HTTP to HTTPS clean redirect - .htaccess

I have been searching the net and this website too and following some suggestions I managed to get it limping but it's still not perfect.
Here is the problem. When someone is accessing my website using plain HTTP, it redirects them to HTTPS but the url looks like this https://www.domain.com/index.php?rewrite=1
That is ugly alright but that's not the biggest issue here. The problem is that when members of the website try to log in, after filling out the details and click sign in, the page reloads to https://www.domain.com/ blanks the log-in fields. Typing in the info again and click sign in, member can log in on this second attempt. It becomes frustrating to those that access the website with plain http until they figure out that they want to use https instead.
However I would like to fix this problem and I ask your help for it.
Here is my current .htaccess file, I know that there is something very simple to change but I can't spot it.
Thank you!
IfModule mod_rewrite.c>
Options +FollowSymLinks
RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]
RewriteCond %{HTTP:X-Forwarded-Proto} =http
RewriteCond %{HTTP_USER_AGENT} !(SEAOSEAPP)
RewriteRule . https://%{HTTP:Host}%{REQUEST_URI} [L,R=permanent]
# Get rid of index.php
RewriteCond %{REQUEST_URI} /index\.php
RewriteRule (.*) index.php?rewrite=2 [L,QSA]
# Rewrite all directory-looking urls
RewriteCond %{REQUEST_URI} /$
RewriteRule (.*) index.php?rewrite=1 [L,QSA]
# Try to route missing files
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} public\/ [OR]
RewriteCond %{REQUEST_FILENAME} \. (jpg|gif|png|ico|flv|htm|html|php|css|js)$
RewriteRule . - [L]
# If the file doesn't exist, rewrite to index
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?rewrite=1 [L,QSA]
</IfModule>
# sends requests /index.php/path/to/module/ to "index.php"
# AcceptPathInfo On
# #todo This may not be effective in some cases
FileETag Size
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE text/text text/html text/plain text/xml text/css application/x-javascript application/javascript
</IfModule>

Related

Add HTTPS redirect for Progressive Web App with HTML 5 history mode

I have a progressive web application, built using Vue CLI 3, that is currently using the HTML 5 history mode. I have followed the documentation to add the necessary configuration to the .htaccess, however this example does not cover redirecting to HTTPS. This is what I have:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.html$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.html [L]
</IfModule>
I have followed other Stack Overflow responses on how to redirect all requests to HTTPS via .htaccess, but this results in an endless redirect loop. So what I need is to redirect non HTTPS requests to HTTPS while still honoring the index.html redirect.
After additional research, I was able to fix my problem by prepending the .htaccess file with some HTTPS specific configuration. So now my file looks like this:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-Proto} !=https
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L,N]
RewriteBase /
RewriteRule ^index\.html$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.html [L]
</IfModule>

