I've added a SSL certificate and I've noticed that some images are blocked by the HTTPS.
For example on index I can see all the images but for some reasons on the login page it doesn't show the image.
http://prntscr.com/dnl3jc
But on index it shows the background (the background from the index is the same as the background from the login page)
http://prntscr.com/dnl3qc
That is what I use for HTTPS redirect in .htaccess
RewriteEngine On
RewriteCond %{HTTPS} !on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
Later edit: I've noticed that only the Register and Login page have the problem.
The problem was that in order for everything to be displayed properly in HTTPS:// every link that's not localy, it doesn't matter if image/symbol etc has to be a HTTPS:// link not a HTTP:// .
Related
I have this Drupal project which inherited several domains, so I have:
www.domain1.com
www.domain1.co.uk
www.domain2.com
www.domain3.com
and I want to redirect all these domain to www.newdomain.com and also want to redirect all requests to https to http as well as redirect all the domains above without www to www.newdomain.com and have tried a few things but it didn't work.
Here's what I've tried:
RewriteCond %{HTTP_HOST} !^www\.newdomain\.com [NC]
RewriteCond %{HTTP_HOST} !^$
RewriteRule ^/?(.*) http://www.newdomain.com/$1 [L,R,NE]
But with the above, all old domains (domain1.com, domain2.com, etc) gets redirected to www.newdomain.com, however when I hit https://domain1.com for example (it happens with all domains above using http), it shows a blank page. When I hit https://www.domain1.com it shows a warning from using a self signed certificate - meaning it doesn't redirect to http.
I've read on a page somewhere that I should delete these lines from htaccess:
RewriteRule ^ - [E=protossl]
RewriteCond %{HTTPS} on
RewriteRule ^ - [E=protossl:s]
But when I did, even the basic redirect that happens now (for instance, from www.domain1.com to www.newdomain.com stops working.
What am I missing here?
Thanks in advance
If https protocol always shows blank page, maybe there is distinct folder for it on your FTP ("httpsdocs" or something like that).
Also you should check your hosting provider's help page for more information about the https protocol and SSL certificate configurations.
I've recently installed on my website a CloudFlare SSL Certificate.
However, when I am trying to force my website over HTTPS, I fail.
I firstly attempted to create a redirect from HTTP to HTTPS from my web host control panel (Hostinger), but apparently, you cannot create a redirect for the same website.
After this, I went to the .htaccess file and edited it, adding the following codes:
RewriteCond %{HTTPS} !=on [OR]
RewriteCond %{HTTP_HOST} ^domain\.com$ [NC]
RewriteRule ^.*$ https://www.domain.com%{REQUEST_URI} [R,L]
Error: The broswer does not redirects me to load the domain over HTTPS.
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.yourdomain.com/$1 [R,L]
Error: In Google Chrome I get the following error screen:
This webpage has a redirect loop
ERR_TOO_MANY_REDIRECTS
In Opera, the web page does not load.
I tried to delete my Chrome's cache, but it still didn't work.
Any tips?
You can utilise CloudFlare's page rules. Login to your account, head over to page rules. Click "Create Page Rule".
type in your domain name in the following format: http://example.com/* and add the setting
Always use HTTPS
Then press save and wait 30 seconds.
I have a website where all URLs are rewritten to avoid seeing extensions and the original file name. So, in my htaccess, I have the following:
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^example-1$ filename_1.php
RewriteRule ^example-2$ filename_2.php
Now, I also have a few pages that I wanted to be only https and only http. So, let's say I want filename_1 to alwaysbe https and filename_2 to always be http. So, I have the following codes.
RewriteCond %{HTTPS} off
RewriteRule ^(filename_1)\.php$ https://%{HTTP_HOST}%{REQUEST_URI} [L,NC,R]
And
RewriteCond %{HTTPS} on
RewriteRule ^(filename_2))\.php$ http://%{HTTP_HOST}%{REQUEST_URI} [L,NC,R]
This is just and example but I actually have many files affected by those two rules.
