i use Prestashop and force https for all url.
I need to add script with this url:
src="//c.imedia.cz/js/retargeting.js"
i need url keep like this in html.
but htaccess seems change it to
src="https://c.imedia.cz/js/retargeting.js"
which doesn't work then.
i tried to add Rewrite rule to prevent override this url
RewriteRule retargeting\.js$ - [L,NC]
Any solution please?
htaccess does not change the src in your HTML. The browser will replace // with the protocol that is used in the request. i.e. https. It's commonly referred to as protocol relative URL.
More info in this answer about that
So if you don't want it to use https then you should explicitly set it as http. That will however cause mixed content when served over https and modern browsers will probably block it. So if you force https then ALL your resources have to be https as well or it will be blocked and not loaded even using http.
So then you should get a wildcard SSL certificate for your subdomains so that your resources can be served as https as well.
Related
A website that I manage was currently turned via cpanel to redirect at https. Unfortunately a single site/folder/program works only in http and not in https (idk why).
Is there any rewrite rule that will force this site to load in http only?
The whole thing is made like this:
https://example.com --> HTTPS (ok and desired to be in https)
http://example.com/NastyWebApp --> HTTP (doesn't work in https)
What I need, is to force the NastyWebApp to load in http only.
Perhaps not the ideal solution, but a solution that will do the job, via Javascript:
<HTML><HEAD><title>Nasty Web App</title></HEAD>
<body><SCRIPT LANGUAGE="JavaScript">(window.location.replace("http://stackoverflow.com/nastywebapp.php"));
I have a Drupal 7 site that has been working fine for years. I want to force all requests to be treated as https, so this is in .htaccess:
RewriteCond %{HTTPS} off
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
It's hosted on an AWS Lightsail server. We just added an AWS load balancer to the mix, and now, when I make an http request to the server, the page is loading, but all the requests for js and css files are treated as http requests. I've restarted the server, flushed browser, even rebooted my Mac. The only other change was the DNS now points to the load balancer. I don't know what effect the load balancer has on this, if any. When I view source of another server running a different Drupal site, I see the URLs for css and js are all https. Shouldn't Drupal be rewriting the requests to https on the broken server too?
the page is loading, but all the requests for js and css files are treated as http requests.
It sounds like you may have put the redirect directives in the wrong place. If you put them near the end of the .htaccess file, specifically after the front-controller (Drupal directives) then any requests for static resources (eg. JS and CSS files) will not be redirected.
This redirect needs to go near the top of the .htaccess, before any existing rewrites.
When I view source of another server running a different Drupal site, I see the URLs for css and js are all https.
However, you do need to actually change the URLs in the HTML source to point directly to HTTPS, otherwise, you are going to get a lot of mixed content warnings when viewing the page itself over HTTPS and the resources will fail to load. Simply implementing a "redirect" will not resolve this.
I am setting up a link which should open another website. For example, if a browser is opening up www.foobar2.com, it should open www.foobar.com without changing the URL. I found out that it can be done using .htaccess file. Currently, if I open, www.foobar2.com, it redirects to www.foobar.com but the URL also changes to www.foobar.com. But I want that URL should not change. What do I need to do?
I tried this which isn't working -
RewriteCond %{HTTP_HOST} ^www.foobar2.com
RewriteRule ^(.*) http://www.foobar.com [P]
Please help me with this.
Thanks :)
Since the http host the request is sent to is always that shown in the URL (for obviousl reasons) you need to implement a proxy feature, this cannot be done using pure rewriting or redirecting.
The apache http server offers a proxy module for this, it can be either used standalone or integrated into the rewriting module. However you want to use it you need to take care that the module is actually loaded first. It consists of two submodules, the core proxy module and the proxy_http module in this case.
Now you can implement a ProxyPass directive for the URL you want to fetch from the other host:
ProxyRequests off
ProxyPass / https://www.foobar.com
ProxyPassReverse / https://www.foobar.com
(yes, that is an off in the first line above)
This rule needs to be implemented in the http host www.foobar2.com. It will make an internal sub request to www.foobar.com for each incoming request (since it masks the root (/) and deliver the response it receives back to the originally requesting client.
If I have a user follow a link to my site such as
mydomain.com/pdf/google_token
is there a way for me to redirect them to the Google pdf
drive.google.com/file/d/google_token/view
while keeping
mydomain.com/pdf/google_token
in the address bar?
Right now I am redirecting to google successfully using
RewriteRule ^pdf/([a-zA-Z0-9]+)$ https://drive.google.com/file/d/$1/view
in my .htaccess file, but it is replacing the URL with
drive.google.com/file/d/google_token/view
Thanks.
You are not looking for a way to redirect. A redirection always changes the URL in the client, that is the whole purpose of a redirection. What you are looking for is a proxy solution, maybe in conbination with an internal rewrite. That creates a kind of mapping: the content published on that google resource is re-published through your http host.
This would be an example for such setup:
ProxyPass /google-drive/ https://drive.google.com/
ProxyPassReverse /google-drive/ https://drive.google.com/
RewriteEngine on
RewriteRule ^/?pdf/([a-zA-Z0-9]+)$ /google-drive/file/d/$1/view [END]
An alternative would be to only re-publish a section of that remote resource:
ProxyPass /google-drive/ https://drive.google.com/file/d/
ProxyPassReverse /google-drive/ https://drive.google.com/file/d/
RewriteEngine on
RewriteRule ^/?pdf/([a-zA-Z0-9]+)$ /google-drive/$1/view [END]
That set will work likewise in the http servers host configuration and you probably can also get it to work using a dynamic configuration file (".htaccess" style file). If you really need to use such a file then take care that its interpretation is enabled in the host configiration. And you definitely need to have apache's proxy module loaded. You should prefer to place such rule in the http servers host configuration though, for various reasons.
If that setup is not possible, for example because you do not have access to the proxy module, then you can implement a simple routing solution which fetches the PDF in background using for example php's cURL extension and forwarding the payload along with correct http headers to the client that sent a request to that PDF. That is usually done for resources kept locally but there is no reason why you can't do that with remote resources too.
Some additional notes:
if you only deliver documents form that google drive resource, then you probably do not need the ProxyPassReverse directive, but only the ProxyPass.
if you run into a server internal error (http status 500) using the above setup then chances are that you operate a very old version of the apache http server. You will find a hint on an unsupported END flag in your http servers error log file in that case. Try using the [L] flag in that case, it probably will work the same here, but that depends on the rest of your setup.
Is it possible to force SSL with Cloudflare except specified URL pattern? for example: example.com/* forced to use SSL, but example.com/iframe use HTTP only, not HTTPS.
If you are using Automatic HTTPS Rewrites within CloudFlare's Crypto section, yes. Create a Page Rule for example.com/iframe* where Automatic HTTPS Rewrites is off. See attached image for the Page Rule setting:
But you might be redirecting with Microsoft IIS or Apache. In that case, you must make the distinction there.