mod_rewrite http to https ends up in loop - .htaccess

I've got the problem that I want to redirect my HTTP requests to a HTTPS using a shared SSL certificate. For some stupid reason of my host I have to attach the SSL Port on the request url.
Basically I want to redirect this:
http://sub.domain.com
to
https://sub.domain.com:12345
my .htaccess looks like this:
RewriteEngine On
RewriteCond %{HTTPS} =off
RewriteRule ^(.*)$ https://%{HTTP_HOST}:12345%{REQUEST_URI} [L,R]
By this results in a redirect loop. I have no idea why though. Is this maybe because I use a shared SSL certificate which is not made for the domain and therefore the RewriteCond is always off?
thanks in advance!
EDIT:
I've checked the response header and saw that the location field still points to the non https url. But if I use another domain (or even a subdomain) it works. So why doesn't work the redirect to the same domain?

Try changing your condition to:
RewriteCond %{SERVER_PORT} 12345

Related

.htaccess redirect http to https and redirect main page visitor to another page

I know this has been asked several times, but I have checked a lot of the other answers and still couldn't solve my problem.
Let's assume my website is example.com
I want to redirect all http address to https, and also redirect all example.com visitors to example.com/main
This is what I tried:
RewriteEngine On
RewriteRule ^(.*)$ https://www.example.com/main/$1 [R,L]
It sort of works, but there are some issues.
If I type www.example.com/main or example.com/main it goes to the http site, instead of the https. Why is that?
Also, if I type example.com/works/01 it becomes https://www.example.com/main/works/01. It adds an extra 'main' folder in.
How to fix this problem?
You need to check if the request is comming from http URL scheme and then redirect that request to a secure connection
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://www.example.com/main/$1 [R,L]

How to use Drupal's htaccess to redirect from https to http

I have this Drupal project which inherited several domains, so I have:
www.domain1.com
www.domain1.co.uk
www.domain2.com
www.domain3.com
and I want to redirect all these domain to www.newdomain.com and also want to redirect all requests to https to http as well as redirect all the domains above without www to www.newdomain.com and have tried a few things but it didn't work.
Here's what I've tried:
RewriteCond %{HTTP_HOST} !^www\.newdomain\.com [NC]
RewriteCond %{HTTP_HOST} !^$
RewriteRule ^/?(.*) http://www.newdomain.com/$1 [L,R,NE]
But with the above, all old domains (domain1.com, domain2.com, etc) gets redirected to www.newdomain.com, however when I hit https://domain1.com for example (it happens with all domains above using http), it shows a blank page. When I hit https://www.domain1.com it shows a warning from using a self signed certificate - meaning it doesn't redirect to http.
I've read on a page somewhere that I should delete these lines from htaccess:
RewriteRule ^ - [E=protossl]
RewriteCond %{HTTPS} on
RewriteRule ^ - [E=protossl:s]
But when I did, even the basic redirect that happens now (for instance, from www.domain1.com to www.newdomain.com stops working.
What am I missing here?
Thanks in advance
If https protocol always shows blank page, maybe there is distinct folder for it on your FTP ("httpsdocs" or something like that).
Also you should check your hosting provider's help page for more information about the https protocol and SSL certificate configurations.

htaccess redirect primary domain http to https w/out redirect of domains on shared host

