Force HTTP for all pages except specific URLs - .htaccess

I have a situation where I need to force every single page in my site to redirect to HTTP except for two specific URLs which need to force redirect to HTTPS.
The two pages that need to redirect to HTTPS pages are:
/microsoft-moc-on-demand-video-training/moc-registration-page/
/courses/register/
The code I've been using in my .htaccess file looks like this:
RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} !^/courses/register/
RewriteCond %{REQUEST_URI} !^/microsoft-moc-on-demand-video-training/moc-registration-page/
RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
RewriteCond %{HTTPS} off
RewriteRule ^(/courses/register/|/microsoft-moc-on-demand-video-training/moc-registration-page/)/ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
Unfortunately this doesn't seem to be working. The entire site does redirect to HTTP (so part of the code works), but those two exceptions (which should redirect to HTTPS) do not do that, they stay as HTTP links.
Any idea what I'm doing wrong here?

The problem is that for RewriteRule, there is no initial / in the requested path. Therefore, you're trying to match something that isn't present.
You also had an extra / at the end of each option in the first capture group, which when combined with the final / would require a path such as /courses/register//.
The following code should suit your needs:
RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} !^/courses/register/
RewriteCond %{REQUEST_URI} !^/microsoft-moc-on-demand-video-training/moc-registration-page/
RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
RewriteCond %{HTTPS} off
RewriteRule ^(courses/register|microsoft-moc-on-demand-video-training/moc-registration-page)/ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

Related

Redirect http to https and www to non-www in .htaccess

First of all, I know there are lots of answers on this, but I don't actually find one that works. This is what I have in the .htaccess file right now, and I want to mention that it worked previously, but it does not anymore.
Redirect 301 /unt-de-cacao-de-plaja/filtre/producator/crisnatur/ /ingrijire-corporala/unt-cacao/unt-de-cacao-pentru-plaja-100g
Options +FollowSymlinks
# Prevent Directoy listing
Options -Indexes
# Prevent Direct Access to files
<FilesMatch "(?i)((\.tpl|\.ini|\.log|(?<!robots)\.txt))">
Require all denied
## For apache 2.2 and older, replace "Require all denied" with these two lines :
# Order deny,allow
# Deny from all
</FilesMatch>
# SEO URL Settings
RewriteEngine On
# If your opencart installation does not run on the main web folder make sure you folder it does run in ie. / becomes /shop/
RewriteBase /
RewriteRule ^sitemap.xml$ index.php?route=extension/feed/google_sitemap [L]
RewriteRule ^googlebase.xml$ index.php?route=extension/feed/google_base [L]
RewriteRule ^system/download/(.*) index.php?route=error/not_found [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !.*\.(ico|gif|jpg|jpeg|png|js|css)
RewriteRule ^([^?]*) index.php?_route_=$1 [L,QSA]
# FORCE HTTPS AND NON WWW
RewriteEngine on
RewriteCond %{ENV:HTTPS} !on
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ https://%1/$1 [R=301,L]
As a mention, I will have a lot of Redirect 301 from old pages to the new ones since the entire structure has been changed.
And the links that I am redirecting inside my website come with "www" like:
https://www.example.com/unt-de-cacao-de-plaja/filtre/producator/crisnatur/
and needs to be redirected to:
https://example.com/ingrijire-corporala/unt-cacao/unt-de-cacao-pentru-plaja-100g
Redirect to https and non-www
To instead redirect all requests to https and non-www, use the following code instead of the previous:
Canonical HTTPS/non-WWW
<IfModule mod_rewrite.c>
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www\.example\.com [NC]
RewriteRule (.*) https://example.com/$1 [L,R=301]
</IfModule>
As before, place this code in the root .htaccess of your site. Here is what it's doing:
Checks if mod_rewrite is available
Checks if HTTPS is off, or if the request includes www
If either condition matches, the request qualifies and is redirected
to the https/non-www address
OR
RewriteEngine On
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www\. [NC]
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]
RewriteRule ^ https://%1%{REQUEST_URI} [L,NE,R=301]
A few issues, in order of importance:
You have your canonical HTTP to HTTPS and www to non-www redirects at the end of the file. By placing it at the end of the file, after your front-controller, it's simply never going to be processed for most requests. This needs to be near the start of the .htaccess file, before your front-controller.
You should avoid mixing redirects from both mod_alias (Redirect) and mod_rewrite (RewriteRule) in the same scope. Different modules execute at different times throughout the request, despite their apparent order in the config file. Since mod_rewrite is required for other redirects, you should convert the mod_alias Redirect directives to use RewriteRule instead.
For example:
RewriteRule ^unt-de-cacao-de-plaja/filtre/producator/crisnatur/$ /ingrijire-corporala/unt-cacao/unt-de-cacao-pentru-plaja-100g [R=301,L]
You should include the canonical scheme and hostname in your URL redirects in order to avoid multiple redirects when requesting an "old" URL at a non-canonical scheme ot hostname.
For example:
RewriteRule ^unt-de-cacao-de-plaja/filtre/producator/crisnatur/$ https://example.com/ingrijire-corporala/unt-cacao/unt-de-cacao-pentru-plaja-100g [R=301,L]
Depending on what you mean exactly by "a lot of Redirect 301" - you should not be doing this at all in .htaccess and instead redirecting in your server-side script, once you have determined that the request will 404. This is to prioritise normal site visiters and not your redirects (that get executed on every single request).
RewriteCond %{ENV:HTTPS} !on
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ https://%1/$1 [R=301,L]
Since you stated that these directives worked previously then I assume the use of the HTTPS environment variable is OK on your system. But note that, whilst this is relatively common, it's non-standard. (It implies the server is using some kind of SSL front-end/proxy.)
Note that the order of these rules will result in a double redirect when requesting http://www.example.com/<anything> (HTTP + www). Which is necessary if you are implementing HSTS, but otherwise, you should reverse these two rules to avoid this unnecessary double redirect.

