ERR_TOO_MANY_REDIRECTS from htacces - .htaccess

I change the .htaccess file and I added this:
RewriteCond %{HTTPS} !on
RewriteRule ^.*$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
but when I try to access the page, it gives me this error:
ERR_TOO_MANY_REDIRECTS
I cleared all my cache and cookies, I tried it with another browser, and it didn't work.
Please help me

It appears that some versions of the apache http servers ssl module do not set the %{HTTPS} variable, quite in contrast to what the documentation claims. Have a try using this alternative:
RewriteEngine on
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301,QSA]
And a general hint: you should always prefer to place such rules inside the http servers (virtual) host configuration instead of using dynamic configuration files (.htaccess style files). Those files are notoriously error prone, hard to debug and they really slow down the server. They are only provided as a last option for situations where you do not have control over the host configuration (read: really cheap hosting service providers) or if you have an application that relies on writing its own rewrite rules (which is an obvious security nightmare).

Add RewriteEngine On to your first line, vai parecer assim:
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]
Last line you could change to something like:
RewriteRule ^(.*)$ https://www.example.com/$1
Where https://www.website.com add your own domain.
That should send you on the right way

Related

Running 2 drupal sites from 2 different subfolders using .htaccess

I have a domain example.com for which I have created two fully separate drupal 8 setup. These two different setups are in two different subfolders under the root, namely, build1 and build2.
A. I want to translate any url to https automatically.
B. I want to add www to any url that does not have www, automatically.
C. When a user accesses the url example.com, I want the request to redirect and open the drupal site that is in the subfolder build1 without revealing build1 subfolder name in the url.
I have achieved A, B, and C by using the following in .htaccess in the root folder.
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteEngine on
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ build1/$1 [L]
My next objective, which I am struggling is, to add instruction in .htaccess so that when I type in example.com/build2 or www.example.com/build2, it opens up the drupal setup that is in build2.
I have tried for a while but no luck.
Thanks in advance .... Mic
You need to add an exception before the general catch all rule, so further up in your distributed configuration file:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,END]
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^ http://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,END]
RewriteRule ^/?build2 - [END]
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ build1/%{REQUEST_URI} [END]
Depending on the rest of your setup (which is unclear here) you may need to protect requests to existing folders first before rewriting into those applications. Depends, as written...
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,END]
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^ http://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,END]
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ - [END]
RewriteRule ^/?build2 - [END]
RewriteRule ^ build1/%{REQUEST_URI} [END]
It is a good idea to start out with a 302 temporary redirection and only change that to a 301 permanent redirection later, once you are certain everything is correctly set up. That prevents caching issues while trying things out...
In case you receive an internal server error (http status 500) using the rule above then chances are that you operate a very old version of the apache http server. You will see a definite hint to an unsupported [END] flag in your http servers error log file in that case. You can either try to upgrade or use the older [L] flag, it probably will work the same in this situation, though that depends a bit on your setup.
This implementation will work likewise in the http servers host configuration or inside a distributed configuration file (".htaccess" file). Obviously the rewriting module needs to be loaded inside the http server and enabled in the http host. In case you use a distributed configuration file you need to take care that it's interpretation is enabled at all in the host configuration and that it is located in the host's DOCUMENT_ROOT folder.
And a general remark: you should always prefer to place such rules in the http servers host configuration instead of using distributed configuration files (".htaccess"). Those distributed configuration files add complexity, are often a cause of unexpected behavior, hard to debug and they really slow down the http server. They are only provided as a last option for situations where you do not have access to the real http servers host configuration (read: really cheap service providers) or for applications insisting on writing their own rules (which is an obvious security nightmare).

