Mod Rewrite not redirecting as expected - .htaccess

I have rewrite rule to redirect to www and rewrite rules to redirect to ssl. This is my desired setup and everything works perfectly except when I add this new condition:
RewriteCond %{REQUEST_URI} !^/new-review?.* [NC]
If that condition is true I do not want the ssl redirect to happen. The problem I am seeing is that when I do this the entire url redirects to https://www.example.com/index.php?query=string
The normal behavior even for every other page works just fine. the URI stays the same but index.php is run. Here is my htaccess file below:
Options +FollowSymLinks -Indexes
RewriteEngine On
RewriteCond %{HTTP_HOST} ^(?!www\.).*$ [NC]
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,L]
RewriteCond %{REQUEST_URI} !^/new-review?.* [NC]
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . index.php
My expected behavior is someone types in the url http://www.example.com/new-review?query=string and this page runs the code on index.php without switching the users uri to index.php. I just can't figure out why the last rewrite rule:
RewriteRule . index.php
follows expected behavior for everything except that one condition. All I want is for this one page to work as a non-ssl page but still run via index.php.

Important trick is to use THE_REQUEST variable instead of REQUEST_URI in your condition. THE_REQUEST variable represents original request received by Apache from your browser and it doesn't get overwritten after execution of some rewrite rules.
So you can use:
Options +FollowSymLinks -Indexes
RewriteEngine On
RewriteCond %{HTTP_HOST} ^(?!www\.).*$ [NC]
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,L]
RewriteCond %{THE_REQUEST} !^\s/new-review [NC]
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . index.php [L]

The rewrite engine will loop until the URI stops changing. What happens when you request /new-review is it doesn't match any of the redirect rules, then it matches the last rule and it gets applied, thus /new-review is rewritten to /index.php. Now, the rewrite engine loops, and the new URI is applied. This time, your second rule matches the URI (/index.php) and thus gets redirected. If you don't want index.php to get redirected, then you need to either prevent all looping, or add a passthrough:
Options +FollowSymLinks -Indexes
RewriteEngine On
RewriteCond %{ENV:REDIRECT_STATUS} 200
RewriteRule ^ - [L]
RewriteCond %{HTTP_HOST} ^(?!www\.).*$ [NC]
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,L]
RewriteCond %{REQUEST_URI} !^/new-review?.* [NC]
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . index.php
or
Options +FollowSymLinks -Indexes
RewriteEngine On
RewriteRule ^(index\.php)?$ - [L]
RewriteCond %{HTTP_HOST} ^(?!www\.).*$ [NC]
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,L]
RewriteCond %{REQUEST_URI} !^/new-review?.* [NC]
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . index.php

Related

Redirect non-www to www. equivalent but allow one REQUEST_URI regex match?

RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteCond %{REQUEST_URI} !^.+?games/.+?\.jpg$ [NC] #if does not match then proceed with redirect...
RewriteRule ^(.*)$ http://www.example.com/$1 [R=301,L]
RewriteRule ^.+?games/(.+?)\.jpg$ index.php?g=$1 [L] #will only get to this point if not starting with www.
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule .* index.php [L]
Above code does not work, what am I doing wrong?
Problem is your use of REQUEST_URI variable that changes to /index.php due to your last rule and when mod_rewrite runs again your first rule happily adds www in the URL.
You should use THE_REQUEST variable, THE_REQUEST variable represents original request received by Apache from your browser and it doesn't get overwritten after execution of some rewrite rules.
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteCond %{THE_REQUEST} !games/.+?\.jpg [NC]
RewriteRule ^(.*)$ http://www.example.com/$1 [R=301,L]
RewriteRule ^.+?games/(.+?)\.jpg$ index.php?g=$1 [L,QSA]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule .* index.php [L]

website proper redirecting via .htaccess

I searched about .htaccess redirecting address after first symbol / but I can't get it working.
.htaccess file is like this one:
Options +FollowSymlinks
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^/?(.*)$ /index.php?route=/$1 [L,QSA]
RewriteCond %{HTTP_HOST} ^OldDomain [NC]
RewriteRule ^blog/(.*)$ NewDomain/$1 [R=301,L]
RewriteCond %{HTTP_HOST} ^www.OldDomain [NC]
RewriteRule ^blog/(.*)$ http://www.NewDomain/$1 [R=301,L]
When I test it with the domain
www.OldDomain.com/catalog
its redirects to
www.NewDomain.eucatalog
which does not have the slash symbol "/".
How can I make the redirect keep the slash symbol?
This may be unrelated, but you need your redirect rules (the last 2) to come before your routing rule. It's possible your router (index.php) is redirecting incorrectly:
Options +FollowSymlinks
RewriteEngine On
RewriteCond %{HTTP_HOST} ^OldDomain [NC]
RewriteRule ^blog/(.*)$ NewDomain/$1 [R=301,L]
RewriteCond %{HTTP_HOST} ^www.OldDomain [NC]
RewriteRule ^blog/(.*)$ http://www.NewDomain/$1 [R=301,L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^/?(.*)$ /index.php?route=/$1 [L,QSA]

