I have two .htaccess rules one to rewrite https:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
and another to restrict some urls to only be accessible from whitelisted IPs:
RewriteCond %{REQUEST_URI} ^/(index.php/)?admin[NC]
RewriteCond %{HTTP:X-FORWARDED-FOR} !^111.123.456.222
RewriteRule ^(.*)$ https://%{HTTP_HOST}/ [R=302,L]
the second rule works fine by itself but when I add the first both i get the too many redirects error how do i get the first rule to work (on some servers it works properly)?
UPDATE
I am closing this question until I hear from my host if there is something in my server environment that is causing my problem
Ok i confirmed with my hosting service, my problem was i had pound sitting in front of my server (for varnish) :-) . I switched it to haproxy and that is redirecting all my traffic to HTTPS so I don't need anything in the .htaccesss, Thank you
Related
I have recently set up a site "saskatoonwashworld.com" with SSL. I have two issues that I need to resolve...
1) Route all http requests to https (I was able to do this easy enough with code found online)
2) I also have a subdomain "portal.saskatoonwashworld.com" which I want redirected to "https://secure3.washcard.com/AP?CID=65e53149-59e9-4d67-a746-e475aa4bc7be" which is hosted by another site. I want the requests to go here whether or not the user types in http://portal.###, https://portal.###, or just the url without the http(s).
I cannot figure out how to do it as I don't know how to properly code the conditions and rewrites.
I was originally using this code found online for the http to https redirect...but if I'm understanding it correctly, it is using a wildcard to catch "www." and so would ignore/override my "portal." subdomain anyways. But I could be wrong.
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://saskatoonwashworld.com/$1 [R=301,L]
Try this rewrites in .htaccess file:
RewriteEngine On
RewriteCond %{HTTP_HOST} ^(www\.)?portal\.saskatoonwashworld\.com [NC]
RewriteRule (.*) https://secure3.washcard.com/AP?CID=65e53149-59e9-4d67-a746-e475aa4bc7be [R=301,L]
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://saskatoonwashworld.com/$1 [L,R=301]
I know guys this question has been asked many times but believe me I have tried all the solutions in the other questions without any results.
As mentioned in the title I want all my http requests to be converted into https requests, and I want to use .htaccess file to do this so this is what I have tried so far:
#https redirect
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R,L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ app.php [QSA,L]
But this gives me nothing my site is not being redirected from example.com to https://example.com
What am I missing here ?
As worked out in a lengthy communication via chat the issue was that the redirection rules were coded after (below) other internal redirection rules, so never got applied.
Moving the http to https redirection rules up solved the issue.
We host a number of websites on our server. Our main site, let's call www.domain.com.
Anyway, we noticed that the other sites we host, etc, all point back to our main site (domain.com) when https:// is put in front of their domain. Part of the problem is that these are indexing in Google as well.
I've wondering how I can redirect all these in the htaccess - please help!
Add these rules to the htaccess file in your www.domain.com document root, preferably above any other routing rules that may be there:
RewriteEngine On
RewriteCond %{HTTPS} on
RewriteCond %{HTTP_HOST} ^(www\.)?domain\.com$ [NC]
RewriteRule ^(.*)$ http://www.domain.com/$1 [L,R]
I've used different codes provided here on other questions' solutions and on the internet. I'm really not savvy with htaccess. Bought and confirmed working SSL Certificate, but I'm new to applying these redirects.
Goal:
I need to rewrite http to https on the following directories.
http://mydomain.com/products-page/checkout
http://mydomain.com/products-page/your-account
http://mydomain.com/wp-login
I'm on shared hosting via Dreamhost. I have a dedicated IP, if that helps.
Initial code I was using recommended to me by a Dreamhost representative:
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} wp-login
RewriteRule ^(.*)$ https://mydomain.com/wp-login/$1 [R,L]
Try these rules in the htaccess file in your document root.
RewriteEngine On
RewriteCond %{HTTPS} !on
RewriteCond %{REQUEST_URI} ^(/wp-login|/products-page/checkout|/products-page/your-account)
RewriteRule ^(.*)$ https://mydomain.com/$1 [R,L]
The first condition checks if the request isn't HTTPS, the second checks if the request starts with either /wp-login, /products-page/checkout, or /products-page/your-account, and if both apply, then the rewrite simply takes the entire URI and redirects to https://.
I am currently using this .htaccess to redirect all the requests for pages with a directory to my index.php
RewriteEngine on
RewriteCond $1 !^(index\.php|cas)
RewriteRule ^(.*)$ /seattle/index.php/$1 [L]
And this works just fine and produces urls that hide the index.php, and I have code in index.php that makes urls clean looking.
But now I need to force pages to connect via ssl, so I tried
RewriteEngine on
RewriteCond %{SERVER_PORT} 80
RewriteCond $1 !^(index\.php|cas)
RewriteRule ^(.*)$ https://example.com/seattle/index.php/$1 [L]
and it works to force ssl, but now it also forces the url to include the index.php:
https://example.com/seattle/index.php/pagename
instead of what I want
https://example.com/seattle/pagename
What am I missing?
To change protocol (HTTP -> HTTPS) and/or domain name (www.example.com -> example.com) the proper redirect ("301 Permanent Redirect" or "302 Found/Temp Redirect") is required.
Therefore you cannot combine rewrite and redirect and still showing original URL. It has to be 2 different rules and the one for changing protocol/domain should be listed first. For example:
RewriteEngine on
# force HTTPS for all URLs
RewriteCond %{HTTPS} =off
RewriteRule . https://example.com%{REQUEST_URI} [R=301,L]
# other rewrite rules
RewriteCond $1 !^(index\.php|cas)
RewriteRule ^(.*)$ /seattle/index.php/$1 [L]
The rule I have added will redirect ALL HTTP URLs to HTTPS. If you need only some of them to be redirected -- add appropriate conditions via additional RewriteCond line(s).
The %{HTTPS} is the most common and kind of "proper" way of checking if SSL is ON or OFF (but it is all depending on your specific circumstances and server config). When checking against %{HTTPS} you are safe against situation when your site is running on non-standard port (other than 80). You can use %{SERVER_PORT} =80 instead (will work for majority of cases).
With the above rules the rewrite for http://example.com/seattle/pagename will occur in 2 steps:
301 Redirect to https://example.com/seattle/pagename
Rewrite (internal redirect) to /seattle/index.php/pagename