This is my .htaccess
RewriteEngine on
# If a directory or a file exists, use it directly
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
# Otherwise forward it to index.php
RewriteRule . index.php
RewriteCond %{HTTP_HOST} ^api.example.com [NC]
RewriteRule ^(.*)$ https://www.example.com [L,R=301,NC]
#For api send authorization header
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]
When I try to post to
https://api.example.com/user/login
it gives me this
Shouldn't it just forward my request to https://www.example.com
I can't figure it out why it won't work.
EDIT:
The problem might be that ssl for https://api.example.com doesn't work
Related
Hi I am use Deployer to deploy a Craft CMS website. The site is symlinked to the directory called 'current'. I am using mod rewrite to remove the /current/public from the url in the document root like so:
RewriteEngine On
RewriteCond %{REQUEST_URI} !current/public/
RewriteRule (.*) /current/public/$1 [L]
And inside the current/public folder there is this htaccess to remove the index.php and create nice urls:
RewriteEngine On
# Send would-be 404 requests to Craft
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !^/(favicon\.ico|apple-touch-icon.*\.png)$ [NC]
RewriteRule (.+) index.php?p=$1 [QSA,L]
Edit - Test
The following works to force HTTPS but I end with urls looking like:
example.com/current/public/about etc
RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-Proto} !=https
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [R=302,L]
# Send would-be 404 requests to Craft
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !^/(favicon\.ico|apple-touch-icon.*\.png)$ [NC]
RewriteRule (.+) index.php?p=$1 [QSA,L]
How can I adjust this to force the site to always use HTTPS?
This will redirected all http request to https.
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteCond %{HTTP_HOST} ^(www.)?yourdomainname.com
RewriteRule ^(.*)$ https://www.yourdomainname.com/$1 [R,L]
Hope this will help you
The following is what I managed to get working:
RewriteEngine on
RewriteRule ^(.*)$ current/public/$1
RewriteCond %{HTTP:X-Forwarded-Proto} !=https
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [R=302,L]
I found this code to redirect all HTTP requests to HTTPS.
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://my-domain.com/$1 [R,L]
Works fine locally, but on live causes a browser error - "this page isn't redirecting properly."
I also get the same problem with this code instead:
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Anyone know what I'm doing wrong? This is a CodeIgniter site, incidentally.
[EDIT - entire file (minus attempt to force https)]
RewriteEngine on
#favour naked domain over www
RewriteCond %{HTTP_HOST} ^www\.(.+) [NC]
RewriteRule ^(.*) http://%1/$1 [R=301,NE,L]
#imgs from Desyn
RewriteRule ^vstk_file\/([^\/]+)/([^\/]+)/(.+) vstk_file.php?store=$1&item=$2&file=$3
#ditch CI index.php
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php/$1 [L]
#route CSS files through PHP proxy to insert colour vars
RewriteRule (subj-(\w{11})\/)?([^\/]+)\.css$ assets/css/proxy.php?file=$3&subj-id=$2
I'm using .htaccess to redirect
http://www.example.com/foo/
to
http://www.example.com/foo/bar
This is my code:
redirect 301 /foo/ http://www.example.com/foo/bar
However this produces a feedback loop, something like
http://www.example.com/foo/barbarbarbarbarbar etc.
I've tried placing delimiters around it:
redirect 301 ^/foo/$ http://www.example.com/foo/bar
but then the redirect simply doesn't take place. I'm probably missing some very simple point of syntax. Any ideas? Thanks.
EDIT
Here's my (almost) full .htaccess file:
RewriteEngine On
RewriteBase /
# Canonical is www version
RewriteCond %{HTTP_HOST} !^www.example.com$ [NC]
RewriteRule ^(.*)$ http://www.example.com/$1 [L,R=301]
#redirect => http unless special page
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} !^/(javascripts|images|library|stylesheets)
RewriteRule ^(.*)$ http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
#redirect => https for special pages
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
# send to router
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php [L]
Have your rules like this:
RewriteEngine On
RewriteBase /
# Canonical is www version
RewriteCond %{HTTP_HOST} !^www\.example\.com$ [NC]
RewriteRule ^ http://www.example.com%{REQUEST_URI} [L,R=301]
#redirect => http unless special page
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{HTTPS} on
RewriteCond %{THE_REQUEST} !/(javascripts|images|library|stylesheets)
RewriteRule ^(.*)$ http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
#redirect => https for special pages
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{HTTPS} off
RewriteRule !^index\.php$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
RewriteRule ^foo/?$ /foo/bar [L,NC,R=301]
# send to router
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^ index.php [L]
make sure to test this in a new browser or clear your browser cache before testing.
For your information, it really depends on your hosting provider. It may be behind a Load Balancer and you don't have the proper env var set (like HTTPS and others...).
In my case (Infomaniak), nothing actually worked and I got infinite redirect loop.
The right way to do this for Infomaniak is actually explained in their support site:
RewriteEngine on
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule (.*) https://your-domain.com/$1 [R=301,L]
So, always check with your hosting provider. Hopefully they have an article explaining how to do this. Otherwise, just ask the support.
It depends on what is the resource that you want to expose with your redirect.
Is it a file or a directory.
if you would expose a directory under bar you should try :
RedirectMatch 301 ^/foo/ http://www.example.com/foo/bar/
if you would redirect to a file you should use this syntax :
redirect 301 /foo http://www.example.com/foo/bar
you can see this post for more informations
Instead of using redirect, you can use passthrough.
