Forcing https only on one page of a yii website - .htaccess

I am trying to force https only on one page of a yii framework website, and let the rest of the pages be http. The page that would be forced https is
https://www.mywebsite.com/index.php?r=user/profile
When I do the following, it forces https on all the pages on the website.
RewriteEngine On
# Go to https
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} ^/index.php?r=user/profile$ [NC]
RewriteRule ^(.*)$ https://www.mywebsite.com/$1 [R,L]
# Go to http
RewriteCond %{SERVER_PORT} !80
RewriteCond %{REQUEST_URI} !^/index.php?r=user/profile$ [NC]
RewriteRule ^(.*)$ http://www.mywebsite.com/$1 [R,L]

The query string isn't part of the %{REQUEST_URI} variable, try:
RewriteEngine On
# Go to https
RewriteCond %{HTTPS} off
RewriteCond %{QUERY_STRING} ^r=user/profile$ [NC]
RewriteRule ^(index\.php)$ https://www.mywebsite.com/$1 [R,L]
# Go to http
RewriteCond %{HTTPS} on
RewriteCond %{HTTP_REFERER} !/index\.php\?r=user/profile
RewriteCond %{REQUEST_URI} !^/index\.php$ [OR]
RewriteCond %{QUERY_STRING} !^r=user/profile$ [NC]
RewriteRule ^(.*)$ http://www.mywebsite.com/$1 [R,L]

Related

Force http on two pages using the .htaccess

I would like to redirect to pages from HTTPS to HTTP using the .htaccess file.
I have added the code for one page but when I add it for page2 it gives the site a redirect error.
Here is my code that works for one page going from HTTPS to HTTP in the .htaccess and I also make sure the .htaccess is in that directory with the files I want to be redirected as well.
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} !^/page1.php$ [NC]
RewriteRule ^(.*)$ https://www.mywebsite.com/$1 [R,L]
RewriteCond %{SERVER_PORT} !80
RewriteCond %{REQUEST_URI} ^/page1.php$ [NC]
RewriteRule ^(.*)$ http://mywebsite.com/$1 [R,L]
But when I add it like this below it doesn't work and I get a redirect error.
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} !^/page1.php$ [NC]
RewriteCond %{REQUEST_URI} !^/page2.php$ [NC]
RewriteRule ^(.*)$ https://www.mywebsite.com/$1 [R,L]
RewriteCond %{SERVER_PORT} !80
RewriteCond %{REQUEST_URI} ^/page1.php$ [NC]
RewriteCond %{REQUEST_URI} ^/page2.php$ [NC]
RewriteRule ^(.*)$ http://mywebsite.com/$1 [R,L]
I would like the pages to go to HTTP only using the .htaccess file without error:
http://mywebsite.com/page1.php http://mywebsite.com/page2.php
I figured it out. The correct code I needed is below:
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} !^/(page2.php$|page1.php$) [NC]
RewriteRule ^(.*)$ https://www.mywebsite.com/$1 [R,L]
RewriteCond %{SERVER_PORT} !80
RewriteCond %{REQUEST_URI} ^/(page2.php$|page1.php$) [NC]
RewriteRule ^(.*)$ http://mywebsite.com/$1 [R,L]