.htaccess RewriteEngine rules separation

Hello Stackoverflow community, I am currently writing my .htaccess file and wondering, which is the best way to combine Rewrite Engine rules.
For example, my .htaccess file right now consists of the following code:
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
ErrorDocument 404 /404.html
I want to add the Removing Extension code (for .html):
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^([^\.]+)$ $1.html [NC,L]
As well as the index.html removable code:
RewriteCond %{REQUEST_URI} index\.html
RewriteRule ^(.*)index\.html$ /$1/ [R=301,L]
Which is the appropriate order to type them and how should the final .htaccess file code look like?
Thanks in advance!
I'd say that this is roughly what you are looking for:
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME}.html -f
RewriteRule ^/?([^\.]+)$ $1.html [END]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^/?(.+)/?$ /$1/index.html [END]
RewriteRule ^/?(.+/)index\.html$ /$1 [R=301]
ErrorDocument 404 /404.html
You may have to tweek things a little, your question is vague in a few points.
In case you receive an internal server error (http status 500) using the rule above then chances are that you operate a very old version of the apache http server. You will see a definite hint to an unsupported [END] flag in your http servers error log file in that case. You can either try to upgrade or use the older [L] flag, it probably will work the same in this situation, though that depends a bit on your setup.
This rule will work likewise in the http servers host configuration or inside a dynamic configuration file (".htaccess" file). Obviously the rewriting module needs to be loaded inside the http server and enabled in the http host. In case you use a dynamic configuration file you need to take care that it's interpretation is enabled at all in the host configuration and that it is located in the host's DOCUMENT_ROOT folder.
And a general remark: you should always prefer to place such rules in the http servers host configuration instead of using dynamic configuration files (".htaccess"). Those dynamic configuration files add complexity, are often a cause of unexpected behavior, hard to debug and they really slow down the http server. They are only provided as a last option for situations where you do not have access to the real http servers host configuration (read: really cheap service providers) or for applications insisting on writing their own rules (which is an obvious security nightmare).

.htaccess redirect example.com to example.com/admin_panel

I want to redirect from "example.com", "www.example.com", "example2.com" and "www.example2.com" to "https://example.com/admin_panel/", i tried this:
Options -Indexes
Options +FollowSymLinks
RewriteEngine On
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{THE_REQUEST} ^www.example2.eu/index\.php
RewriteCond %{THE_REQUEST} ^www.example.eu/index\.php [OR]
RewriteCond %{THE_REQUEST} ^example2.eu/index\.php [OR]
RewriteCond %{THE_REQUEST} ^example.eu/index\.php [OR]
RewriteRule ^(.*)$ http://www.example.eu/admin_panel/index\.php$1 [L,R=301]
</IfModule>
but it does not work
Your question is vague, since it contains contradictions. For example it is unclear how you want to treat the paths in the requests. Is /index.php a requirement for the rewriting to get applied or not?
Given that little and vague information I can only point you into the rough direction:
RewriteEngine On
RewriteCond %{HTTP_HOST} ^www\.example2\.eu$ [OR]
RewriteCond %{HTTP_HOST} ^example2\.eu$ [OR]
RewriteCond %{HTTP_HOST} ^example\.eu$
RewriteRule ^/?(.*)$ http://www.example.eu/admin_panel/$1 [R=301]
RewriteCond %{HTTP_HOST} ^www\.example\.eu$
RewriteCond %{THE_REQUEST} !^/admin_panel
RewriteRule ^/?(.*)$ http://www.example.eu/admin_panel/$1 [R=301]
Note that I removed the condition testing for the host name "www.example.eu" since it would lead to an endless rewriting rule.
The given code snippet is only meant as a starting point. It should work, but I did not test it myself. It should work likewise from the http servers host configuration or inside dynamic configuration files (".htaccess").
And a general remark: you should always prefer to place such rules in the http servers host configuration instead of using dynamic configuration files (".htaccess"). Those dynamic configuration files add complexity, are often a cause of unexpected behavior, hard to debug and they really slow down the http server. They are only provided as a last option for situations where you do not have access to the real http servers host configuration (read: really cheap service providers) or for applications insisting on writing their own rules (which is an obvious security nightmare).

