I have a certain sub-domain which requires an SSL connection for all pages on that subdomain.
This is my current .htaccess script:
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R,L]
I have a single page on the subdomain which must not have SSL access (causes issues with accessing files on another server without a certificate).
My mod_rewrite knowledge is very limited. I've done a search but can't find what I need.
My question is, the page which must not have https is called 'tutorial.php'. Is there a way to redirect all pages except tutorial.php to https?
I guess in pseudo-code, the RewriteCond would be similar to:
RewriteCond %{SERVER_PORT} 80 AND {WEB_PAGE}!='tutorial.php'
Thanks
Try this:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} !/tutorial\.php
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R,L]
RewriteCond %{HTTPS} on
RewriteRule ^tutorial\.php$ http://%{HTTP_HOST}/tutorial.php [R,L]
Related
This is what I'm using right now to redirect all traffic to https:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
I would like to have this configuration but exclude one particular folder. The reason I'm doing this is that I have installed an add-on domain on the current hosting account and while the main domain has an SSL certificate installed, the one that I have recently added doesn't.
Adding the addon domain creates a folder inside the root folder of the primary domains and because I'm redirecting all traffic through the htaccess configuration, it also tries to access the https version of the new addon domain.
You can exclude a folder using a RewriteCond:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{THE_REQUEST} !/someFolder/ [NC]
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301,NE]
You need to add a condition into it, so use this instead:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} !^/foldername
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Clear your cache before testing this.
If I read your question correctly, you would like to redirect all traffic that hits your site to https://, except for a single folder, right?
If that's the case, this should work:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} !^/<folder-name>/
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
Just replace with the name of the folder you want to exclude.
This is driving me bananas. For some reason my domain will not work to redirect https-WWW to https-non-WWW. This works with every other permutation except https://www.nextoronto.com
What code do I use in the .htaccess that will allow it to work for all permutations?
Edit: This is the rewrite code now:
RewriteEngine on
RewriteCond %{HTTP_HOST} ^www\.nextoronto\.com [NC]
RewriteRule ^(.*)$ https://nextoronto.com/$1 [L,R=301]
It looks sound, perhaps that rule isn't being reached due to other rules in front of it?
Here is what I use that works:
# Force SSL
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://nextoronto.com/$1 [R=301,L]
# Redirect www to non-www
RewriteCond %{HTTP_HOST} ^www\. [NC]
RewriteRule ^(.*)$ https://nextoronto.com/$1 [R=301,L]
# My other rewrites for routing all requests to index.php go here...
Edit the URL and try with this code:
RewriteEngine on
rewritecond %{http_host} ^www\.example\.com [nc]
rewriteCond %{SERVER_PORT} 80
rewriterule ^(.*)$ https://example.com/$1 [r=301,nc]
Step 1
You should make .htaccess file like this
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ index.php?url=$1
Step 2
Go to the directory, then view mark the option file extension. Then see the .htaccess file.
When no rewrite works, no matter what you do, consider what happened to me. IIS or WAMP, on my laptop, redirected all calls to my domain (call it example.com) to localhost. So creating all the rewrites on my example.com server were to no avail because no calls to example.com ever made it out of my computer. Just do a "ping example.com" and if you get an IP of 127.0.0.1, edit your HOSTS file.
I have a multiple addon domains on my hosting account. I would like to redirect non-https to https for the main domain AND ONLY ONE of the addon domains.
The problem I am experiencing is www.firstaddondomain.com is not redirecting to https://www.firstaddondomain.com. Instead it does not appear to be redirecting at all. It stays at www.firstaddondomain.com.
Note: I do not want to redirect all http to https. I have another addon domain that I do not want redirected to https.
Here is what my .htaccess file looks like:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} ^(www\.)?maindomain\.com$ [NC]
RewriteRule ^$ https://www.maindomain.com/$1 [R,L]
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} ^(www\.)?firstaddondomain\.com$ [NC]
RewriteRule ^$ https://www.firstaddondomain.com/$1 [R,L]
UPDATE:
Thanks for your answer, anubhava. My first addon domain is actually a .org domain, so my updated .htaccess file is slightly different from your answer.
