{REQUEST_URI} [NE,L,R]

Finally I had this working with following htaccess rules, as mentioned in my comment the rules posted in other answers were not working because of the elastic load balancer in place in my environment. All the HTTPS requests going through the ELB will have the value of X-FORWARDED-PROTO equal to “HTTPS“.
RewriteEngine on
RewriteCond %{HTTP_HOST} www.(.+) [OR,NC]
RewriteCond %{HTTP:X-Forwarded-Proto} !https [NC]
RewriteRule ^/?(.*) http s://mydomain.com%{REQUEST_URI} [L,R=301]

How to do .htaccess redirect and HTTP cache for static images in a no-cookie subdomain

We want to do redirects for our site photos from domain.com/images/ to a no-cookie img.domain.com.
Currently, we have images directory in public_html, URLs are:
http://domain.com/images/subfolder-1/title-of-the-image.jpg
http://domain.com/images/subfolder-2/title-of-the-image.jpeg
http://domain.com/images/subfolder-3/title-of-the-image.gif
http://domain.com/images/subfolder-4/title-of-the-image.png
In cPanel, img.domain.com has been set to publi_html/images
We tried to unset cookie and redirect via htaccss. Yet, it does not work.
In htaccess,
AddDefaultCharset UTF-8
## Re-directing
Options +FollowSymlinks -MultiViews
RewriteEngine On
RewriteCond %{HTTP_HOST} !^(www\.)?images\. [NC]
RewriteRule ^(.*)$ http://www.img.domain.com/$1 [L,NE,R=301]
# Expire headers
<IfModule mod_expires.c>
ExpiresActive On
ExpiresDefault "access plus 29030400 seconds"
ExpiresByType image/x-icon "access plus 29030400 seconds"
ExpiresByType image/jpeg "access plus 29030400 seconds"
ExpiresByType image/jpg "access plus 29030400 seconds"
ExpiresByType image/png "access plus 29030400 seconds"
ExpiresByType image/gif "access plus 29030400 seconds"
</IfModule>
# Headers
<IfModule mod_headers.c>
<FilesMatch "\\.(ico|jpe?g|png|gif|swf)$">
Header unset Cookie
Header unset Set-Cookie
Header set Cache-Control "max-age=29030400, public"
Header set Last-Modified "Mon, 24 Mar 2014 00:00:00 GMT"
</FilesMatch>
</IfModule>
We wonder what to keep/add/change in the above .htaccess code, which is located inside images directory, or if there are better ways. Thanks!

Add this rule just below RewriteEngine On in /images/.htaccess file:
RewriteCond %{HTTP_HOST} !^(www\.)?images\. [NC]
RewriteRule ^(.*)$ http://www.images.domain.com/$1 [L,NE,R=301]

.htaccess Redirect 301 - Nothing Happens

I want to 301 redirect a couple old URLs
http://www.mysite.com/contact/old-page.php
http://www.mysite.com/contact/another-old-page.php
to this one
http://www.mysite.com/contact/
I'm pretty sure my code is correct, since I have used this on other sites with no problem. I know redirecting is enabled because the non-www to www redirect works just fine. But for some reason this one-off redirect doesn't work; nothing happens at all when I visit the old page, as if I didn't do anything.
Here's the complete .htaccess file:
#Prevent viewing of htaccess
<Files .htaccess>
order allow,deny
deny from all
</Files>
#Enable symbolic links
Options +FollowSymLinks
RewriteEngine On
#Force www version of URL
RewriteCond %{HTTP_HOST} ^mysite\.com [NC]
RewriteRule (.*) http://www.mysite.com/$1 [R=301,L]
#This is the bit that isn't working
Redirect 301 /contact/old-page.php http://www.mysite.com/contact/
Redirect 301 /contact/another-old-page.php http://www.mysite.com/contact/
#Gzip
<ifmodule mod_deflate.c>
AddOutputFilterByType DEFLATE text/text text/html text/php text/plain text/xml text/css text/javascript application/javascript application/x-javascript
</ifmodule>
#Caching
<ifmodule mod_expires.c>
ExpiresActive On
ExpiresByType image/gif "access 1 month"
ExpiresByType image/png "access 1 month"
ExpiresByType text/css "access 1 week"
ExpiresByType text/javascript "access 1 month"
ExpiresByType application/javascript "access 1 month"
ExpiresByType application/x-javascript "access 1 month"
ExpiresByType image/x-icon "access 1 month"
</ifmodule>

