I have an app build in Laravel but have issues in accessing pages through https. Example, if I access geepay.in, the app redirects to https
However, if I access http://geepay.in/9860494211 it redirects to https domain index.php
(Also if I remove the script from htacess, the app stops working and throws error).
My htacess files contains the following
RewriteEngine On
# Redirect Trailing Slashes...
RewriteRule ^(.*)/$ /$1 [L,R=301]
# Handle Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
#Hadle https
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
</IfModule>
AddHandler application/x-httpd-php55 .php55 .php
How I can fix this issue?
You simply fix this issue by swapping the rewrite and https-redirect. In your case, Apache will match rule 2 first. Then rule 1 and 2 do no longer match and you match rule 3. Since you have already rewritten the url, you perform the redirect with the rewritten url.
If you swap the rules, the redirect will be matched first. Afterwards, the new request will match your rule 2 (then 3), and let Laravel handle the request.
Related
I have a codeigniter project. Here is the .htaccess file of it:
RewriteEngine on
#HTTPS redirection
RewriteCond %{HTTPS} =off
RewriteRule ^.*$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
#CodeIgniter Rules
RewriteCond $1 !^(index\.php|css|img|js|fonts|robots\.txt|favicon\.ico)
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?/$1 [L,QSA]
Basically I am redirecting all non https traffic to https. My problem is that I was to exclude one codeigniter controller and all its URLs from this redirect. Some of the controller URL structure are:
http://example.com/external/?url=blablabla
http://example.com/external/
http://example.com/external/out/543260
http://example.com/external?goto=blablablabla
So these are codeigniter URLs. They are NOT files or directories. I already tried every possible RewriteCond to exclude these URLs but it's not working.
How can I exclude these codeigniter routed urls from the HTTP -> HTTPS redirection?
I think I know where the problem is. the /external/ is a codeigniter module and as a result, it gets rewritten to /index.php?/external . The index.php is rewritten to HTTPS and that's why it's getting rewritten to HTTPS. All I have to do is to exclude index.php?/external from the HTTPS rewrite rule.
Been looking all over for an answer but no response found could solve my problem.
I'm using the following .htaccess file to redirect users from a site to its https version :
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} !=on
# This checks to make sure the connection is not already HTTPS
# RewriteCond %{REQUEST_URI} !^/api-vop/
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
# This rule will redirect users from their original location, to the same location but using HTTPS.
# i.e. http://www.example.com/foo/ to https://www.example.com/foo/
# The leading slash is made optional so that this will work either in httpd.conf
# or .htaccess context
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
I have first a rule to redirect to HTTPS then a rewrite rule for classic url rewriting to replace urls like myfile.php to /my-file
Thing is I need to let one url which is http://my-server.com/api-vop go through without being redirected to https, as seen by this line :
# RewriteCond %{REQUEST_URI} !^/api-vop/
Thing is I cannot get it to work, at best I'm trhown back to the index.php page.
Any solution anyone ?
Thanks in advance !
Keep your first rule as:
RewriteCond %{HTTPS} off
# This checks to make sure the connection is not already HTTPS
# RewriteCond %{THE_REQUEST} !\s/+api-vop/
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L,NE]
THE_REQUEST variable represents original request received by Apache from your browser and it doesn't get overwritten after execution of some rewrite rules. Example value of this variable is GET /index.php?id=123 HTTP/1.1
So, here is the situation:
We are running a website which is powered by Drupal. Sometime ago, it was decided that the website should be served as SSL. The settings to redirect the site from http to https was done by a guy who is not with us anymore.
I can see in the .htaccess file the following lines
#Redirect http to https
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://docs.dev.domain.com/$1 [R,L]
mydomain.com points to the root of the LAMPP server and my site is in a folder inside the webroot (docs.dev.domain.com/mysite).
Now, it has been decided that the SSL is not needed and it has to be removed and all the pages must be served via http (301 redirect).
When I do that in the .htaccess file by using the RewriteRule to redirect a URL (e.g. https://docs.dev.domain.com/mysite/content/book) to http when a user visits https by using:
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !=/favicon.ico
RewriteRule ^ index.php [L]
#Redirect HTTPS to HTTP
RewriteCond %{SERVER_PORT} ^443$
#RewriteCond %{HTTPS} on
RewriteRule ^(.*)$ http://docs.dev.domain.com/mysite/$1 [R=301,L]
#even tried this - RewriteRule ^(.*)$ http://docs.dev.domain.com/$1 [R=301,L]
but it redirects every request on https to http://mydomain.com/mysite/index.php (even the urls like (https://docs.dev.domain.com/mysite/content/book/1 which should ideally be redirected to its http counterpart).
How can I remove the https so that my dynamic URLs are served via plain http?
Sorry if this is very novice problem.
This is happening because you have a routing rule before the redirect. The rewrite engine will loop until the URI comes back unchanged, and at that point, it evaluates if the URI needs to be passed onto other modules in order to handle redirecting or proxying.
That means your request is getting routed to index.php, then the rewrite engine loops, then it sees that the request (which at this point is simply /index.php) needs to be redirected, so the request gets flagged to be redirected. Then mod_rewite redirects, but by now, the URI is mangled by your routing rule.
You need to swap the order:
RewriteCond %{HTTPS} on
RewriteRule ^(.*)$ http://docs.dev.domain.com/mysite/$1 [R=301,L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !=/favicon.ico
RewriteRule ^ index.php [L]
Enabling SSL or disabling it in Drupal has very easy method by enabling/disabling a module. You should check the module name securepages & if it is there you just need to disable it for disabling HTTPS...
Then you can go to your YOURSITE/sites/default & look into settings.php & if $base_url is defined then just remove the 'S' from 'HTTPS'.
You are done...
I don't think that guy enabled it from .htaccess & so I gave my answer even after you solved it by Jon Lin answer..
I got the following htaccess, tried adding https rewrite/redirect - and it doesn't work, any idea what am I doing wrong?
RewriteEngine on
RewriteRule \.svn/ - [F]
# rewrite traffic to HTTPS
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
# if a directory or a file exists, use it directly
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
# otherwise forward it to index.php
RewriteRule . index.php
Did you mean to omit the [L] after your https rewriterule? Without it, if I request "http://myserver.com/something" it will first rewrite as "https://myserver.com/something" but then (I believe) continue on in the .htaccess file, subsequently using the internal rewrite to serve up "index.php" without actually redirecting the client. Though if the file requested does exist I'm not sure how Apache would handle that.
I have the following in my .htaccess - the clean url's declaration and the https redirect both work fine individually but put together are causing the continuous redirect error (this server is redirecting in a way which will never complete).
Here is my .htacess:
RewriteEngine on
# if a directory or a file exists, use it directly
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
# otherwise forward it to index.php
RewriteRule . index.php
# force to use https
#RewriteCond %{HTTPS} !=on
#RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Any idea how i can resolve this?
Thank you
Hope I am not late as I stumbled through your same problem and figured out the conflict just a day ago.
Write the following in your .htaccess file:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . index.php
The first rule will automatically redirect any HTTP requests to HTTPS and (through the crucial [L] tag) stop other substitutions which will mess up the page (specifically, images and CSS stylesheets would not be served).
The second one is the Yii suggested way to check whether a particular URL corresponds to a real file or directory and, if not, to forward the request to index.php (the bootstrap file for the Web application). (The rules in the application's configuration file should do the rest, then).