I have a problem with our site after reinstalling the SSL certificate, where the www version of the site (www.mountainx.com) pulls up a completely different site. if you enter the non-www version (mountainx.com), it goes to the correct website. Some of the rules in my .HTAccess file are here - Any help would be appreciated or at least I would like to get a discussion going -
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
RewriteCond %{HTTP_HOST} ^www\.example\.com [NC]
RewriteRule ^(.*)$ http://example.com/$1 [L,R=301]
Also I have a certain number of proxy redirects that are not working either after the SSL change and I had to redirect them to the original hosts. To clarify, we use a third party to host our calendar but want to obscure the URL so it looks like we are still hosting the files. When the SSL certificate was installed, it suddenly started throwing up a 503 error so we agreed to change to the original URL hosted remotely. Also any good tutorials on .htaccess file out there? They seem to be pretty few and far between.
Related
On my web I am using HTTPS connection and in my .htaccess I specified the redirect from http to https like this:
RewriteCond %{HTTP:HTTPS} !on [OR]
RewriteCond %{HTTP_HOST} ^example.com
RewriteRule (.*) https://www.example.com/$1 [R=301,QSA,L]
This is working fine, so if someone enters the page with http, it will redirect to https.
But I want to exclude from this redirect one specific folder, let's say 'application'.
If I put it above the statement, the Rewriterule will redirect it. If I put it after, then the web is already redirected to https and I don't want to call redirect to http again.
So how can I exclude one folder?
The reason is, I have very often a TLS handshake taking more than 30 seconds on my web.
And the files in that application folders are API php files, which are only called from my mobile app, so they will never be shown in browser.
As there are serious connection issues from mobile app due to TLS problems, I want to call these files via http only to avoid TLS connection. I don't care about security in these files, however I want to keep the rest of my web with https.
Well, I think I found some solution. I used that folder as an exception via !application:
RewriteCond %{HTTPS} !on
RewriteCond %{THE_REQUEST} !application [NC]
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301,NE]
Still testing, but seems working fine. Hope I am doing it the right way.
i have just installed my SSL wich i have bought on transip.nl
When i take a look at the website which i have installed for it looks like its not going well.
i have checked : https://www.sslshopper.com/ssl-checker.html#hostname=sloffenenpantoffels.nl
Looks fine but its not. there is no safe logo and he is still telling its an unscure connection.
When i check the URL its HTTP and not HTTPS.
Webshops is build in a magento multistore.
I have made own domain and selected his own IP for the SSL. I pointed the root folder to the folder from the main domain of the multistore.
In my htaccess file there is a rule:
RewriteCond %{HTTP_HOST} ^(.*)sloffenenpantoffels.nl
RewriteRule ^ - [E=MAGE_RUN_CODE:ditwiljehebben]
I hope that anyone can help me out here.
To force SSL just use the following:
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]
I have searched the site and thought I may have found code I could use for my issue, but it did not work.
I want to redirect my primary domain http to https (also including any form of url typed www. without www., http://www, http://, and even just the domain name without www or http before it), while Also not effecting my other domain that is sharing the same hosting within my primary directory (as the SSL I have only used for primary domain, but not used on other domains).
At current, I had code to make the redirect for my primary to https, but it would then make my other domain on same hosting account, also redirect to https.
Then I found code to not effect the other domain and not to redirect to https, but then it effected my primary domain to NOT redirect to https either, it would only redirect to https if with www. or http but would not redirect without the www.
This has been very frustrating because I am VERY new to attempting this type of code, so I don't have a clue what I am doing and could surely use the help. My Godaddy hosting would not help but give link to basic redirect code which does not help for other domains sharing hosting, nor did it work for typing domain without www etc. I hope this made sense.
Thank you in advance.
EDITED possible FIX:
Ok, my code might look a bit wonky and I'm sure it may need cleaning up and possible repetitive stuff removed, but this is what I just patched together from other code offerings I've found on this site, along with others I've found elsewhere and I think it might be working. I'm sure there is a cleaner way to format this, but at current it seems to be working.
# redirect http to https Domain
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} www.yoursite.com [OR,NC]
RewriteCond %{HTTP_HOST} yoursite.com
RewriteRule (.*) https://yoursite.com/$1 [R=301,L]
RewriteCond %{HTTP_HOST} ^www.yoursite.com [NC]
RewriteRule ^(.*)$ http://yoursite.com/$1 [L,R=301]
# redirect to http subdomain
RewriteCond %{HTTPS} on
RewriteCond %{HTTP_HOST} ^((?!www).+\.yoursite\.com)$ [NC]
RewriteRule ^ http://%1%{REQUEST_URI} [R=301,L]
I am trying to force HTTPS on a domain. It must be done using a method that works by domain name and not port number (due to host structure/setup).
My closest attempt was:
RewriteEngine On
RewriteCond %{HTTP_HOST} ^mydomain.com$
RewriteRule ^.*$ https://www.mydomain.com/$1 [R=301,L]
This works when typing "mydomain.com" into the address bar, automatically redirecting to "https://mydomain.com" but when I type "www.mydomain.com" it does not work. I assume it is a syntax issue as I am very new to htaccess and have spent about 4 hours trying to create a solution from other's code.
Any chance of a pointer?
To make the setup a little more understandable.
/public_html/ - All files in this folder relate to www.mydomain.com
/public_html/subfolder - These folders contain files also relating to mydomain.com
/public_html/subdomain - These folders contain files relating to www.myotherdomain.com
My other domains are subdomains of mydomain.com for to be listed in the cpanel on the host. For example: subdomain.mydomain.com is the same as www.myotherdomain.com.
Hopefully that clears up the structure.
Your redirect happens whenever a request is made to the exact domain mydomain.com (that's what the RewriteCond is testing for). It doesn't apply to any other domains and doesn't detect HTTPS. Use this instead:
RewriteEngine On
RewriteCond %{HTTP_HOST} ^(www.)?mydomain.com$
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://www.mydomain.com/$1 [R=301,L]
During development, I used subdomain.domain.com and everything worked.
Moving to live, the files are under www, but I wanted to use domain.com, and that's making certain functionalities not work as follows.
I got a dedicated SSL certificate for domain.com, so I have this in my htaccess, and my SSL works fine:
# Redirect www.domain.com to domain.com
RewriteCond %{HTTP_HOST} ^www.domain.com [NC]
RewriteRule ^(.*)$ http://domain.com/$1 [L,R=301]
However for some reason that breaks some other functionality where a form gets reposted and I can't figure out why. But if I change htaccess to this:
# Redirect domain.com to www.domain.com
RewriteCond %{HTTP_HOST} ^domain.com [NC]
RewriteRule ^(.*)$ http://www.domain.com/$1 [L,R=301]
then the broken functionality works, but the SSL doesn't.
Before I go invest in an SSL for www.domain.com, I wanted to check with the experts here to see if there is something simple I can do to my htaccess file to make both scenarios work.
Many thanks in advance!
A visible 301 redirect is losing its POST data. From RFC 2616:
If the 301 status code is received in
response to a request other than GET
or HEAD, the user agent MUST NOT
automatically redirect the request
unless it can be confirmed by the
user, since this might change the
conditions under which the request was
issued.
So, you have to fix the forms, not the .htaccess.