htaccess - redirect to new domain and subfolder

even there are tons of articles about that problem i can not get this to work.
My situation is like this:
From one Domain e.g. english-domain.com i want a rewrite to the another domain into a specific directory e.g. german-domain.de/en. And each of these domains contains a hyphen. The typical generators are sadly not providing me with a working solution.For example the following code does not work
RewriteEngine On
RewriteCond %{HTTP_HOST} ^(www.)?english-domain\.com [NC]
RewriteCond %{REQUEST_URI} ^/$
RewriteRule ^(.*)$ german-domain.de/en/$1 [R=301,L]
It would be very thankful if you guys could point me to correct direction.
Thank you
What about this simply modified version?
RewriteEngine On
RewriteCond %{HTTP_HOST} ^(www.)?english-domain\.com$ [NC]
RewriteCond %{REQUEST_URI} ^/$
RewriteRule ^(.*)$ https://german-domain.de/en/$1 [R=301,L]
I wonder though if that second RewriteCond you coded really is what you want. It will limit the rewriting to only the specific URL https://english-domain.com/, not to URLs having more than just the base / as path component... If you want to rewrite all URLs in that host, so for example also https://english-domain.com/foo/bar, then you need to remove that condition:
RewriteEngine On
RewriteCond %{HTTP_HOST} ^(www.)?english-domain\.com$ [NC]
RewriteRule ^(.*)$ https://german-domain.de/en/$1 [R=301,L]
Oh, and obviously you have to make sure that the interpretation of htaccess style files is enabled at all and the rewrite module is installed.
And a general hint: you should always prefer to place such rules inside the http servers host configuration instead of using .htaccess style files. Those files are notoriously error prone, hard to debug and they really slow down the server. They are only provided as a last option for situations where you do not have control over the host configuration (read: really cheap hosting service providers) or if you have an application that relies on writing its own rewrite rules (which is an obvious security nightmare).

Need to redirect all traffic to https

I want to redirect any traffic that goes to http://example.com to https://example.com
same for http://example.com/about to https://example.com/about
I thought it would be something like this:
RewriteCond %{HTTP_HOST} ^example\.com$ [NC]
RewriteRule ^(.*)$ https://example.com/$1 [R=301,L]
This works for me:
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
If the traffic is coming in over non-SSL HTTP, then redirect to the HTTP equivalent of whatever page the user was originally trying to access. It also doesn't involve any mod_rewrite options, so it's easy to read.
Side rant: why does everyone feel the need to explicitly set the HTTP code of the redirect and mark one of their rewrites as the "last" one? Seriously, I've seen dozens of same-looking htaccess rules in just the last few days.
This is a previous answer using .httaccess but adding changes proposed in the comments, and some from me:
RewriteEngine on
RewriteBase /
RewriteCond %{HTTPS} !on
RewriteRule (.*) https://my.domain.name%{REQUEST_URI} [L,R=301]
Notes:
This is for the cases where user doesn't have access to main configuration, but has access to .htaccess rules. If you have access to main configuration, use mod_alias solution instead.
For me the rule was not picked up without defining RewriteBase. Explicitly defining it gets rid of ambiguity with some server setups.
At least on some configurations, %{HTTPS} is not set to off when using http, but is null, so !on is more reliable rule than off.
For explicit host name, you don't rely on client side Host header or server configuration. However, explicit host name natually assumes there is only one domain to redirect. Host header poses some considerable problems, such as containing port and being client-supplied data. Another alternative, as suggested by Apache Wiki, is to use %{SERVER_NAME}. If you consider using that, check out caveat from this discussion - it relies on other configuration being correct.
R=301 means it's permanent redirect, as it's usually meant to be in this case. If you instead think it's temporary, that can be left out or specified as R=302.
L means it's last rule to be applied for this request. Leave it if you suspect or know there are other rules after this that you don't want to get applied. You can remove if this is the only rule of the file.
According to the Apache documentation, using mod_alias is more appropriate than mod_rewrite for this task. That is, in order to redirect all HTTP traffic to HTTPS, one would:
<VirtualHost *:80>
ServerName www.example.com
Redirect permanent / https://www.example.com/
</VirtualHost >
<VirtualHost *:443>
ServerName www.example.com
# ... SSL configuration goes here
</VirtualHost >
Two things to note about this configuration:
You need access to the main server configuration file in order for this configuration to work. The VirtualHost directive is only valid in the "server config" context.
Keep in mind that mod_rewrite directives are processed before mod_alias directives. If you've already got a massive block of RewriteRules in your .htaccess file, you might be better off with the mod_rewrite configuration.
why not just plain and simple?
rewriteCond %{HTTPS} !on
rewriteRule ^(.*)$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]
it has worked to me, and seems to me clear. Cheers.
Working in all conditions is:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTP_HOST} ^www\.(.+) [NC]
RewriteRule ^ https://%1%{REQUEST_URI} [NE,L,R=301]
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [NE,L,R=301]
<IfModule>
After some research this what worked for me, a bit different version.
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Resources