Disable .htaccess rule to a specific directory - .htaccess

I have a Rule in My base folder .htaccess file. The rule will automatically redirect http:// to https://. But for a specific folder or URL I need to access through http://
RewriteRule ^(.*)$ https:/%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
For example My website will be like https://<>/power/a/1
But I need to access some URL without https://
expected http://localhost/admin/rest_api/api_methods/


You need to implement an "exception rule" in form of a condition for the RewriteRule:
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} !^/webservices/access
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]


RewriteEngine on
RewriteBase /
RewriteRule ^$ app/webroot/ [L]
RewriteRule (.*) app/webroot/$1 [L]
# Turn SSL on for /user/login
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} !^/admin/rest_api
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
# Turn SSL off everything but /user/login
RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} ^/admin/rest_api
RewriteRule ^(.*)$ http://%{HTTP_HOST}/$1 [R=301,L]


This should work:
RewriteEngine On
RewriteCond %{REQUEST_URI} !^/webservices/access
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
It will redirect everything but the /webservices/access folder (or any other links in that folder like /webservices/access/login.php) to https

Related

Exclude one URL from HTTPS redirect

I want to exclude:
http://domain.com/index.php?route=payment/redsys/callback
This is what I have in .htacess
RewriteCond %{HTTPS} !=on
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]
that convert all url to https, how can I exclude the url to be converted to https?
thanks

Try using this, just replace directory with the folder directory that you want to stop beocming HTTPs.
RewriteEngine On
#Turns HTTPs on for everything, excluding directory
RewriteCond %{HTTPS} =off
RewriteCond %{REQUEST_URI} !^\/directory\/
RewriteRule (.*) https://%{HTTP_HOST}/$1 [L,R=301]
#Turns HTTP on for directory
RewriteCond %{HTTPS} =on
RewriteCond %{REQUEST_URI} \/directory\/
RewriteRule (.*) http://%{HTTP_HOST}/$1 [L,R=301]

htaccess - redirect all pages except checkout to HTTP non-SSL

I'm trying to redirect all traffic to HTTP unless it is our checkout process, in which case I'm trying to redirect it to HTTPS.
I have a Rackspace Cloud Sites setup however the below does not appear to be working. Is there something that I am doing incorrect in the below?
Thanks!
# Use PHP5 Single php.ini as default
AddHandler application/x-httpd-php5s .php
RewriteEngine On
RewriteBase /
#redirect to www
RewriteCond %{HTTP_HOST} !^www\.example\.com$ [NC]
RewriteRule ^(.*)$ http://www.example.com/$1 [R=301,L]
#redirect all https traffic to http, unless it is pointed at checkout
RewriteCond %{HTTP:X-Forwarded-SSL} on
RewriteCond %{REQUEST_URI} !^/checkout/?.*$
RewriteRule ^(.*)$ http://www.example.com/$1 [R=301,L]
#redirect all http traffic to https, if it is pointed at /checkout
RewriteCond %{HTTP:X-Forwarded-SSL} off
RewriteCond %{REQUEST_URI} ^/checkout/?.*$
RewriteRule ^(.*)$ https://www.example.com/$1 [R=301,L]

RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} !^www\.example\.com$ [NC]
RewriteRule ^(.*)$ http://www.example.com/$1 [R,L]
#Force NON-SSL on a non-checkout directories
RewriteCond %{ENV:HTTPS} on [NC]
RewriteCond %{REQUEST_URI} !^/DIRECTORY/?.*$
RewriteRule ^(.*)$ http://www.example.com/$1 [R,L]
#Force SSL on a specific directory
RewriteCond %{ENV:HTTPS} !on [NC]
RewriteRule ^DIRECTORY/(.*)$ https://www.example.com/DIRECTORY/$1 [R,L]

Another way:
RewriteCond %{HTTPS} !=on
# change user|cart|admin to folders you want SSL on.
RewriteRule ^/?(user|cart|admin) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
RewriteCond %{HTTPS} !=off
# change content|category to folders you want SSL off.
RewriteRule ^/?(content|category) http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

Use this
#redirect all http traffic to https, if it is pointed at /checkout
Options +FollowSymLinks
RewriteEngine On
RewriteCond %{REQUEST_URI} checkout|login
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]