I have searched the site and thought I may have found code I could use for my issue, but it did not work.
I want to redirect my primary domain http to https (also including any form of url typed www. without www., http://www, http://, and even just the domain name without www or http before it), while Also not effecting my other domain that is sharing the same hosting within my primary directory (as the SSL I have only used for primary domain, but not used on other domains).
At current, I had code to make the redirect for my primary to https, but it would then make my other domain on same hosting account, also redirect to https.
Then I found code to not effect the other domain and not to redirect to https, but then it effected my primary domain to NOT redirect to https either, it would only redirect to https if with www. or http but would not redirect without the www.
This has been very frustrating because I am VERY new to attempting this type of code, so I don't have a clue what I am doing and could surely use the help. My Godaddy hosting would not help but give link to basic redirect code which does not help for other domains sharing hosting, nor did it work for typing domain without www etc. I hope this made sense.
Thank you in advance.
EDITED possible FIX:
Ok, my code might look a bit wonky and I'm sure it may need cleaning up and possible repetitive stuff removed, but this is what I just patched together from other code offerings I've found on this site, along with others I've found elsewhere and I think it might be working. I'm sure there is a cleaner way to format this, but at current it seems to be working.
# redirect http to https Domain
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} www.yoursite.com [OR,NC]
RewriteCond %{HTTP_HOST} yoursite.com
RewriteRule (.*) https://yoursite.com/$1 [R=301,L]
RewriteCond %{HTTP_HOST} ^www.yoursite.com [NC]
RewriteRule ^(.*)$ http://yoursite.com/$1 [L,R=301]
# redirect to http subdomain
RewriteCond %{HTTPS} on
RewriteCond %{HTTP_HOST} ^((?!www).+\.yoursite\.com)$ [NC]
RewriteRule ^ http://%1%{REQUEST_URI} [R=301,L]

htaccess with wildcard SSL

We have a Wildcard SSL Certificate that is supposed to work on any subdomain of a given domain.
So in this server we have this file structure:
/home/DOMAIN/public_html/subdomainx
/home/DOMAIN/public_html/subdomainy
etc...
Now, the Certificate is installed, but when you visit any subdomain over https (example: hxxps://subdomainx.domain.com ) it points to
/home/DOMAIN/public_html/index.php
We need that when you visit a subdomain via https
hxxps://subdomainx.domain.com
That it points to the the same directory that it's http equivalent:
/home/DOMAIN/public_html/subdomainx
Our provider tells us that this is not possible, that the current behaviour is correct, and that we should do some htaccess to achieve this.
I've tried a few things, incluiding this solution, that seems to be what I need: Advice on Configuring .HTaccess file to Redirect HTTP Subdomain to HTTPS Equivalent
But can't get it to work.
Any tips?
Thanks.
You don't want the [R] flag in your rewrite rule, or the hostname in the target. You want to rewrite the URI so that a "subdomainx" is prepended to it. Something along the lines of:
RewriteEngine On
# We don't want the main domain or www
RewriteCond %{HTTP_HOST} ^((?!www).*)\.domain.com$ [NC]
# Make sure that if we rewrite, the destination actually exists (to prevent loops and properly return 404's)
RewriteCond %{DOCUMENT_ROOT}/%1%{REQUEST_URI} -f [OR]
RewriteCond %{DOCUMENT_ROOT}/%1%{REQUEST_URI} -d
# rewrite
RewriteRule ^(.*)$ /%1/$1 [L]
Note that the %{DOCUMENT_ROOT}/%1%{REQUEST_URI} checks have to be made so that proper 404's get returned without information disclosure. This makes it so when you request for http://test.domain.com/badfile.html, the 404 message says "/badfile.html" is not found, instead of "/test/badfile.html" is not found.

Why do my forms break when using an .htaccess redirect?

During development, I used subdomain.domain.com and everything worked.
Moving to live, the files are under www, but I wanted to use domain.com, and that's making certain functionalities not work as follows.
I got a dedicated SSL certificate for domain.com, so I have this in my htaccess, and my SSL works fine:
# Redirect www.domain.com to domain.com
RewriteCond %{HTTP_HOST} ^www.domain.com [NC]
RewriteRule ^(.*)$ http://domain.com/$1 [L,R=301]
However for some reason that breaks some other functionality where a form gets reposted and I can't figure out why. But if I change htaccess to this:
# Redirect domain.com to www.domain.com
RewriteCond %{HTTP_HOST} ^domain.com [NC]
RewriteRule ^(.*)$ http://www.domain.com/$1 [L,R=301]
then the broken functionality works, but the SSL doesn't.
Before I go invest in an SSL for www.domain.com, I wanted to check with the experts here to see if there is something simple I can do to my htaccess file to make both scenarios work.
Many thanks in advance!
A visible 301 redirect is losing its POST data. From RFC 2616:
If the 301 status code is received in
response to a request other than GET
or HEAD, the user agent MUST NOT
automatically redirect the request
unless it can be confirmed by the
user, since this might change the
conditions under which the request was
issued.
So, you have to fix the forms, not the .htaccess.

Resources