I've recently installed on my website a CloudFlare SSL Certificate.
However, when I am trying to force my website over HTTPS, I fail.
I firstly attempted to create a redirect from HTTP to HTTPS from my web host control panel (Hostinger), but apparently, you cannot create a redirect for the same website.
After this, I went to the .htaccess file and edited it, adding the following codes:
RewriteCond %{HTTPS} !=on [OR]
RewriteCond %{HTTP_HOST} ^domain\.com$ [NC]
RewriteRule ^.*$ https://www.domain.com%{REQUEST_URI} [R,L]
Error: The broswer does not redirects me to load the domain over HTTPS.
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.yourdomain.com/$1 [R,L]
Error: In Google Chrome I get the following error screen:
This webpage has a redirect loop
ERR_TOO_MANY_REDIRECTS
In Opera, the web page does not load.
I tried to delete my Chrome's cache, but it still didn't work.
Any tips?
You can utilise CloudFlare's page rules. Login to your account, head over to page rules. Click "Create Page Rule".
type in your domain name in the following format: http://example.com/* and add the setting
Always use HTTPS
Then press save and wait 30 seconds.
Related
I currently have an .htaccess file that has been configured like so:
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteCond %{HTTP:X-Forwarded-SSL} !on
RewriteCond %{HTTP_HOST} ^domain\.me$ [OR]
RewriteCond %{HTTP_HOST} ^www\.domain\.me$
RewriteRule ^(.*)$ "https\:\/\/www\.domain\.me\/$1" [R=301,L]
Using this method I have my unknown subdomains routing to the built in /cgi-sys/defaultwebpage.cgi but I would like it to reroute to a custom error page that I have made. For instance, if a user were to enter "notarealaddress.domain.me" it should then route them to a 404 page like "domain.me/404?page=notarealaddress". It is important to me that I maintain the query string in the 404 url because I have the 404 page dynamically change based on what they tried to reach. It is worth noting that it must still handle known subdomains, for instance if they user enters "arealaddress.domain.me" it should take them to the appropriate page still instead of the 404 page.
I'm fairly new to the web hosting management side of web development so I am at a loss of what to do at this point. I appreciate any help, thanks!
On my web I am using HTTPS connection and in my .htaccess I specified the redirect from http to https like this:
RewriteCond %{HTTP:HTTPS} !on [OR]
RewriteCond %{HTTP_HOST} ^example.com
RewriteRule (.*) https://www.example.com/$1 [R=301,QSA,L]
This is working fine, so if someone enters the page with http, it will redirect to https.
But I want to exclude from this redirect one specific folder, let's say 'application'.
If I put it above the statement, the Rewriterule will redirect it. If I put it after, then the web is already redirected to https and I don't want to call redirect to http again.
So how can I exclude one folder?
The reason is, I have very often a TLS handshake taking more than 30 seconds on my web.
And the files in that application folders are API php files, which are only called from my mobile app, so they will never be shown in browser.
As there are serious connection issues from mobile app due to TLS problems, I want to call these files via http only to avoid TLS connection. I don't care about security in these files, however I want to keep the rest of my web with https.
Well, I think I found some solution. I used that folder as an exception via !application:
RewriteCond %{HTTPS} !on
RewriteCond %{THE_REQUEST} !application [NC]
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301,NE]
Still testing, but seems working fine. Hope I am doing it the right way.
I am trying enable SSL on every page in my web shop based on Prestashop 1.6.1.7. I turn on options in BO ("enable SSL" and "enable SSL protocol on every page") and now I cant access to my webshop by http:// protocol (I see white page), only https:// working.
I was trying force redirect in .htaccess but with no effect, it doesn't work:
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
or
RewriteCond %{HTTP_HOST} ^http://www.your_site.com
RewriteRule ^(.*)$ https://www.yoursite.com/$1 [R=301,L]
I disabled "enable SSL protocol on every page" option and now I can access to webshop by http://.
Additionally https:// works properly on order process and login/register page. But I would like https:// on every page.
I have enabled debug mode and there is no errors.
For me it was works solution for version 1.7.2.0 to add redirect from http to https
(1) Go to /classes/controller/FrontController.php
and set SSL connection flag to TRUE, right below
public $ssl = false; change to public $ssl = true;
(2) Then go to database and find PS_SSL_ENABLED parameter in __configuration table and change it value from "0" to "1"
To do not see "white page", enable Developer mode as described here: http://doc.prestashop.com/display/PS16/PrestaShop's+developer+tools
and change your question with the error that you see.