Simple http (including www) to https htaccess

I want to verifiy that if my redirection code is implemeted good to dont have problems in seo.
Currently using this code:
I want to do this:
- http://mydomain.tld to https://www.mydomain.tld
- http://www.mydomain.tld to https://www.mydomain.tld
My currently code is:
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]
RewriteCond %{HTTPS} !on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
Currently is redirecting but I dont know if 301 is implemented good?
If you're concerned if a redirect is having a negative impact on organic rank, such as multiple redirects (rather than one clean redirect), you can use this tool to check each redirect 'hop':
RedirectDetective.com

https to http while keeping path

I have here a little problem with a website and its WordPress blog.
For a short time, we had setup everything with https, until we were facing some issues and had to go back to HTTP.
Back then, I had a little collection of .htaccess files to deal with these kinds of problems, but I never actually tried my "non-www to www - ssl"
The intent was to add www and redirect https to http
RewriteCond %{HTTPS} on
RewriteRule ^/?$ http://%{SERVER_NAME}/ [R=301,L]
RewriteCond %{HTTP_HOST} !^www\.
RewriteCond %{HTTPS}s ^on(s)|
RewriteRule ^ http%1://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Seemed pretty simple to me and I thought it should work.
I have two .htaccess files, one for http://www.example.com/ and one for http://www.example.com/blog both with the same content, as users are primarily coming from SE's via Blog.
The Problem is: If I load https://www.example.com/blog I get redirected to http://www.example.com/ instead of http://www.example.com/blog.
While writing the Question I thought I try this Question I had the idea to add this
RewriteCond %{HTTPS} on
RewriteRule ^/?$ http://%{SERVER_NAME}/{REQUEST_URI} [R=301,L]
RewriteCond %{HTTP_HOST} !^www\.
RewriteCond %{HTTPS}s ^on(s)|
RewriteRule ^ http%1://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
but then I get only redirected to http://www.example.com/{REQUEST_URI}
Could someone please tell me how I can keep the path on that redirect query?
RewriteCond %{HTTPS} on
RewriteRule ^/?$ http://%{SERVER_NAME}/{REQUEST_URI} [R=301,L]
If you notice that in your other directive you have %{REQUEST_URI}. You are missing the % prefix above. This is required syntax in order to get the value of the REQUEST_URI server variable. But also note that the value of REQUEST_URI already includes a slash prefix, so the slash should be omitted from the substitution. ie. instead of /{REQUEST_URI} it should be %{REQUEST_URI}.
Also note that the RewriteRule pattern (^/?$) only matches the root of your site (or /blog subdirectory if this .htaccess file is in that subdirectory). You need to match everything. So, modify the above RewriteRule like this:
RewriteRule ^ http://www.example.com%{REQUEST_URI} [R=301,L]
I've also hardcoded the domain, otherwise, you'll end up with a double redirect when requesting the non-canonical (ie. non-www) host.

Is it possible to have a certain files in a server to redirect to https and others are forced to only http no matter if you put https

Is it possible to do this on .htaccess
if(filename.php = "order.php"){
redirect to https
}else{
redirect to http
}
I need it to do something like this, user might want to put https on my index.php and its unsecure and gives an error, that why I need to force to http if its not order.php, and force https if its order.php
I have 3 similar folders like in 1 server,
I tried to use this
RewriteEngine On
RewriteRule /(order.php) https://%{SERVER_NAME}%{REQUEST_URI} [L]
but failed, I did it on PHP, but I will have to put all of it hundred files.
So Iguess .htaccess will be more time efficient,
Yes it's possible
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} ^/order.php
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} !^/order.php
RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

https to http in .htaccess with exceptions

I've done enough research to figure out that to redirect sitewide all of my https pages to their http equivalent, I need to use this code...
RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
My issue is, there are a handle of pages that I still want to remain as https. For the sake of example, let's say I want page1.php, page2.php, and page3.php to REMAIN as .https, with everything else on the site redirecting. Anyone know how to do this?
Try something like this:
RewriteEngine On
# Force page1,2,3.php onto HTTPS
RewriteCond %{HTTPS} off
RewriteRule ^(page1|page2|page3)\.php https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L,QSA]
# Redirect other HTTPS requests to plain HTTP
RewriteCond %{HTTPS} on
RewriteCond ${REQUEST_URI} !(page1|page2|page3)\.php
RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L,QSA]

Resources