can't force redirection to https - .htaccess

I have a problem with my website at online.net .
I want to force http to use https, but I failed.
In .htacess it didn't do anything when I use th following
RewriteEngine On
RewriteCond %{HTTP_HOST} ^my-website\.com [NC]
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://my-website.com/$1 [R,L]
And I get an internal server Error when I try
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
or
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [NE,L,R=301]
thanks for any help !

Related

How to redirect all my subdomains to https from http

So i have this code in htaccess:
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteCond %{HTTP_HOST} ^(www\.)?mydomain\.no
RewriteRule ^(.*)$ https://www.mydomain.no/ [R,L]
But when i enter a subdomain like (m.mydomain.no) it does not redirect to https, how can i fix this? Thank you
Check this rules, second for http subdomains (non www):
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteCond %{HTTP_HOST} ^(www\.)?mydomain\.no
RewriteRule ^(.*)$ https://www.mydomain.no/ [R,L]
RewriteCond %{HTTPS} !=on
RewriteCond %{HTTP_HOST} !^www\..+$ [NC]
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

301 redirect http to https with www

I have to redirect my domain from http to https. In my htaccess I have already.
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} !^www\.example\.com$ [NC]
RewriteRule ^(.*)$ http://www.example.com/$1 [R=301,L]
This snippet redirect everything without "www" to "www".
When I change this to
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} !^www\.example\.com$ [NC]
RewriteRule ^(.*)$ https://www.example.com/$1 [R=301,L]
The result is:
http://www.example.com/folder/page.php
becomes
Location => https://www.example.com/folder/page.php
Fine!
https://example.com/folder/page.php
becomes
https://www.example.com/folder/page.php
Fine!
but:
http://example.com/folder/page.php
becomes
Location => https://example.com/folder/page.php
but it has to be
Location => https://www.example.com/folder/page.php
How is it possible to fix this?
I know all of this redirects:
RewriteCond %{SERVER_PORT} !^443$
RewriteRule (.*) https://%{HTTP_HOST}/$1 [R=301,L]
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
but I need only one redirection instead of two 301.
You can use the following rule
RewriteEngine on
RewriteCond %{HTTP_HOST} !^www [OR]
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$
RewriteRule ^ https://www.%1%{RERUEST_URI} [NE,L,R=301]
Clear your browser cache before testing this.
I have found a solution here:
https://webmasters.stackexchange.com/questions/84757/htaccess-redirect-non-www-to-www-with-ssl-https
The second answer by #w3dk is working.
RewriteEngine On
RewriteCond %{SERVER_PORT} !=443 [OR]
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ https://www.example.com/$1 [R=301,L]
Your site needs to be accessible by both www and non-www over SSL for the .htaccess redirect to trigger.
With letsencrypt its no problem to have this 2 certs.

.htacces redirecting from http to https issue

I have this .htaccess file
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ http://%1/$1 [R=301,L]
I want to modify .htaccess, that site always show https in url. I tried
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ https://%1/$1 [R=301,L]
this don't work. I tried also
RewriteEngine On
RewriteCond %{HTTPS} !on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
but in this case I got This webpage has a redirect loop error..
Help me to configure that please.
The only reason why this code not working
RewriteEngine On
RewriteCond %{HTTPS} !on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
this is what the certificate give you cloudflare or something other similar service, when you hasn't direct control to your ssl certificate.
I had such problem with ssl from cloudflare, and I solve that with
RewriteCond %{HTTP:CF-Visitor} '"scheme":"http"'
RewriteRule ^(.*)$ https://domain.com/$1 [L]

htaccess - redirect all pages except checkout to HTTP non-SSL

I'm trying to redirect all traffic to HTTP unless it is our checkout process, in which case I'm trying to redirect it to HTTPS.
I have a Rackspace Cloud Sites setup however the below does not appear to be working. Is there something that I am doing incorrect in the below?
Thanks!
# Use PHP5 Single php.ini as default
AddHandler application/x-httpd-php5s .php
RewriteEngine On
RewriteBase /
#redirect to www
RewriteCond %{HTTP_HOST} !^www\.example\.com$ [NC]
RewriteRule ^(.*)$ http://www.example.com/$1 [R=301,L]
#redirect all https traffic to http, unless it is pointed at checkout
RewriteCond %{HTTP:X-Forwarded-SSL} on
RewriteCond %{REQUEST_URI} !^/checkout/?.*$
RewriteRule ^(.*)$ http://www.example.com/$1 [R=301,L]
#redirect all http traffic to https, if it is pointed at /checkout
RewriteCond %{HTTP:X-Forwarded-SSL} off
RewriteCond %{REQUEST_URI} ^/checkout/?.*$
RewriteRule ^(.*)$ https://www.example.com/$1 [R=301,L]
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} !^www\.example\.com$ [NC]
RewriteRule ^(.*)$ http://www.example.com/$1 [R,L]
#Force NON-SSL on a non-checkout directories
RewriteCond %{ENV:HTTPS} on [NC]
RewriteCond %{REQUEST_URI} !^/DIRECTORY/?.*$
RewriteRule ^(.*)$ http://www.example.com/$1 [R,L]
#Force SSL on a specific directory
RewriteCond %{ENV:HTTPS} !on [NC]
RewriteRule ^DIRECTORY/(.*)$ https://www.example.com/DIRECTORY/$1 [R,L]
Another way:
RewriteCond %{HTTPS} !=on
# change user|cart|admin to folders you want SSL on.
RewriteRule ^/?(user|cart|admin) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
RewriteCond %{HTTPS} !=off
# change content|category to folders you want SSL off.
RewriteRule ^/?(content|category) http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
Use this
#redirect all http traffic to https, if it is pointed at /checkout
Options +FollowSymLinks
RewriteEngine On
RewriteCond %{REQUEST_URI} checkout|login
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]

Force non-www and https via htaccess

I'm trying to force a user to be redirected to the non-www website, and, force https.
I've got this which sort of work, but doesn't force https, when http is entered.
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://site.com\.net/$1 [R=301,L]
RewriteCond %{HTTP_HOST} ^www\.
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
Any ideas on what I'm doing wrong?
Try this rule:
RewriteCond %{HTTP_HOST} ^(www\.)(.+) [OR]
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} ^(www\.)?(.+)
RewriteRule ^ https://%2%{REQUEST_URI} [R=301,L]
Based on Gumbo's comment : "the TLS/SSL connection is established and certificate is validated before it is handed down to HTTP and the HTTP redirection takes place"
I gave this a try (which seems to work):
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.blahblah.com/$1 [R,L]
RewriteCond %{HTTP_HOST} ^www\.blahblah\.com [NC]
RewriteRule ^(.*)$ https://blahblah.com/$1 [L,R=301]
please tell me if there is something wrong with this approach.
The only set of rules that works for me is the following
# match any URL with www and rewrite it to https without the www
RewriteCond %{HTTP_HOST} ^(www\.)(.*) [NC]
RewriteRule (.*) https://%2%{REQUEST_URI} [R=301,L]
# match non https and redirect to https
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
The order matters, it prevents a third redirect in some cases.
With this code I rediret from http and www and none www to https none www. Just pay attenstion that the place you insert the code in htaccess is important:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ https://%1/$1 [R=301,L]

Resources