A simple mod re-write rule doesnt work with htaccess

I want the user to be redirected whenever he reaches my subdomain
Here is what is inside my htaccess:
RewriteEngine On
RewriteRule ^http://smale.deals.com/(.*) http://traual.deals.com/$1 [R=301,L]
RewriteRule ^http://deals.com/smale/(.*) http://deals.com/traual/$1 [R=301,L]
But no redirect happens. why?
I also have got this in my root htaccess:
RewriteEngine on
RewriteBase /
RewriteCond %{HTTP_USER_AGENT} (Android|iPhone|iPod|Blackberry) [NC]
RewriteCond %{REQUEST_URI} !^/mobile [NC]
RewriteRule ^(.*)/?$ mobile/$1 [L]

You cannot include the protocol and domain in RewriteRule. Those need to be accounted for in RewriteCond:
RewriteEngine On
# Rewrite requests to smale.deals.com to traual.deals.com
RewriteCond %{HTTP_HOST} ^smale\.deals\.com$ [NC]
RewriteRule (.*) http://traual.deals.com/$1 [R=301,L]
# For deals.com...
RewriteCond %{HTTP_HOST} ^deals\.com$ [NC]
# Rewrite requests to smale/ to deals.com/traual/
RewriteRule ^smale/(.*) http://deals.com/traual/$1 [R=301,L]

.htaccess redirect subfolder to HTTPS

I'm trying to write a RewriteRule for my .htaccess file. Specifically, whenever a user accesses a specific subdirectory, I would like it to Rewrite to force an HTTPS connection.
For example, whenever someone accesses: http://www.mydomain.com/subdirectory (and any other sub-directories of that "subdirectory").
I'd like it to rewrite to https://www.mydomain.com/subdirectory
I've tried the following, but it appears to create a loop:
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.mydomain.com/subdirectory/$1 [R=301,L]
Also, this .htaccess file is placed in the root of my domain.
Any ideas on how to modify my RewriteRule?
Many Thanks!

I would put this into the domain's root directory:
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^(subdirectory/.*)$ https://www.mydomain.com/$1 [R=301,L]

This work for me, this allow you to redirect to https a specific folder, just add an htaccess file inside of the folder with the following content:
RewriteCond %{HTTPS} off
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Ahh, its a combo of the two. MonoMano - you've omitted the subdirectory in the first part of the RewriteRule, therefore directing ALL traffic to the HTTPS subdomain address. I found that checking for 'off' was more reliable than checking for !=on, dont ask me why!
You'd want to add the subdirectory back in as per Floern's response, see below:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(subdirectory/.*)$ https://www.mydomain.com/subdirectory/$1 [R=301,L]

Add the lines given below to .htaccess file of that subdirectory:
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://www.domain.com/subdirectory/$1 [L,R=301]

Use this if you don't want the address bar to show the subfolder. It will redirect yourdomain.com to yourdomain.com/subfolder but will look like you are still on yourdomain.com
RewriteEngine on
RewriteCond %{HTTP_HOST} ^(www.)?yourprimarydomain.com$
RewriteCond %{REQUEST_URI} !^/subfolder/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ /subfolder/$1
RewriteCond %{HTTP_HOST} ^(www.)?yourmaindomain.com$
RewriteRule ^(/)?$ subfolder/index.php [L]

Try This
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteCond %{HTTPS} off
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]

This will remove www prefix , and force https:
RewriteEngine on
RewriteCond %{HTTP_HOST} !^www\. [OR,NC]
RewriteCond %{HTTPS} off
RewriteRule ^ https://example.com%{REQUEST_URI} [NE,R=301,L]
RewriteRule ^((?!subdirectory/).*)$ /subdirectory/$1 [L]
Change example.com for you main domain and subdirectory for Sub Directory

Try
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://www.mydomain.com/subdirectory/$1 [R=301,L]

Generic htaccess redirect www to non-www

I would like to redirect www.example.com to example.com. The following htaccess code makes this happen:
RewriteCond %{HTTP_HOST} ^www\.example\.com [NC]
RewriteRule ^(.*)$ http://example.com/$1 [L,R=301]
But, is there a way to do this in a generic fashion without hardcoding the domain name?

RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ https://%1/$1 [R=301,L]
Same as Michael's except this one works :P

But if we need to do this for separate http and https:
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ http://%1/$1 [R=301,L]
RewriteCond %{HTTPS} on
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ https://%1/$1 [R=301,L]

Redirect non-www to www (both: http + https)
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} !^www\.(.*)$ [NC]
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]
RewriteCond %{HTTPS} on
RewriteCond %{HTTP_HOST} !^www\.(.*)$ [NC]
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,L]

If you want to do this in the httpd.conf file, you can do it without mod_rewrite (and apparently it's better for performance).
<VirtualHost *>
ServerName www.example.com
Redirect 301 / http://example.com/
</VirtualHost>
I got that answer here: https://serverfault.com/questions/120488/redirect-url-within-apache-virtualhost/120507#120507

Here are the rules to redirect a www URL to no-www:
#########################
# redirect www to no-www
#########################
RewriteCond %{HTTP_HOST} ^www\.(.+) [NC]
RewriteRule ^(.*) http://%1/$1 [R=301,NE,L]
Here are the rules to redirect a no-www URL to www:
#########################
# redirect no-www to www
#########################
RewriteCond %{HTTP_HOST} ^(?!www\.)(.+) [NC]
RewriteRule ^(.*) http://www.%1/$1 [R=301,NE,L]
Note that I used NE flag to prevent apache from escaping the query string. Without this flag, apache will change the requested URL http://www.example.com/?foo%20bar to http://www.example.com/?foo%2250bar

RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^/(.*)$ https://%1/$1 [R]
The RewriteCond captures everything in the HTTP_HOST variable after the www. and saves it in %1.
The RewriteRule captures the URL without the leading / and saves it in $1.

Try this:
RewriteCond %{HTTP_HOST} ^www\. [NC]
RewriteRule ^(.*)$ %{HTTP_HOST}$1 [C]
RewriteRule ^www\.(.*)$ http://$1 [L,R=301]
If the host starts with www, we stick the whole host onto the start of the URL, then take off the "www."

Complete Generic WWW handler, http/https
I didn't see a complete answer. I use this to handle WWW inclusion.
Generic. Doesn't require domain info.
Forces WWW on primary domain: www.domain.com
Removes WWW on subdomains: sub.domain.com
Preserves HTTP/HTTPS status.
Allows individual cookies for domain / sub-domains
Please let me know how this works or if I left a loophole.
RewriteEngine On
RewriteBase /
# Force WWW. when no subdomain in host
RewriteCond %{HTTP_HOST} ^[^.]+\.[^.]+$ [NC]
RewriteCond %{HTTPS}s ^on(s)|off [NC]
RewriteRule ^ http%1://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
# Remove WWW. when subdomain(s) in host
RewriteCond %{HTTP_HOST} ^www\. [NC]
RewriteCond %{HTTPS}s ^on(s)|off [NC]
RewriteCond http%1://%{HTTP_HOST} ^(https?://)(www\.)(.+\.)(.+\.)(.+)$ [NC]
RewriteRule ^ %1%3%4%5%{REQUEST_URI} [R=301,L]

There can be a lot of misinformation out there about htaccess redirects, I find. First off, make sure your site is running on Unix using Apache and not on a Windows host if you expect this code to work.
RewriteEngine On
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule ^(.*)$ http://%1/$1 [R=301,L]
(Make sure there are no line spaces between each line of text, though; I have added an extra space between lines so it renders okay in this window.)
This is one snippet of code that can be used to direct the www version of your site to the http:// version. There are other similar codes that can be used, too.

RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ http://%1/subfolder/$1 [R=301,L]
For subfolder

www to non www with https
RewriteEngine on
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ http://%1/$1 [R=301,L]
RewriteCond %{HTTPS} !on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

For those that need to able to access the entire site WITHOUT the 'www' prefix.
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule ^ http%{ENV:protossl}://%1%{REQUEST_URI} [L,R=301]
Mare sure you add this to the following file
/site/location/.htaccess

Using .htaccess to Redirect to www or non-www:
Simply put the following lines of code into your main, root .htaccess file.
In both cases, just change out domain.com to your own hostname.
Redirect to www
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_HOST} ^domain\.tld [NC]
RewriteRule ^(.*)$ http://www.domain.tld/$1 [L,R=301]
</IfModule>
Redirect to non-www
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_HOST} ^www\.domain\.tld [NC]
RewriteRule ^(.*)$ http://domain.tld/$1 [L,R=301]
</IfModule>

I used the above rule to fwd www to no www and it works fine for the homepage, however on the internal pages they are forwarding to /index.php
I found this other rule in my .htaccess file which is causing this but not sure what to do about it. Any suggestions would be great:
############################################
## always send 404 on missing files in these folders
RewriteCond %{REQUEST_URI} !^/(media|skin|js)/
############################################
## never rewrite for existing files, directories and links
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-l
############################################
## rewrite everything else to index.php
RewriteRule .* index.php [L]