Your redirects look fine, but one possible conflict is that you're using mod_alias (Redirect) and mod_rewrite (RewriteRule) together and the URI passes through both modules and both modules can process them, not independently of each other. And sometimes this causes unexpected results.
Try just using rewrite rules and remove the Redirect statements. Try adding these two redirect rules before your "force www" rule:
RewriteRule ^contact/old-page\.php$ http://www.mysite.com/contact/ [L,R=301]
RewriteRule ^contact/another-old-page\.php$ http://www.mysite.com/contact/ [L,R=301]

Use .htaccess to force www AND https

We have a WP Multisite install with a main site and one sub site.
We just purchased UCC Certificate from Godaddy and wish to secure the entire site with https.
We are looking to:
redirect domain.com to www.domain.com
redirect http://www.domain.com to https://www.domain.com
In other words, force www and https on everything..
I have tried a few modifications to our .htaccess file without success. Seems to cause problems with Google Chrome.
Thanks in advance for any feedback or advice!
S Cranston
Here is my current .htaccess file:
## EXPIRES CACHING ##
<IfModule mod_expires.c>
# Enable expirations
ExpiresActive On
# Default directive
ExpiresDefault "access plus 1 month"
# My favicon
ExpiresByType image/x-icon "access plus 1 year"
# Images
ExpiresByType image/gif "access plus 1 month"
ExpiresByType image/png "access plus 1 month"
ExpiresByType image/jpg "access plus 1 month"
ExpiresByType image/jpeg "access plus 1 month"
# CSS
ExpiresByType text/css "access 1 month"
# Javascript
ExpiresByType application/javascript "access plus 1 year"
<IfModule mod_headers.c>
SetEnvIf Origin "http(s)?://(www\.)?(www.simplymusicteachers.com/wp-admin/admin-ajax.php|www.simplymusicteachers.com)$" AccessControlAllowOrigin=$0$1
Header add Access-Control-Allow-Origin %{AccessControlAllowOrigin}e env=AccessControlAllowOrigin
</IfModule>
And here is the file with the additional code added in:
## EXPIRES CACHING ##
<IfModule mod_expires.c>
# Enable expirations
ExpiresActive On
# Default directive
ExpiresDefault "access plus 1 month"
# My favicon
ExpiresByType image/x-icon "access plus 1 year"
# Images
ExpiresByType image/gif "access plus 1 month"
ExpiresByType image/png "access plus 1 month"
ExpiresByType image/jpg "access plus 1 month"
ExpiresByType image/jpeg "access plus 1 month"
# CSS
ExpiresByType text/css "access 1 month"
# Javascript
ExpiresByType application/javascript "access plus 1 year"
<IfModule mod_headers.c>
SetEnvIf Origin "http(s)?://(www\.)?(www.simplymusicteachers.com/wp-admin/admin-ajax.php|www.simplymusicteachers.com)$" AccessControlAllowOrigin=$0$1
Header add Access-Control-Allow-Origin %{AccessControlAllowOrigin}e env=AccessControlAllowOrigin
</IfModule>
Options +FollowSymLinks -MultiViews
# Turn mod_rewrite on
RewriteEngine On
RewriteBase /
## force HTTPS and www. if any of them are not already present
RewriteCond %{HTTP_HOST} (?!^www\.)^(.+)$ [OR]
RewriteCond %{HTTPS} off
RewriteRule ^ https://www.%1%{REQUEST_URI} [R=302,L]

Enable mod_rewrite and .htaccess through httpd.conf and then put this code in your .htaccess under DOCUMENT_ROOT directory:
Options +FollowSymLinks -MultiViews
# Turn mod_rewrite on
RewriteEngine On
RewriteBase /
## force HTTPS and www. if any of them are not already present
RewriteCond %{HTTP_HOST} (?!^www\.)^(.+)$ [OR]
RewriteCond %{HTTPS} off
RewriteRule ^ https://www.%1%{REQUEST_URI} [R=302,L]
Once you verify it is working fine, replace R=302 to R=301. Avoid using R=301 (Permanent Redirect) while testing your mod_rewrite rules.
EDIT If for some reason lookbehind isn't supported try:
RewriteCond %{HTTP_HOST} ^domain\.com$ [OR]
RewriteCond %{HTTPS} off
RewriteRule ^ https://www.domain.com%{REQUEST_URI} [R=302,L]
RewriteCond %{HTTP_HOST} ^sub\.domain\.com$ [OR]
RewriteCond %{HTTPS} off
RewriteRule ^ https://www.sub.domain.com%{REQUEST_URI} [R=302,L]