I have setup a load balancer which accepts https connections from users. The compute engines are then connected to load balancer using http connection.
I have written the following .htaccess file in the root folder:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Now, the problem is, the compute engine is always connected via http link (to the load balancer) and not https.
Thus, the .htaccess file always consider the connection to be http and not https even if the url starts with https. So, it goes in an infinite loop trying to send the user to https even when the url is https.
What should be done to redirect http to https in this case.
Thanks.
You should check the X-Forwarded-Proto http header. It is set by the load balancer and will have the value http or https.
This took so long for me to find the answer to! Thank you so much #Lennert!
user#host-vm:/opt/bitnami/apps/wordpress/htdocs# head -4 /opt/bitnami/apps/wordpress/conf/htaccess.conf
RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-Proto} =http
RewriteRule . https://%{HTTP:Host}%{REQUEST_URI} [L,R=permanent]
For those who are using php, I've been looking for a simple way to make my project redirect any page to https in Google Cloud, and I found a simple solution. All you have to do is to add this code at the top of your php page. It has to be at the top, the F̲i̲r̲s̲t̲ L̲i̲n̲e̲ of code in your header:
<?php
if ($_SERVER['HTTPS'] == 'off') {
header("Location: https://www.YOUR_SITE.com".$_SERVER['REQUEST_URI']);
die();
}
?>
Related
As i have now https version of my website is it seo friendly to have "permanently moved" status 301, 200 and redirect the http url to https ?
I am using .htaccess to do this
RewriteCond %{HTTPS} !on
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Here is the example of the non http url test:
Go to https://httpstatus.io/ and test url http://sunnybeachtaxi.com/from-Sunny-Beach-to-Burgas-airport-options-Burgas-1-4-35/book/
returns 301, 200
Now another question is what canonical url should i use http or https ? I know google prefers https but still not sure. At the moment http urls are indexed and https are not becouse they appear to google as dublicates.
What is the best steps to achive this ? Should i first remove the http urls and then submit to google index the https ones?
Thanks
If you want to permanent redirect from HTTP to HTTPS then you should first of all purchase SSL certificate and activate it for your site. Nowadays google does not allow some site which is running without HTTPS. Just add SSL to your site and you do not need to submit it again into google webmaster just because of that if you have update time to time sitemap of your website. crawler automatically understand.
What is canonical URL's?
A canonical tag is a different way of telling search engines that a specific URL represents the master copy of a page. visit this SEO MOZ page for more information. https://moz.com/learn/seo/canonicalization
Thank you in advance
My SSL is managed by cloudFlare but I prefer using htaccess method to control redirection of site to use HTTPS. I have a domain www.mysite.com and a sub domain demo.mysite.com. I want HTTPS on full website of www.mysite.com and on full website of demo.mysite.com as well except for just 1 page on my subdomain to prevent mixed content. That page can contain both HTTP and HTTPS links loaded in iFrame. Currently that page loads in HTTPS along with whole website but I want it to load in HTTP only and not HTTPS. The page is demo.mysite.com/surf.php which can be accessed by clicking an Ad at demo.mysite.com/ads.php.
I tried this in my htaccess file but the page surf.php still redirects to HTTPS.
# FORCE HTTPS
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} \/(surf.php)
RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]
# DISABLE HTTPS
RewriteCond %{HTTPS} on
RewriteCond %{SCRIPT_FILENAME} !\/(surf.php) [NC]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ http://%{HTTP_HOST}$1 [R=301,L]
I have disabled "Always use HTTPS" in my cloudFlare settings and my SSL is Flexible. Also, no page rules are set. I prefer htaccess method. Please help me and tell me what to do?
I have the following working on a domain in Cloudflare that has a flexible Cloudflare cert.
Instead of using .htaccess I have 2 Cloudflare page rules.
The first rule:
*.domain.com/page-to-ignore.htm
SSL: Off
Second rule:
http://*.domain.com/*
Always Use HTTPS
The order matters, and when testing on your own site, make sure you have cleared your browser cache.
Hope this helps!
If you are still facing trouble then you can also use a PHP code instead. Paste this code on your header file of the website or paste on each page where you want the website to be redirected to HTTPS or HTTP. Make sure to disable "Always use HTTPS" in cloudFlare and you can choose any SSL you want i.e, Flexible, Full or Full (strict).
PHP code for redirecting to HTTPS:
if($_SERVER['HTTP_HOST'] != 'localhost'){
if(!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] !== 'on'){
if(!headers_sent()){
header("Status: 301 Moved Permanently");
header(sprintf('Location: https://%s%s',$_SERVER['HTTP_HOST'],$_SERVER['REQUEST_URI']));
exit();
}
}
}
PHP code for redirecting to HTTP:
if($_SERVER['HTTP_HOST'] != 'localhost'){
if(isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] == 'on'){
if(!headers_sent()){
header("Status: 301 Moved Permanently");
header(sprintf('Location: http://%s%s',$_SERVER['HTTP_HOST'],$_SERVER['REQUEST_URI']));
exit();
}
}
}
This worked for me pretty well. Paste the code at the top of each page. If you are using session_start(); then place this code immediately after that. That's a good practice.
I am redesigning a website that is currently served over HTTPS via WPEngine. The new site will just be a static HTML landing page, which will be hosted on a totally new server over HTTP.
My concern is that users will get connection errors. Can I just use .htaccess to redirect HTTPS to HTTP to solve the issue?
May be this could help you, in htaccess
RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
This will redirect https://www.test.com to http://www.test.com
For more http://www.hashbangcode.com/blog/using-htaccess-redirect-https-http
I want to redirect my wordpress login page to use HTTPS but do not want the rest of the site using it. I know how to redirect all the site via HTTP to HTTPS but not just a specific URL.
So I want http://example.com/wp-admin to go to https://example.com/wp-admin
This is what I currently have below and I have tried adding bits in but not got there.
Redirect / https://example.com/
You need to use mod_rewrite to enable https for a specific url.
Try the following in htaccess :
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule ^wp-admin/?$ https://%{HTTP_HOST}%{REQUEST_URI} [NC,L,R]
I've got the problem that I want to redirect my HTTP requests to a HTTPS using a shared SSL certificate. For some stupid reason of my host I have to attach the SSL Port on the request url.
Basically I want to redirect this:
http://sub.domain.com
to
https://sub.domain.com:12345
my .htaccess looks like this:
RewriteEngine On
RewriteCond %{HTTPS} =off
RewriteRule ^(.*)$ https://%{HTTP_HOST}:12345%{REQUEST_URI} [L,R]
By this results in a redirect loop. I have no idea why though. Is this maybe because I use a shared SSL certificate which is not made for the domain and therefore the RewriteCond is always off?
thanks in advance!
EDIT:
I've checked the response header and saw that the location field still points to the non https url. But if I use another domain (or even a subdomain) it works. So why doesn't work the redirect to the same domain?
Try changing your condition to:
RewriteCond %{SERVER_PORT} 12345