RewriteEngine on
# if host value starts with "www."
RewriteCond %{HTTP_HOST} ^www\.
# redirect the request to "non-www"
RewriteRule ^ http://example.com%{REQUEST_URI} [NE,L,R]
If you want to remove www on both http and https , use the following :
RewriteEngine on
RewriteCond %{HTTP_HOST} ^www\.
RewriteCond %{HTTPS}s ^on(s)|offs
RewriteRule ^ http%1://example.com%{REQUEST_URI} [NE,L,R]
This redirects
Non ssl
http://www.example.com
to
http://example.com
And
SSL
https://www.example.com
to
https://example.com
on apache 2.4.* you can accomplish this using a Redirect with if directive,
<if "%{HTTP_HOST} =='www.example.com'">
Redirect / http://example.com/
</if>

use: Javascript / jQuery
// similar behavior as an HTTP redirect
window.location.replace("http://www.stackoverflow.com");
// similar behavior as clicking on a link
window.location.href = "http://stackoverflow.com";
Or .htaccess:
RewriteEngine On
RewriteBase /
Rewritecond %{HTTP_HOST} ^www\.yoursite\.com$ [NC]
RewriteRule ^(.*)$ https://yoursite.com/$1 [R=301,L]
and The PHP method:
$protocol = (#$_SERVER["HTTPS"] == "on") ? "https://" : "http://";
if (substr($_SERVER['HTTP_HOST'], 0, 4) !== 'www.') {
header('Location: '.$protocol.'www.'.$_SERVER ['HTTP_HOST'].'/'.$_SERVER['REQUEST_URI']);
exit;
}
Ajax
$.ajax({
type: "POST",
url: reqUrl,
data: reqBody,
dataType: "json",
success: function(data, textStatus) {
if (data.redirect) {
// data.redirect contains the string URL to redirect to
window.location.href = data.redirect;
}
else {
// data.form contains the HTML for the replacement form
$("#myform").replaceWith(data.form);
}
}
});

The only way I got it to work...
RewriteEngine On
RewriteCond %{HTTP_HOST} ^site\.ro
RewriteRule (.*) http://www.site.ro/$1 [R=301,L]

If you are forcing www. in url or forcing ssl prototcol, then try to use possible variations in htaccess file, such as:
RewriteEngine On
RewriteBase /
### Force WWW ###
RewriteCond %{HTTP_HOST} ^example\.com
RewriteRule (.*) http://www.example.com/$1 [R=301,L]
## Force SSL ###
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://example.com/$1 [R,L]
## Block IP's ###
Order Deny,Allow
Deny from 256.251.0.139
Deny from 199.127.0.259

This is updated to work on Apache 2.4:
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} ^www\.(.*)$
RewriteRule ^(.*)$ http://%1/$1 [R=301,L]
The only change vs Michael's is to remove the [NC], which produces the "AH00665" error:
NoCase option for non-regex pattern '-f' is not supported and will be ignored

The selected answer and many other solutions here dropped the the part of the url after /, so basically it always redirected to main domain, at least for me.. So i am adding working sample respecting full path after slash..
RewriteEngine On
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ http://%1%{REQUEST_URI} [L,R=301]

Alternative approach if .htaccess customization is not ideal option:
I've created simple redirect server for public use. Just add A or CNAME record:
CNAME r.simpleredirect.net
A 89.221.218.22
More info: https://simpleredirect.net

I am not sure why u want to remove www.
But reverse version would be:
# non-www.* -> www.*, if subdomain exist, wont work
RewriteCond %{HTTP_HOST} ^whattimein\.com
RewriteRule ^(.*)$ http://www.whattimein.com/$1 [R=permanent,L]
And advantage of this script is:
if u have something like test.whattimein.com or any other (enviroments for developing/testing)
it wont redirect U to the original enviroment.

Added if localhost, ignore redirection (for development purpose in local environment). If not localhost AND (not https OR it’s www), redirect to https and non-www.
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} !localhost [NC]
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www\. [NC]
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]

Add
RewriteEngine On
RewriteCond %{HTTP_HOST} ^www.(.*)$
RewriteRule ^(.*)$ http://%1/$1 [L,R=301]
to your .htaccess before any other rule.

Hi you can use following rules on your htaccess file:
RewriteEngine On
RewriteCond %{HTTP_HOST} ^example.com
RewriteRule (.*) http://www.example.com/$1 [R=301,L]

Resources