Redirect all domains to use HTTPS

I have this code in my .htaccess file which does as the comments say:
Options +FollowSymLinks -MultiViews
RewriteEngine On
RewriteBase /
Options -Indexes
# redirect all traffic to correct domain
RewriteCond %{HTTP_HOST} ^itl\.|^(www\.)?(integratelecom|integra|integratelecommunications)\b [NC]
RewriteRule ^ https://www.example.net%{REQUEST_URI} [L,R=301,NE]
# redirect admin./ssladmin. sub domain to the correct folder
RewriteCond %{HTTP_HOST} (admin|ssladmin)\.itl\.uk\.net$ [NC]
RewriteRule !^admin/system/ admin/system%{REQUEST_URI} [L,NC]
# redirect subdomain.X to subdomain.example.net
RewriteCond %{HTTP_HOST} ^(?!www\.)([^.]+)\.(?!itl\.)[^.]+\. [NC]
RewriteRule ^ https://%1.example.net%{REQUEST_URI} [L,NE,R=302]
# map subdomains to correct folder
RewriteCond %{HTTP_HOST} ^(?!www\.)([^.]+)\.example\.net$ [NC]
RewriteRule !^subdomains/ subdomains/%1%{REQUEST_URI} [L,NC]
RewriteRule ^(subdomains/|admin/|index\.php$) - [L,NC]
# stop external linking to website but allow listed domains below
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?google.co.uk [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?google.com [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(.*\.)?itl.uk.net [NC]
#RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.|admin\.|ssladmin\.)?example.net [NC]
RewriteRule \.(jpg|jpeg|png|gif)$ – [NC,F,L]
#######################################
############## MAIN SITE ##############
#######################################
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(blog)/(post|tags|category)/([\w-]+)/?$ index.php?id=$1&type=$2&unique=$3 [QSA,NC,L]
RewriteRule ^(blog)/(archives)/([0-9]{4})/([0-9]{2})?$ index.php?id=$1&type=$2&year=$3&month=$4 [QSA,NC,L]
RewriteRule ^(support/knowledgebase)/(article|category|search)/([\w-]+)?$ index.php?id=$1&type=$2&unique=$3 [QSA,NC,L]
RewriteRule ^([a-zA-Z0-9-/_]+)/?$ index.php?id=$1 [L,QSA]
All of the above is working fine, but i need to force every domain and subdomain to use HTTPS, I have tried adding in:
RewriteCond %{HTTPS} off %HTTP_HOST [NC]
RewriteRule ^ https://%1.domain.net%{REQUEST_URI} [L,NE,R=302]
But that keeps returning an Internal Server Error
I also tried these two lines, but that adds %25 to the end of the URL
#RewriteCond %{HTTPS} off
#RewriteRule (.*) https://%{SERVER_NAME}/%$1 [R,L]
To force HTTPs you can use:
RewriteCond %{HTTPS} !=on
RewriteRule ^.*$ https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
It basically says, if HTTPs is not equal to ON, then it will force the website to display using SSL.
Make sure you clear your cache before testing this.

how to use .htaccess to redirect all http traffic to https AND www.domain.com

I've tried several solutions posted here, none of them seem to work - I just get redirect errors.
What I am trying to do is redirect all traffic to https for:
http://domain.com
http://www.domain.com
https://domain.com
http://alias.com
http://www.alias.com
https://alias.com
should all go to: https: // www.domain.com
currently addresses starting like: http: // www won't redirect to https.
here is the htaccess file
RewriteEngine On
RewriteBase /
# Fix Apache internal dummy connections from breaking [(site_url)] cache
RewriteCond %{HTTP_USER_AGENT} ^.*internal\ dummy\ connection.*$ [NC]
RewriteRule .* - [F,L]
RewriteCond %{HTTP_HOST} .
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} ^mydomain\.com [NC]
RewriteRule ^(.*)$ https://www.mydomain.com/$1 [R=301,L]
# Exclude /assets and /manager directories from rewrite rules
RewriteRule ^(manager|assets) - [L]
# For Friendly URLs
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?q=$1 [L,QSA]
RewriteCond %{HTTP_HOST} ^myalias.ca$ [OR]
RewriteCond %{HTTP_HOST} ^www.myalias.ca$
RewriteRule ^/?$ "https\:\/\/mydomain\.com" [R=301,L]
RewriteCond %{HTTP_HOST} ^myotheralias.ca$ [OR]
RewriteCond %{HTTP_HOST} ^www.myotheralias.ca$
RewriteRule ^/?$ "https\:\/\/mydomain\.com" [R=301,L]
You should get rid of the www redirects at the bottom:
RewriteCond %{HTTP_HOST} ^myalias.ca$ [OR]
RewriteCond %{HTTP_HOST} ^www.myalias.ca$
RewriteRule ^/?$ "https\:\/\/mydomain\.com" [R=301,L]
RewriteCond %{HTTP_HOST} ^myotheralias.ca$ [OR]
RewriteCond %{HTTP_HOST} ^www.myotheralias.ca$
RewriteRule ^/?$ "https\:\/\/mydomain\.com" [R=301,L]
Don't need them, you just need a single redirect at the top, replace:
RewriteCond %{HTTP_HOST} .
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} ^mydomain\.com [NC]
RewriteRule ^(.*)$ https://www.mydomain.com/$1 [R=301,L]
with
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} !^www\.mydomain\.com$ [NC]
RewriteRule ^(.*)$ https://www.mydomain.com/$1 [L,R=301]
This should take care of all the redirects.