Now, I thought it was working great until I noticed that when I am on an https page and I access a non https page, the url changes to show the actual file name. So, if I am on https://www.mywebsite.com/example-1 and I try to access example-2, the url changes to http://www.mywebsite.com/filename_2.php instead of http://www.mywebsite.com/example-2. And the same for going from http to https. (I am keeping it simple in those examples but the problem only arise with pages with variables in the url. Simple ones like www.mywebpage.com/homepage work just fine.)
So, I added this line of code:
RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} !^/(example-2)/ [NC]
RewriteRule ^(.*)$ http://%{HTTP_HOST}/$1 [L,R=301,NE]
So, it worked to go from https to http but then things just got crazy! I get redirect loops at certain https and non https page and I have no clue why! The thing is that I started by adding one page at a time to this new rule. And pages that I haven't even added yet give me some redirect loop. Then I try adding those pages but instead of https on, I used https off and it got even crazier.
So my question is what is a good way to have all the following perform harmoniously:
1. Rewrite all urls to custom ones
2. Having http and https page while keeping the custom urls and avoiding all redirect loops.
Thanks!
For reasons of SEO, I would like to redirect all but one of the pages of my website from https to http. Currently, if you visit the https:// version you are presented with my website and the aforementioned prefix is in the address bar. If you visit the http:// version the https:// prefix is absent. Apparently, as a result, Google treats my site as if it were two identical sites. Not good for SEO.
St.Woland's answer here was very helpful in redirecting almost all the pages of my website from https to http. In fact, it worked like a dream until I tried visiting the one page that needed to have the secure connection.
Before trying his fix, were you to visit the secure basket page the whole page was marked as secure. However, with the recommended .htaccess fix in place, all images and css were flagged as insecure and Chrome refused to load them; the page looked a mess.
It seemed like an article on Best Host Ratings had the solution: add further .htaccess files to the images and css folders and all would be well.
Sadly, this then meant that those pages without the https:// prefix did not load the css or the images.
Please see below the code I put in. Firstly, the .htaccess to redirect all but the basket page from https to http:
RewriteEngine On
RewriteBase /
# Turn SSL on for basket
RewriteCond %{HTTPS} off
RewriteCond %{SCRIPT_FILENAME} \/basket\.php [NC]
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
# Turn SSL off everything but basket
RewriteCond %{HTTPS} on
RewriteCond %{SCRIPT_FILENAME} !\/basket\.php [NC]
RewriteRule ^(.*)$ http://%{HTTP_HOST}/$1 [R=301,L]
Secondly, the .htaccess I placed in the images directory:
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} images
RewriteRule ^(.*)$ https://www.domain.com/images/$1 [R,L]
An obvious solution to this situation might be to just redirect the whole site across to the https version. But, placed at the base of all pages except the basket page is script from Google AdWords that places relevant ads across the internet after users have visited my site. This script is flagged as insecure.
Any help with this issue would be most appreciated.
With kind regards,
Mark
I have a page which I'm redirecting using PHP:
header('Location:notices.php');
exit;
Is it possible to hide the page name entirely using .htacess? So instead of the browser showing the URL http://example.com/notices.php, it instead shows http://example.com but in effect it really loadedhttp://example.com/notices.php.
I'm open to any other solution since my goal here is just to not show the actual page being loaded.
EDIT: The browser still loads notices.php (not /index.php) but the URL shows /. Only the URL changes, or in this case, masks the file being loaded.
notices.php:
<?php
include('index.php');
exit();
doing a header() redirect WILL show the new url in the browser. That's unavoidable. You've told the browser "go over there", so it obediently does.
The other option is to use mod_rewrite to silently rewrite requests for /notices.php into a request for /index.php.
Add the following to your .htaccess file in the root folder of example.com
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} ^(.+)?\.example.com [NC]
RewriteCond %{REQUEST_URI} ^/?$
RewriteRule . notices.php [L]
All requests to example.com will show notices.php, if this is what you really want.