To enable HTTPS in all pages of your Prestashop website follow this
Find your .htaccess file (usually in the root folder)
open the file ---- >Find for "RewriteEngine on" if its off make it on
Under that write this below code
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$https://yoursitename.com/$1 [R,L]
Save and upload the file to respective directory
NOTE: Extra rewriteRule may be present under "RewriteEngine on" Ignore do not modify until you understand it fully.
Hope this helps mate !
If you are using Apache server, you can try the following code in your .htaccess file to fix the issue.
RewriteCond %{HTTPS} off
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule .* https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Log in as Administrator in Prestashop at Domains
Enable SSL and SSL on all pages options under Configure > Shop Parameters > General
enter image description here
I have this Drupal project which inherited several domains, so I have:
www.domain1.com
www.domain1.co.uk
www.domain2.com
www.domain3.com
and I want to redirect all these domain to www.newdomain.com and also want to redirect all requests to https to http as well as redirect all the domains above without www to www.newdomain.com and have tried a few things but it didn't work.
Here's what I've tried:
RewriteCond %{HTTP_HOST} !^www\.newdomain\.com [NC]
RewriteCond %{HTTP_HOST} !^$
RewriteRule ^/?(.*) http://www.newdomain.com/$1 [L,R,NE]
But with the above, all old domains (domain1.com, domain2.com, etc) gets redirected to www.newdomain.com, however when I hit https://domain1.com for example (it happens with all domains above using http), it shows a blank page. When I hit https://www.domain1.com it shows a warning from using a self signed certificate - meaning it doesn't redirect to http.
I've read on a page somewhere that I should delete these lines from htaccess:
RewriteRule ^ - [E=protossl]
RewriteCond %{HTTPS} on
RewriteRule ^ - [E=protossl:s]
But when I did, even the basic redirect that happens now (for instance, from www.domain1.com to www.newdomain.com stops working.
What am I missing here?
Thanks in advance
If https protocol always shows blank page, maybe there is distinct folder for it on your FTP ("httpsdocs" or something like that).
Also you should check your hosting provider's help page for more information about the https protocol and SSL certificate configurations.
I've got a site (example.com) and a blog (externalblog.com) which is hosted externally and reverse-proxied using ISAPI rewrite. So if you go to www.example.com/blog you're actually on externalblog.com, but the URL is masked.
I've got this working with a number of sites, but the issue is when the parent site uses HTTPS, whereas the blog is only HTTP. When visitors attempt to follow old links, the blog posts will show normally under the https version of the url, but the stylesheets are all broken and a "no certificate" warning is shown.
I need an htaccess rule that will do 2 things:
Forward anyone attempting to access an https version of a blog post only (ie anything within www.example.com/blog) to the http version instead.
Forward anyone attempting to visit example.com/blog (without the www) to http://www.example.com/blog instead of the https version, which it currently does.
However I've like the rules to only affect www.example.com/blog and nothing else on example.com. My current rule for ISAPI rewrite on example.com is as follows:
RewriteRule ^blog(.+)$ http://www.externalblog.com$1 [R=301,L]
This works correctly and is based on an article online called "using reverse proxying to pull a wordpress blog into your domain" – I can't add any more links here due to not having enough reputation.
Any help would be much appreciated.
EDIT: I tried the following
RewriteCond %{HTTPS} on
RewriteCond %{THE_REQUEST} ^[A-Z]+\s/blog [NC]
RewriteRule ^blog(.+)$ http://www.externalblog.com$1 [R=301,L]
This works as far as rewriting https to http – but reverse proxy URL masking no longer kicks in.
Your explanation is rather unclear, so sorry if my answer will be unrelated. I suppose you are trying to force everything under www.example.com/blog to be HTTPS, instead of HTTP? Then try this rule:
RewriteEngine On
# HTTP to HTTPS redirect rule
RewriteCond %{HTTPS} off [NC]
RewriteCond %{HTTP:Host} ^www\.example\.com$ [NC]
RewriteRule ^(blog/.*)$ https://www.example.com/$1 [NC, R=301, L]
# No www. to www. redirect rule
RewriteCond %{HTTP:Host} ^example\.com$ [NC]
RewriteRule ^(blog/.*)$ https://www.example.com/$1 [NC, R=301, L]
# Your proxy rule goes here, I suppose it looks like:
RewriteRule ^blog(/.*)$ http://www.externalblog.com$1 [NC, P]