Here is my updated .htaccess file
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} ^(?:www\.)?firstaddondomain\.org$ [NC]
RewriteRule ^ https://www.firstaddondomain.org%{REQUEST_URI} [R=302,L,NE]
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} ^(?:www\.)?maindomain\.com$ [NC]
RewriteRule ^ https://www.maindomain.com%{REQUEST_URI} [R=302,L,NE]
Your regex isn't capturing $1
Both rules can be combined into one
You can use:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} ^(?:www\.)?(maindomain|firstaddondomain)\.com$ [NC]
RewriteRule ^ https://www.%1.com%{REQUEST_URI} [R=302,L,NE]
Make sure this rule is your very first rule and placed in DocumentRoot/.htaccess of both domains.
May vary depending on your hosting conditions, however in Godaddy shared hosting environments & withOUT a Wildcard SSL, ie- a single domain SSL cert., This is the only config that managed to exclude an add-on domain from a force HTTPS redirect:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} ^(www\.)?ADDON_DOMAIN\.com$ [NC]
RewriteRule .* - [L]# This is essential in order to ensure no further conditions are applied after navigating to the add-on domain #
RewriteCond %{HTTPS} off# Now that you've defined your exclusion AND made certain its logic is independent from all other URI Requests, Must re-establish this condition once more #
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
I currently use the following code for my htaccess file. It redirects to https://www.example.com
#if not forum.example.com and not ssl then redirect
RewriteCond %{HTTP_HOST} !^forum\.
RewriteCond %{SERVER_PORT} !443
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R,L]
#redirect if https://forum.example.com
RewriteCond %{HTTP_HOST} ^forum\.
RewriteCond %{SERVER_PORT} 443
RewriteRule ^(.*)$ http://forum.%{HTTP_HOST}/$1 [R,L]
The problem I have is when I go to
http://www.example.com
, this code makes it redirect to
https://www.www.example.com
instead of
https://www.example.com.
Anyone know how I can fix this?
If you require additional information to assist, just let me know.
The first rewrite rule is executed if 2 negative conditions are met: Not forum and not SSL, but the rewrite inserts www always, even when it is already in the URL. It is not previously checked.
I think the best way to correct the problem without modifying the actual rules, except removing the www from the first substitution, is by adding another rule at the begining, like this:
#non-www to www
RewriteEngine On
RewriteCond %{HTTP_HOST} ^example\.com/?$
RewriteRule ^(.*)$ http://www.example.com/$1 [L,R=301]
#if not forum.example.com and not ssl then redirect
RewriteCond %{HTTP_HOST} !^forum\.
RewriteCond %{SERVER_PORT} !443
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R,L]
#redirect if https://forum.example.com
RewriteCond %{HTTP_HOST} ^forum\.
RewriteCond %{SERVER_PORT} 443
RewriteRule ^(.*)$ http://forum.%{HTTP_HOST}/$1 [R,L]
What the added rule does, is to rewrite any URL without www to one with www. The resulting URL is then presented to the other rules.
I don't know if these 2 last rules work as intended, I guess they do. I am just trying to solve the www duplication issue in the question.
Hope this helps.
I have an application that requires SSL in a folder called "secure".
So within the "secure" folder of my site in the .htaccess file I'm using the following code to force https:// on that section of the site:
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} secure
RewriteRule ^(.*)$ https://domain.com/secure/$1 [R,L]
How could I modify this so that domain.com/secure/pay/callback would be able to use regular http://
Thank you.
Just add an exclusion
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} secure
RewriteCond %{REQUEST_URI} !/secure/pay/callback
RewriteRule ^(.*)$ https://domain.com/secure/$1 [R,L]
That's a pretty specific case, though; is that enough?