htaccess - how to force HTTPS on just my main domain, not on sub-domains

I've just added the following rule to force HTTPS on my payment page, simply because I'm not sure how to force HTTPS on just domain.com and not user1.domain.com - not quite sure how to do this or even if it's possible.
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} /join/payment
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L]
So I added that rule and it's working fine, however, is it possible to just force HTTPS on my full domain and not any of my sub-domains?
My full htaccess file
RewriteEngine on
RewriteCond $1 !^(index\.php|images|js|profile_pictures|fonts|stylesheets|robots\.txt)
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} /join/payment
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php/$1 [L,QSA]
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule ^ https://%1%{REQUEST_URI} [NE,R=301,L]
RewriteCond %{HTTP_HOST} !^((www\.)?)domain\.com [NC]
RewriteCond %{HTTP_HOST} ^(.*)\.domain\.com
RewriteRule ^(.*)$ http://domain.com/site/%1$1 [L,NC,P]
RewriteCond %{HTTP_HOST} !^domain\.com$ [NC]
RewriteRule ^((?!site/).*)$ http://domain.com/site/$1?host=%{HTTP_HOST}&page=%{REQUEST_URI} [L,NC,P]
Questions
Is it possible to just force HTTPS on domain.com and not on subdomains? If it's possible to force HTTP instead of HTTPS on subdomains, I'd love to hear how to do that too.
I think that this should work:
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} /join/payment
RewriteCond %{HTTP_HOST} !^((www\.)?)domain\.com [NC]
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L]
That is, add a condition to check that the HTTP_HOST is www.domain.com or domain.com before adding https:// in front of it.

https to http change url through .htaccess in magento sites except checkout or my account page

My requirement is all https url open on http and check out and my account page always open on https.
i try on this code but not solve
RewriteEngine on
# From https to http
RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} ^/
#RewriteCond %{REQUEST_URI} !^/customer/account/
#RewriteCond %{REQUEST_URI} !^/checkout/multishipping/login/
#RewriteCond %{REQUEST_URI} !^/wishlist/
#RewriteCond %{REQUEST_URI} !^/index.php/admin/dashboard/index/key/
#RewriteRule ^(.*)$ http://www.example.com/$1 [L,R=301]
# From http to https
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} ^/checkout/cart/ [OR]
RewriteCond %{REQUEST_URI} ^/customer/account/ [OR]
RewriteCond %{REQUEST_URI} ^/checkout/multishipping/login/ [OR]
RewriteCond %{REQUEST_URI} ^/wishlist/ [OR]
RewriteCond %{REQUEST_URI} ^/index.php/admin/dashboard/index/key/
RewriteRule ^(.*)$ https://www.example.com/$1 [L,R=301]
Please help me
This code for solved this problem
Options +FollowSymLinks
RewriteEngine on
RewriteEngine on
RewriteCond %{SERVER_PORT} ^443$
RewriteRule ^(shop|blog|stockists|inthepress|contacts|review|home) http://www.example.com%{REQUEST_URI} [R=301,L]
RewriteCond %{HTTPS} on
RewriteRule ^$ http://%{HTTP_HOST} [L,R]
you can use like below and which is working for me in one of my sites.
############################################
## enable rewrites
Options +FollowSymLinks
RewriteEngine on
RewriteCond %{SERVER_PORT} 80
RewriteRule ^index.php/onepagecheckout/?$ https://%{HTTP_HOST}/index.php/onepagecheckout
[R,L]
# RewriteRule ^index.php/yourpageurl/?$ https://%{HTTP_HOST}/index.php/yourpageurl
[R,L]
hope you can understand and it could useful to you.

Resources