Excluding specific pages from HTTPS in mod_rewrite

I am trying to setup a codeigniter app to force HTTPS across all pages except one. However, I cannot get the rules to only redirect if the user is not on the page in question.
The page that should be excluded has the following URL's:
http://mydomain.com/kpi/reports/67
http://mydomain.com/kpi/reports/67/overview/2013-02-01/2013-02-28
http://mydomain.com/index.php?/kpi/reports/67
http://mydomain.com/index.php?/kpi/reports/67/overview/2013-02-01/2013-02-28
The number 67 and the dates can all change in the URL's above hence the user of regular expressions below.
I have tested the regular expressions and they seem to match the URL's fine. However, the htaccess just seems to redirect it to https:// anyway.
My .htaccess file is as follows...
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
#Disallow access to system dir
RewriteCond %{REQUEST_URI} ^system.*
RewriteRule ^(.*)$ /index.php?/$1 [L]
#Disallow access to application dir
RewriteCond %{REQUEST_URI} ^application.*
RewriteRule ^(.*)$ /index.php?/$1 [L]
#Force https when not on overview report
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} !^/index\.php\?/kpi/reports/?([0-9]+)$
RewriteCond %{REQUEST_URI} !^/index\.php\?/kpi/reports/?([0-9]+)/overview/?([0-9]+)-?([0-9]+)-?([0-9]+)/?([0-9]+)-?([0-9]+)-?([0-9]+)$
RewriteCond %{REQUEST_URI} !^/kpi/reports/?([0-9]+)$
RewriteCond %{REQUEST_URI} !^/kpi/reports/?([0-9]+)/overview/?([0-9]+)-?([0-9]+)-?([0-9]+)/?([0-9]+)-?([0-9]+)-?([0-9]+)$
RewriteRule ^(.*)$ https://%{SERVER_NAME}%{REQUEST_URI} [R=302,L]
#If not a valid file, redirect request through index.php
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?/$1 [L]
</IfModule>
Any help would be greatly appreciated!
Maybe this will do what you need:
#Force https when not on overview report
RewriteCond %{HTTPS} off
RewriteCond %{QUERY_STRING} !kpi/reports/[0-9]+/?$ [NC]
RewriteCond %{QUERY_STRING} !kpi/reports/[0-9]+/overview/[^/]+/[^/]+/? [NC]
RewriteCond %{REQUEST_URI} !kpi/reports/[0-9]+/?$ [NC]
RewriteCond %{REQUEST_URI} !kpi/reports/[0-9]+/overview/[^/]+/[^/]+/? [NC]
RewriteRule ^(.*)$ https://%{SERVER_NAME}%{REQUEST_URI} [R=302,L]
#If not a valid file, redirect request through index.php
Replace all lines between the comments.

htaccess rewritecond and rewrite rule not working properly

I'm trying to redirect all /admin calls into subdomain with this two lines in .htaccess:
RewriteCond %{REQUEST_URI} ^admin [NC]
RewriteRule ^(.*)/$ http://admin\.somedomain\.com/$1/ [R,L]
Well, nothing happens. It just ignores the redirect rule and shows content of /admin directory.
Just for reference (and to skip requests to paste my entire .htaccess file), here it is:
Options +FollowSymlinks -Indexes
RewriteEngine on
Redirect 404 /favicon.ico
RewriteCond %{REQUEST_URI} ^admin [NC]
RewriteRule ^(.*)/$ http://admin\.somedomain\.com/$1/ [R,L]
# Send all admin. traffic to /admin
RewriteCond %{HTTP_HOST} ^admin\. [NC]
RewriteRule ^(.*)$ /admin/$1 [L]
# Check for www. and add it
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteCond %{HTTP_HOST} !^admin\. [NC]
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R,L]
# Add trailing slash if not found
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !favicon.ico
RewriteCond %{REQUEST_URI} !(.*)/$
RewriteRule ^(.*)$ /$1/ [R,L]
# Process virtual links/directories
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !favicon.ico
RewriteRule ^(.*)$ index.php/?$1 [QSA,L]
RewriteCond %(HTTP_HOST} !^admin\.somedomain\.com$
RewriteCond %{REQUEST_URI} ^/admin [NC]
RewriteRule ^(.*)$ http://admin.somedomain.com$1 [R,L]
You were missing a leading slash on your RewriteCond match. With the assumption that admin.somedomain.com may be in the same configuration as the other domain, I also added a check to ensure the rule isn't applied if the domain is already admin.somedomain.com. In the RewriteRule, I made a couple of minor modifications: You aren't matching on the right side, so you don't need to escape the dots.
There are some issues with your remaining rules as well. This won't work, for example:
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1
You can't use server variables on that side of the rule.