How to disable SSL if a page url contains a specific word

I have my site running on all over SSL, but I added a games sections which uses the 3rd party games in flash. When I enable SSL it stop working. I am wondersing if how can I only disable the SSL on that specific page which contains "/game/" in the url so that the games will work fine.
I tried this code from insternet in my .htaccess file but not working:
RewriteCond %{HTTPS} off
RewriteRule ^game^ http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
EDIT:
I tried the answer suggested:
RewriteEngine On
RewriteCond %{HTTPS} On [NC]
RewriteRule ^game http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L,NC]
It works but when I go the pages contained the word "game" it turns the other pages also to "http" and other pages are become using "http" instead of "https"
Then I tried this:
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{HTTPS} On [NC]
RewriteRule ^game http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L,NC]
This it starts giving me the message "Page is not redirecting properly" when I go to "game" page url.
I want only the "game" pages to use "http".
EDIT TWO: The FULL .htaccess file
<IfModule mod_rewrite.c>
Options +FollowSymLinks
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# Get rid of index.php
RewriteCond %{REQUEST_URI} /index\.php
RewriteRule (.*) index.php?rewrite=2 [L,QSA]
# Rewrite all directory-looking urls
RewriteCond %{REQUEST_URI} /$
RewriteRule (.*) index.php?rewrite=1 [L,QSA]
# Try to route missing files
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} public\/ [OR]
RewriteCond %{REQUEST_FILENAME} \.(jpg|gif|png|ico|flv|htm|html|php|css|js)$
RewriteRule . - [L]
# If the file doesn't exist, rewrite to index
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?rewrite=1 [L,QSA]
</IfModule>
# sends requests /index.php/path/to/module/ to "index.php"
# AcceptPathInfo On
# #todo This may not be effective in some cases
FileETag Size
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE text/text text/html text/plain text/xml text/css application/x-javascript application/javascript
</IfModule>
Need help. Let me know if any duplicate is found, I can not find anyone though.
Thanks.
This should be your full .htaccess:
<IfModule mod_rewrite.c>
Options +FollowSymLinks
RewriteEngine On
# except for /game/ enforce https
RewriteCond %{HTTPS} off
RewriteCond %{THE_REQUEST} !/game/ [NC]
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# for /game/ enforce http
RewriteCond %{HTTPS} on
RewriteCond %{THE_REQUEST} /game/ [NC]
RewriteRule ^ http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# Get rid of index.php
RewriteCond %{REQUEST_URI} /index\.php
RewriteRule (.*) index.php?rewrite=2 [L,QSA]
# Try to route missing files
RewriteCond %{REQUEST_FILENAME} public [OR]
RewriteCond %{REQUEST_URI} \.(jpg|gif|png|ico|flv|htm|html|php|css|js)$
RewriteRule . - [L]
# If the file doesn't exist, rewrite to index
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?rewrite=1 [L,QSA]
</IfModule>
Make sure to clear your browser cache before testing this change.

.htaccess add tablet redirect

Using the .htaccess file, I wish to redirect tablet traffic to a tablet optimised site.
Regular URL: waxxxed.com.au
Tablet Optimised URL: waxxxed.com.au/tablet/
I've tried the following code but it doesn't work.
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} ipad [NC]
RewriteCond %{HTTP_HOST} !^ipad\. [NC]
RewriteRule ^ http://waxxxed.com.au/tablet/ [L,R=301]
x3 questions...
This code doesn't work. Appears to create a loop. Not sure, but that may be related to my existing .htaccess code provided below.
I want to redirect ALL tablets (not mobiles) not just iPads. How do I capture other tablet brands?
Can you recommend any further optimisation of my .htaccess coding.
Full current .htaccess file (it works!)...
<IfModule mod_expires.c>
# Enable cache expirations
ExpiresActive On
# Default directive
ExpiresDefault "access plus 1 month"
# My favicon
ExpiresByType image/x-icon "access plus 1 year”
</IfModule>
# force redirect of html to no-extension
RewriteCond %{THE_REQUEST} ^GET\s.+\.html
RewriteRule ^(([^/]+/)*[^/.]+)\.html$ http://waxxxed.com.au/$1 [R=301,L]
# www to non-www
RewriteEngine On
RewriteCond %{HTTP_HOST} ^www.waxxxed.com.au
RewriteRule (.*) http://waxxxed.com.au/$1 [R=301,L]
# Redirect from / to non-/
RewriteEngine On
RewriteRule ^(.*)/$ $1 [R=301,NC,L]
# parse file as file.html
RewriteCond %{REQUEST_FILENAME}\.html -f
RewriteRule ^(([^/]+/)*[^/.]+)$ $1.html [L]
# refer not found content to 404 page
ErrorDocument 404 /404page.html
The reason why it creates a loop is because you're checking that the hostname doesn't start with ipad, and since you're redirecting to waxxxed.com.au, it's never going to start with ipad. Instead check for the request URI starting with /tablet/:
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} ipad [NC]
RewriteCond %{REQUEST_URI} !^/tablet/. [NC]
RewriteRule ^ http://waxxxed.com.au/tablet/ [L,R=301]
As for #2, you need to lookup user-agents for other tablets. In general, you want to find "android" but not "mobile":
RewriteCond %{HTTP_USER_AGENT} android [NC]
RewriteCond %{HTTP_USER_AGENT} !mobile [NC]
RewriteCond %{REQUEST_URI} !^/tablet/. [NC]
RewriteRule ^ http://waxxxed.com.au/tablet/ [L,R=301]
The rest of your htaccess file looks fine as long as it's doing what you expect, anything would be really nit-picky.

why does my ReWrite rule not rewrite?