RewriteRule ^/foo$ /foo/bar [PT]
Firstly I implemented a rewrite rule for my REST API on an apache2 server with the following .htaccess file:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-s
RewriteRule ^(.*)$ index.php?rquest=$1 [QSA,NC,L]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^(.*)$ index.php [QSA,NC,L]
RewriteCond %{REQUEST_FILENAME} -s
RewriteRule ^(.*)$ index.php [QSA,NC,L]
</IfModule>
It worked fine. If I entered e.g. http://mypage.de/REST/SomeRule/12 my index.php in the folder REST/ received the information SomeRule/12.
Now I enabled SSL on my server and I wanted to force the API to use https so I added the following code to my .htaccess file:
RewriteCond %{SERVER_PORT} !^443$
RewriteRule (.*) https://%{HTTP_HOST}/$1 [L]
Now I receive a page not found error. Can you see the error in the .htaccess file, or must it be somewhere else? I am not that familiar with these files. To create my API I used this tutorial.
With the help of anubhava I found the solution.
When I updated my server to run with https my folder sites-enabled included a new file sites-enabled/default-ssl. In this file I had to set
AllowOverride All
like I already did for the on using http. I addition the correct solution for the .htaccess file was the following:
<IfModule mod_rewrite.c>
RewriteEngine On
#use https
RewriteCond %{SERVER_PORT} !^443$
RewriteRule (.*) https://%{HTTP_HOST}/%{REQUEST_URI} [L]
#used for api
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-s
RewriteRule ^(.*)$ index.php?rquest=$1 [QSA,NC,L]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^(.*)$ index.php [QSA,NC,L]
RewriteCond %{REQUEST_FILENAME} -s
RewriteRule ^(.*)$ index.php [QSA,NC,L]
</IfModule>
I was not able to use
RewriteRule (.*) https://%{HTTP_HOST}/$1 [L]
because the $1 then was somehow overwritten for the next Rule.
I've tried all the answers to similar stack questions and nothing has worked. I need to redirect all to https://www except for example.com/blogs/* and example.com/page-name.
I currently have this:
RewriteCond %{HTTPS} =off
RewriteRule ^(.*)$ https://www.example.com/$1 [R=301,L]
RewriteCond %{http_host} ^example.com [NC]
RewriteRule ^(.*)$ https://www.example.com/$1 [R=301,L]
which redirects everything except for https://example.com, it will NOT add the www.
You can see for yourself at https://moblized.com
RewriteEngine On
RewriteCond %{HTTPS} =off
RewriteRule ^(.*)$ https://www.moblized.com/$1 [R=301,L]
RewriteCond %{http_host} ^moblized.com [NC]
RewriteRule ^(.*)$ https://www.moblized.com/$1 [R=301,L]
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} blogs
RewriteRule ^(.*)$ http://moblized.com/blogs/$1 [R,L]
# Rewrite URLs of the form 'x' to the form 'index.php?q=x'.
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !=/favicon.ico
RewriteRule ^(.*)$ index.php?q=$1 [L,QSA]
</IfModule>
# $Id: .htaccess,v 1.90.2.4 2009/12/07 12:00:40 goba Exp $
AddHandler php5-script .php
Thank you!
I hope I understood you correctly. You want:
redirect from example.com to www.example.com (except /blogs/ and /page-name)
redirect all pages to HTTPS (except /blogs/ and /page-name)
based on your current .htaccess under /page-name you mean /favicon.ico
Here are the rules for the above requirements -- put them into your .htaccess:
# activate rewrite engine
RewriteEngine On
# don't touch favicon.ico (always accept as is regardless of the domain or protocol)
RewriteRule ^favicon.ico$ - [L]
# don't touch /index.php (usually means already overwritten URL)
# otherwise we may enter into a loop
RewriteCond %{REQUEST_FILENAME} -f
RewriteRule ^index\.php$ - [L]
# ensure trailing slash is present for /blogs -> /blogs/
RewriteRule ^blogs$ http://mobilized.com/blogs/ [R=301,QSA,L]
# /blogs/ should only be accessible via http://example.com/blogs/
RewriteCond %{HTTP_HOST} !^moblized\.com$ [NC]
RewriteRule ^blogs/(.*)$ http://mobilized.com/blogs/$1 [R=301,QSA,L]
RewriteCond %{HTTP_HOST} ^moblized\.com$ [NC]
RewriteCond %{HTTPS} =on
RewriteRule ^blogs/(.*)$ http://mobilized.com/blogs/$1 [R=301,QSA,L]
RewriteRule ^blogs/.* - [L]
# redirect to www.example.com if necessary
RewriteCond %{HTTP_HOST} ^moblized\.com$ [NC]
RewriteCond %{REQUEST_URI} !=/client-ipad-contest
RewriteRule ^(.*)$ https://www.moblized.com/$1 [R=301,QSA,L]
# redirect to HTTPS if not there already
RewriteCond %{HTTPS} !=on
RewriteCond %{REQUEST_URI} !=/client-ipad-contest
RewriteRule ^(.*)$ https://www.moblized.com/$1 [R=301,QSA,L]
# Rewrite URLs of the form 'x' to the form 'index.php?q=x'.
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ /index.php?q=$1 [L,QSA]
BTW, browser most likely will show "Untrusted Certificate" warning if your customer go to https://example.com. This is because HTTPS session has to be fully established first before the request starts processing by Apache's rewrite module.
If that is problem -- then consider buying another SSL certificate (or from another vendor) which will cover both example.com and www.example.com (GoDaddy does this for sure) or get wildcard certificate which will cover all subdomains -- *.example.com (but this most likely will be much more expensive).
UPDATE: After simulating your requirements locally (sorry, I have no SSL with working Apache, so I have replaced it (in my testing) with different kind of rule/domain name) I have revised and updated the rules.
I've tested these rules locally (all pages are very simple, just include 1 image & css and a bit of text) -- everything looking good. Let me know if something does not work.