https in htaccess and order of rules (using Expression Engine)

I'm building a site in expression engine that part of needs to be https. The site is also using a new domain name (new one www.example-new.com the old one www.example.old.com).
I want to do the following things:
remove the index.php
force www
force https for any url starting www.example.old.com/extranet
redirect https URLs that are not www.example.old.com/extranet (e.g. www.example.old.com/news to http
I have the following code so far that works for the first two requirements:
<IfModule mod_rewrite.c>
RewriteEngine On
# Force www
RewriteCond %{HTTP_HOST} ^example-new.com$ [NC]
RewriteRule ^(.*)$ http://www.example-new.com/$1 [R=301,L]
# Removes index.php
RewriteCond $1 !\.(gif|jpe?g|png)$ [NC]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ /index.php/$1 [L]
</IfModule>
AddType x-httpd-php53 .php
I seem to be going round in circles, so I've two questions that will help me write the other rewrites (although feel free to share suggestions...):
1) Should the code for requirements 3 and 4 be positioned before "removes index.php" code?
2) Does the position have any bearing on the redirects that will be coming from the old site e.g. www.example-old.com/some-link-here.asp will be redirected to www.example-new.com/some-new-link-here
Thanks,
Gregor
1) Remove 'index.php' from ExpressionEngine URLs
RewriteCond $1 !\.(gif|jpe?g|png)$ [NC]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ /index.php/$1 [L]
2) Add 'www' to all URIs
RewriteCond %{HTTP_HOST} !^www\.(.*)$ [NC]
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]
3) Force https:// for any URI starting with /extranet
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} ^/extranet(.*)$ [NC]
RewriteRule . https://%{HTTP_HOST}%{REQUEST_URI}$1 [R=301,L]
4) Redirect https:// URIs that are not /extranet
RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} !^/extranet(.*)$ [NC]
RewriteRule . http://%{HTTP_HOST}%{REQUEST_URI}$1 [R=301,L]
Putting it all together, here's your complete set of RewriteRules:
<IfModule mod_rewrite.c>
Options +FollowSymlinks
RewriteEngine on
RewriteCond %{HTTP_HOST} !^www\.(.*)$ [NC]
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} ^/extranet(.*)$ [NC]
RewriteRule . https://%{HTTP_HOST}%{REQUEST_URI}$1 [R=301,L]
RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} !^/extranet(.*)$ [NC]
RewriteRule . http://%{HTTP_HOST}%{REQUEST_URI}$1 [R=301,L]
RewriteCond $1 !\.(gif|jpe?g|png)$ [NC]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ /index.php/$1 [L]
</IfModule>
1) Should the code for requirements 3 and 4 be positioned before "removes index.php" code?
The rules are processed in the order that you write them. I expect that you want the site to redirect first then do the remove index, so yes, it should go before
2) Does the position have any bearing on the redirects that will be coming from the old site e.g. www.example-old.com/some-link-here.asp will be redirected to www.example-new.com/some-new-link-here
If you are using the same directory for both sites, then you would need to prefix all rules for one site with a RewriteCond that limits the domain. Otherwise, order of the rules (old vs new site) is important.
Your redirects from the old site should also incorporate rules in the new e.g. ensure that you are going to http/s as necessary to avoid extra redirects.
Below is the code to force http/s
#if not secure
RewriteCond %{HTTPS} off
#and starts with /extranet
RewriteCond %{REQUEST_URI} ^/extranet [NC]
#redirect to secure
RewriteRule . https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
#if secure
RewriteCond %{HTTPS} on
#and does not start with /extranet
RewriteCond %{REQUEST_URI} !^/extranet [NC]
#redirect to http
RewriteRule . http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# force www on hostname, but keep same protocol (http/https)
RewriteCond %{HTTP_HOST} !^www\.(.+)
RewriteCond %{HTTPS}s ^(on(s)|offs)
RewriteRule ^ http%2://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
If it helps... I just did this yesterday for an ecommerce site... Here's my .htaccess file
# Remove WWW from URL
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ http://%{HTTP_HOST}/$1 [R=301,L]
# Add a trailing slash to paths without an extension
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_URI} !(\.[a-zA-Z0-9]{1,5}|/)$
RewriteCond %{REQUEST_METHOD} !=POST
RewriteRule ^(.*)$ $1/ [L,R=301]
#remove index.php
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php/$1
#Force HTTPS on checkout/account pages
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} (checkout|account)
RewriteRule ^(.*)$ https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]
#remove HTTPS on all other pages
RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !(img|_|images|checkout|account)
RewriteRule ^(.*)$ http://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]

Resources