I want to rewrite the urls like
site.com/eng?sentence=a-sentence
to be like:
site.com/eng/a-sentence
I only want the text shown in the brower url to change, I dont want a redirect.
RewriteCond %{THE_REQUEST} ^GET\s/+eng?sentence=([^/?&\s]+) [NC]
RewriteRule ^ /eng/%1 [NC,L,NE]
I have fiddled with it, comparing other rewrite rules i found for a long time, but just cant get it to work, And i really can't figure out why. I tried removing all other rewrite from my htaccess everytime i tested.
here is my htaccess file:
# Use PHP5.3 Single php.ini as default
AddHandler application/x-httpd-php54s .php
AddType application/x-httpd-php .htm .html
Options -Indexes -MultiViews
ErrorDocument 404 /404.php
ErrorDocument 500 /500.php
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME}\.php -f
RewriteRule ^(.*)$ $1.php [L]
RewriteCond %{THE_REQUEST} ^GET\s/+eng?sentence=([^/?&\s]+) [NC]
RewriteRule ^ /eng/%1 [NC,L,NE]
<FilesMatch "\.(jpg|jpeg|png|gif|swf)$">
Header set Cache-Control "max-age=604800, public"
</FilesMatch>
preferably, if you could fix my rule rather than write your own one that I won't likely understand, that would be great.
I only want the text shown in the browser url to change, I dont want a
redirect.
To change URL in browser you need external redirect using R flag.
Also ? is special regex symbol and to match a literal ? you need to escape it like \?. Also you would need a ? in the target URI's end to strip off query string.
Your complete .htaccess:
RewriteEngine On
# actual oneto pretty URL - external redirect
RewriteCond %{THE_REQUEST} \s/+eng\.php\?sentence=([^&\s]+) [NC]
RewriteRule ^ /eng/%1? [L,NE,R=302]
# pretty URL to actual one - internal rewrite
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^eng/([^/]+)/?$ /eng.php?sentence=$1 [L,QSA,NC]
# To internally forward /dir/foo to /dir/foo.php
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{DOCUMENT_ROOT}/$1.php -f
RewriteRule ^(.+?)/?$ /$1.php [L]
I highly recommend you to read: Apache mod_rewrite Introduction

MODx & .htaccess issue

I have been trying to get FURLs working in MODx. Following resource covers this topic in details - http://rtfm.modx.com/display/revolution20/Using+Friendly+URLs. However once the changes to .htaccess are made, the site is no longer available. Here is my .htaccess file:
# Friendly URLs Part
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} .
# Force all pages to go to www.domain.com for SEO
RewriteCond %{HTTP_HOST} !^www\.dev\.domain\.co\.uk [NC]
RewriteRule (.*) http://www.dev.domain.co.uk/$1 [R=301,L]
# Friendly URLs
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?q=$1 [L,QSA]
# Additional Settings Follow
ExpiresActive On
ExpiresByType image/gif A2592000
ExpiresByType image/jpeg A2592000
ExpiresByType image/png A2592000
BrowserMatch "MSIE" brokenvary=1
BrowserMatch "Mozilla/4.[0-9]{2}" brokenvary=1
BrowserMatch "Opera" !brokenvary
SetEnvIf brokenvary 1 force-no-vary
Any ideas what may be the issue?
Change .htaccess back to original - https://github.com/modxcms/revolution/blob/develop/ht.access
Try this Default htaccess file for modx
RewriteEngine On
RewriteBase /
#RewriteCond %{HTTP_HOST} .
RewriteCond %{HTTP_HOST} !^www\.example.com [NC]
RewriteRule (.*) http://www.example.com/$1 [R=301,L]
# Rewrite secure requests properly to prevent SSL cert warnings, e.g. prevent
# https://www.example.com when your cert only allows https://secure.example.com
#RewriteCond %{SERVER_PORT} !^443
#RewriteRule (.*) https://example.com/$1 [R=301,L]
# The Friendly URLs part
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?q=$1 [L,QSA]
Check this for full htaccess file

Resources