I have to enforce https everytime when the sign-in site-node is loading.
For example http://www.mysite.com/sign-in should always be enforced to https.
I tried multiple versions but none of them worked. It's the first time when I am using .htaccess
here is what i tried:
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} sign-in
RewriteRule ^(.*)$ https://%{SERVER_NAME}%{REQUEST_URI}/$1 [R,L]
You shouldn't use %{REQUEST_URI} and $1 together in rewritten URL.
You can try this code:
RewriteCond %{HTTPS} off
RewriteRule sign-in https://%{HTTP_HOST}%{REQUEST_URI} [L,NC,R=301]
I solved it with :
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteCond %{REQUEST_URI} /sign-in
RewriteRule !(.*)lbping(.*) https://%{SERVER_NAME}%{REQUEST_URI} [L,R]
Related
I want to remove secure http only for a certain url:
https://www.example.com/car-sharing.html
supposed to redirect to
http://www.example.com/car-sharing.html
I tried several .htaccess directives, for example
RewriteCond %{HTTPS} on
RewriteCond $1 ^(car-sharing\.html)
RewriteRule (.*) http://%{HTTP_HOST}%$1 [R=301,L]
or
RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} car-sharing.html
RewriteRule ^(.*)$ http://www.example.com/%{REQUEST_URI} [R=301,L]
but I can't get it to work, the redirect from https to http never happens. Any help is much appreciated.
%{REQUEST_URI} includes the leading slash, so this should work:
RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} ^/car-sharing.html
RewriteRule ^ http://www.example.com%{REQUEST_URI} [R=301,L,QSA]
I know this question has been asked and answered many times but I've spent the last 3 hours going through peoples answers and none have seemed to work just right for me.
I need some .htaccess code to do this:
If domain is example.co.uk/$urlData (only apply to main domain and no subdomains) rewrite too www.example.co.uk/$urlData
If HTTPS is not "on" and domain is primary (ie. no subdomains) then redirect to https://www.example.co.uk/$urlData.
I have to use RewriteCond %{HTTP:X-Forwarded-Proto} !https to test if HTTPS is off as RewriteCond %{HTTPS} off is not configured on my server.
Add this to your .htaccess:
RewriteEngine On
RewriteCond %{HTTP_HOST} ^example\.co\.uk$ [NC]
RewriteRule (.*) https://www.example.co.uk/$1 [R=301,L]
RewriteCond %{HTTP_HOST} ^www\.example\.co\uk$ [NC]
RewriteCond %{HTTP:X-Forwarded-Proto} !=https
RewriteRule (.*) https://www.example.co.uk/$1 [R=301,L]
Give this a try and see if this will work for you.
RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\. [NC,OR]
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^(.*) https://www.example.com/$1 [R=301,L]
So the problem I am currently having is that our entire website is indexed using https. we want to redirect to http using .htaccess. the problem is that we need a couple of URIs to still use https and I am not sure how to write the exception for URIs
I know the below example would work if our site functioned like this www.example.com/account.php but our site urls are like www.example.com/index.php?l=account
# Turn SSL on for account
RewriteCond %{HTTPS} off
RewriteCond %{SCRIPT_FILENAME} \/account\.php [NC]
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
how can i fix this, any guidance would be appreciated.
thanks
EDIT!
So this code below I have working but I would like to make one more exception that I cant seem to get to work, I also want the root (index.php) to only use http.
I tried using...
RewriteCond %{REQUEST_URI} !^/index.php
but this did not work
# invoke rewrite engine
RewriteEngine On
RewriteBase /
RewriteCond %{https} off
RewriteCond %{QUERY_STRING} !^l=product_detail
RewriteCond %{QUERY_STRING} !^l=product_list
RewriteCond %{QUERY_STRING} !^l=page_view
RewriteRule ^(.*)$ https://%{HTTP_HOST}/development/$1 [R=301,L]
thanks
Try
RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} !^/account.php
RewriteCond %{QUERY_STRING} !^l=account
RewriteRule ^(.*)$ http://%{HTTP_HOST}/$1 [R=301,L]
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} ^/account.php [OR]
RewriteCond %{QUERY_STRING} ^l=account
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
I have a very simple question that for some reason I cannot figure out, and hours of searching has not helped either. Using an .htaccess file, how can I redirect just /login.php and /index.php to https, and then redirect any other page to just http? I currently use this code to redirect to https, but it redirects every page:
RewriteCond %{SERVER_PORT} !443
RewriteRule ^(.*) https://www.ruxim.com/$1 [R]
thank you very much.
The %{SERVER_PORT} variable depends on the UseCanonicalPhysicalPort in your config. If it's not setup, then you may not be able to match against that variable, easier to use %{HTTPS} instead.
RewriteCond %{HTTPS} off
RewriteRule ^/?(login|index)\.php https://www.ruxim.com%{REQUEST_URI} [L,R]
RewriteCond %{HTTPS} on
RewriteRule !^/?(login|index)\.php http://www.ruxim.com%{REQUEST_URI} [L,R]
If you don't need the redirect to non-https, then you don't need the second rule.
Try something like this;
RewriteCond %{SERVER_PORT} !^443$
RewriteCond %{REQUEST_FILENAME} =index.php [OR]
RewriteCond %{REQUEST_FILENAME} =login.php
RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R,L]
I'm note 100% sure if the [OR] will comply suddenly in the middle.
Please apply following conditions to secure only /login.php and /index.php pages. Other pages will be work on HTTP path (non-secure pages).
RewriteEngine On
RewriteBase /
# force https for /login.php and /index.php
RewriteCond %{HTTPS} =off
RewriteRule ^(index|login)\.php$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
# don't do anything for images/css/js (leave protocol as is)
RewriteRule \.(gif|jpe?g|png|css|js)$ - [NC,L]
# force http for all other URLs
RewriteCond %{HTTPS} =on
RewriteCond %{REQUEST_URI} !^/(index|login)\.php$
RewriteRule .* http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
I'm using .htaccess to force https on certain pages and http on other pages and it's working fine. But I need to force http on home page (example: http://website.com) and I don't know how to do that. I tried RewriteCond %{REQUEST_URI} ^/index.php/? but as I'm using drupal that didn't work.
This is the script I'm using:
RewriteEngine on
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} ^/register/? [OR]
RewriteCond %{REQUEST_URI} ^/admin/?
RewriteRule ^(.*)$ https://website.com/$1 [R,L]
RewriteCond %{SERVER_PORT} 443
RewriteCond %{REQUEST_URI} ^/about-us/? [OR]
RewriteCond %{REQUEST_URI} ^/help/?
RewriteRule ^(.*)$ http://website.com/$1 [R,L]
Any help is appreciated
First, instead of RewriteCond %{SERVER_PORT}, you can use RewriteCond %{HTTPS}, which should be more reliable in detecting HTTPS.
The homepage has the RewriteRule pattern ^$. So the rule would be
RewriteCond %{HTTPS} =on
RewriteRule ^$ http://website.com [R,L]
When everything works as you expect, you can change R to R=301.