I know this question has been asked a lot of times but I don't know why this is still not working for me.
# force https:// for all except some selected URLs
RewriteCond %{HTTPS} off
RewriteCond %{THE_REQUEST} !/freezer-rack-configurator-demo/ [NC]
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# force http:// for selected URLs
RewriteCond %{HTTPS} on
RewriteCond %{THE_REQUEST} /freezer-rack-configurator-demo/ [NC]
RewriteRule ^ http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
I need all urls to be https and it's working no problem. However the url "freezer-rack-configurator-demo" is still being forced to have https when I need it to be http only. Would someone also guide me how to do this with multiple urls. I'm really terrible with htaccess.
Thanks in advance.
Related
Hi after 1 week of research i'm still stuck with my domain redirections
I want my http://domain.fr pointing to https://www.domain.fr
I'm trying with htaccess file with no success...
RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,L]
RewriteCond %{HTTP_HOST} ^www\.*
RewriteRule (.*) https://%{HTTP_HOST}/$1 [R=301,L]
When i'm testing my redirections it seems https://www.domain.fr is redirecting itself without understading why...
have you guys any idea ?
The problem is in your 2nd RewriteRule
RewriteCond %{HTTP_HOST} ^www\.*
RewriteRule (.*) https://%{HTTP_HOST}/$1 [R=301,L]
You rule does a permanent redirection of www domain to the same location ie : ( www.e ample.com => www.example.com ) that is why you got the redirect loop error.
To redirect http urls to https ,first of all you need to check if the request scheme is http. You can use RewriteCond %{HTTPS} off to check the non - secure http connection and then use RewriteRule to redirect the request to https .
Use the following simple Rule to redirect http to https :
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://www.example.com/$1 [L,R=301]
Make sure to clear your browser cache before testing this.
I have an SSL certificate for website http://xyz.co/.
I created .htacces file for forcing users to use https instead of http.
I tried:-
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
But it shows me error as
net::ERR_TOO_MANY_REDIRECTS
Try to redirect to an entirely different url to make sure your condition is actually firing. At first sight I would say your RewriteRule is wrong because that's no RegEx, ^ is just an anchor.
So try this:
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^.* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
I assume you don't get ERR_TOO_MANY_REDIRECTS errors when you remove this part.
I have spent countless hours trying to solve this problem and it's doing my head in. I'm sure that it is very simple but none of the answers I have found either on stackoverflow.com or other sites work for me.
I am using an SSL certificate that is only valid for www.example.com and for a myriad of silly corporate reasons I am stuck with only this certificate.
I would like to force all requests to use SSL and prepend www. to the domain. All of the following domains rewrite correctly:
example.com/
http://example.com/
http://www.example.com/
https://www.example.com/
The domain that is not rewritten and is the one problem I cannot find the answer to anywhere is
https://example.com
It simply spits out the usual "Certificate Is Not Valid" warning.
I have the following code in my .htaccess file:
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]
RewriteCond %{http_host} ^example.com [NC]
RewriteRule ^(.*)$ https://www.example.com/$1 [R=301,L]
I really hope that somebody has a solution for me because I cannot find the answer anywhere.
This should work:
RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [L,R=302]
RewriteCond %{HTTPS} =off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [NC,R=302,L]
It will check to see if it has www in the url, if it doesn't then it will add it. Then it will check and see if it is https and if it isn't then it will add it.
Currently using the following to make sure my website always is using www. How would I modify this to be www and https?
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^ http://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Tried this, but ended up with www.www.website if the user had no https but did already have a www
RewriteCond %{HTTPS} off
RewriteRule ^(.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Not sure how to combine the two
Make us of {SERVER_PORT} to see if the request is made via regular connection (80), then redirect to the https URL.
This should do it:
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]
Here are some nice example, using different methods.
We have software on our site that enables us to send SMS to our members. The software communicates with a third part api and they communicate delivery reports back to the site. This delivery report specifically needs http://www. The url the send the report to is
http://www.example.com/index.php?option=com_acysms&ctrl=deliveryreport&gateway=telerivet&pass=S6fd65thisisafakepasswordstring
Currently, I have all pages redirecting to https://www using this in .htaccess
RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# force https:// for all except some selected URLs
RewriteCond %{HTTPS} off
RewriteCond %{THE_REQUEST} !/index.php?option=com_acysms&ctrl=deliveryreport&gateway=telerivet&pass=S6fd65thisisafakepasswordstring/ [NC]
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# force http:// for selected URLs
RewriteCond %{HTTPS} on
RewriteCond %{THE_REQUEST} /index.php?option=com_acysms&ctrl=deliveryreport&gateway=telerivet&pass=S6fd65thisisafakepasswordstring/ [NC]
RewriteRule ^ http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
As you can see, I am trying to exclude the page in question from the force https://www protocol. It's not working. All my searches deal with either https or www, but not both. Any help here is appreciated.
Cheers!
Ok, I'm not going to address the really bad idea that is sending a password in a query string over an insecure connection. That's something you should take up with the third party running that API.
Now for why your RewriteRules might not be working.
According to the Apache variables documentation, %{THE_REQUEST} covers the full request line, not just the request URI or query string:
THE_REQUEST | The complete request line (e.g., "GET /index.html HTTP/1.1")
You probably want to use %{REQUEST_URI} and %{QUERY_STRING} to capture those reports. So your rules would look something like:
# force https:// for all except some selected URLs
RewriteCond %{HTTPS} off
RewriteCond %{QUERY_STRING} !^option=com_acysms&ctrl=deliveryreport&gateway=telerivet&pass=.+$ [NC]
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# force http:// for selected URLs
RewriteCond %{HTTPS} on
RewriteCond %{QUERY_STRING} ^option=com_acysms&ctrl=deliveryreport&gateway=telerivet&pass=.+$ [NC]
RewriteRule ^ http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Or if you want to use ${THE_REQUEST}, they would look like this:
# force https:// for all except some selected URLs
RewriteCond %{HTTPS} off
RewriteCond %{THE_REQUEST} "^POST /index\.php\?option=com_acysms&ctrl=deliveryreport&gateway=telerivet&pass=.+ HTTP/1\.1$" [NC]
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# force http:// for selected URLs
RewriteCond %{HTTPS} on
RewriteCond %{THE_REQUEST} "^POST /index\.php\?option=com_acysms&ctrl=deliveryreport&gateway=telerivet&pass=.+ HTTP/1\.1$" [NC]
RewriteRule ^ http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
The request is in quotes because of the spaces, but you could just escape them with a \ instead. This also assumes the request is made using HTTP 1.1 and the POST method.