I have hosted opencart website on subdomain beta.mydomain.com with ssl cirtificate installed.
I want to force https and www . when someone types beta.example.com should take them to https://www.beta.example.com
I tired following .htaccess entries
RewriteEngine On
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} !^www\.example.com\.com$ [NC]
RewriteRule ^(.*)$ https://www.example.com/$1 [L,R=301]
RewriteBase /
I dont understand whats going wrong here. thanks in advance.
Well, the domain you're using in your example is not beta.example.com it's example.com you should change it to the domain you require. Something like:
RewriteEngine On
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} !^www\.beta\.example\.com$ [NC]
RewriteRule ^(.*)$ https://www.beta.example.com/$1 [L,R=301]
RewriteBase /
What do you use the RewriteBase for?
I personally like to use the following process:
Redirect to www
Redirect to https
Something like:
RewriteEngine On
RewriteCond %{HTTP_HOST} ^example\.com [NC]
RewriteRule ^(.*)$ http://www.example.com/$1 [L,R=301,NC]
RewriteCond %{HTTPS} !on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
In case you haven't already checked it, this GitHub Repository has some useful info on .htaccess.
The easiest way is to update your config.php file in your home directory.
I don't have it in front of me, but you'd want to change your HTTP and HTTPS url to "https://www.beta.example.com".
for htaccess
RewriteEngine On
RewriteCond %{SERVER_PORT} !=443
RewriteRule ^ https://www.yoursite.com%{REQUEST_URI} [NS,R,L]
alternative htaccess code
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
for php redirect
Open index.php file
find
<?php
add after
if (substr($_SERVER['HTTP_HOST'], 0, 4) === 'www.') {
header('Location: http'.(isset($_SERVER['HTTPS']) && $_SERVER['HTTPS']=='on' ? 's':'').'://' . substr($_SERVER['HTTP_HOST'], 4).$_SERVER['REQUEST_URI']);
exit;
}
I have this in my .htaccess file:
RewriteCond %{HTTP_HOST} ^example.com$
RewriteRule (.*) http://www.example.com$1 [R=301,L]
but whenever I access a file on my root like http://example.com/robots.txt it will redirect to http://www.example.comrobots.txt/.
How can I correct this so that it will redirect correctly to http://www.example.com/robots.txt?
Change your configuration to this (add a slash):
RewriteCond %{HTTP_HOST} ^example.com$ [NC]
RewriteRule (.*) http://www.example.com/$1 [R=301,L]
Or the solution outlined below (proposed by #absiddiqueLive) will work for any domain:
RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]
If you need to support http and https and preserve the protocol choice try the following:
RewriteRule ^login\$ https://www.%{HTTP_HOST}/login [R=301,L]
Where you replace login with checkout.php or whatever URL you need to support HTTPS on.
I'd argue this is a bad idea though. For the reasoning please read this answer.
Here's the correct solution which supports https and http:
# Redirect to www
RewriteCond %{HTTP_HOST} ^[^.]+\.[^.]+$
RewriteCond %{HTTPS}s ^on(s)|
RewriteRule ^ http%1://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
UPD.: for domains like .co.uk, replace
RewriteCond %{HTTP_HOST} ^[^.]+\.[^.]+$
with
RewriteCond %{HTTP_HOST} ^[^.]+\.[^.]+\.[^.]+$
RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]
For Https
RewriteCond %{HTTPS}s ^on(s)|
RewriteRule ^(.*)$ http%1://www.%{HTTP_HOST}/$1 [R=301,L]
The following example works on both ssl and non-ssl and is much faster as you use just one rule to manage http and https
RewriteEngine on
RewriteCond %{HTTP_HOST} !^www\.
RewriteCond %{HTTPS}s on(s)|offs()
RewriteRule ^ http%1://www.%{HTTP_HOST}%{REQUEST_URI} [NE,L,R]
[Tested]
This will redirect
http
http://example.com
to
http://www.example.com
https
https://example.com
to
https://www.example.com
Try this, I used it in many websites, it works perfectly
Options +FollowSymLinks
RewriteEngine On
RewriteCond %{HTTP_HOST} ^bewebdeveloper.com$
RewriteRule ^(.*) http://www.bewebdeveloper.com/$1 [QSA,L,R=301]
I have tested all the above solutions but not working for me, i have tried to remove the http:// and won't redirect also removed the www it redirect well, so i get confused, specially i am running all my sites under https://
So i have combined some codes together and came up with perfect solution for both http:// and https:// and www and non-www.
# HTTPS forced
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]
# Redirect to www
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,L]
</IfModule>
Hope this can help someone :)
Add the following code in .htaccess file.
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]
URLs redirect tutorial can be found from here - Redirect non-www to www & HTTP to HTTPS using .htaccess file
This configuration worked for me in bitnami wordpress with SSL configured :
Added the below under "RewriteEngine On" in file /opt/bitnami/apps/wordpress/conf/httpd-app.conf
RewriteCond %{HTTP_HOST} .
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^ http%{ENV:protossl}://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteBase /
RewriteCond %{HTTPS} !on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{HTTP_HOST} !^www\.domain\.com [NC]
RewriteRule (.*) http://www.domain.com/$1 [L,R=301]
This will redirect your domain which is not started with WWW
It is not redirect your all sub domain.
It is useful.
I believe the top answer successfully redirects non-www to www (ex: mysite.com -> www.mysite.com), but doesn't take into account wildcard subdomains, which results in:
random.mysite.com -> www.random.mysite.com
Here's a solution with/without HTTPS
HTTP
RewriteEngine On
RewriteCond %{HTTP_HOST} !www.mysite.com$ [NC]
RewriteRule ^(.*)$ http%{ENV:protossl}://www.mysite.com/$1 [L,R=301]
HTTP/HTTPS
RewriteEngine On
RewriteCond %{HTTPS} =on
RewriteRule ^(.*)$ - [env=protocol:https]
RewriteCond %{HTTPS} !=on
RewriteRule ^(.*)$ - [env=protocol:http]
RewriteCond %{HTTP_HOST} !www.mysite.com$ [NC]
RewriteRule ^(.*)$ %{ENV:protocol}://www.mysite.com/$1 [L,R=301]
*note: I haven't tested https because I don't currently have a cert to test, but if someone can verify or optimize what I have that would be awesome.
Two warnings
Avoid 301 and prefer modern 303 or 307 response status codes.
Avoid 301
Think carefully if you really need the permanent redirect indicated as [R=301] because if you decide to change it later, then the previous visitors of the page will continue to see the page of the original redirection.
The permanent redirection information is frequently stored in the browser's cache and, in general, it is difficult to eliminate (reload the page do not solve the problem). Your website visitors will be stuck in the previous redirect "forever".
Avoid 302 too
The new version of the HTTP protocol (v1.1) added two new response status codes that can be used instead of 302.
303 URL redirection but demanding to change the type of request to
GET.
307 URL Redirection but demanding to keep the type of request as initially sent.
You can still use the code 302 (non-permanent redirection) although it is considered ambiguous. In any case, most browsers implement 302 in the same way the new 303 code instructs.
If possible, add this to the main Apache configuration file. It is a lighter-weight solution, less processing required.
<VirtualHost 64.65.66.67>
ServerName example.com
Redirect permanent / http://www.example.com/
</VirtualHost>
<VirtualHost 64.65.66.67>
ServerAdmin me#example.com
ServerName www.example.com
DocumentRoot /var/www/example
.
.
. etc
So, the separate VirtualHost for "example.com" captures those requests and then permanently redirects them to your main VirtualHost. So there's no REGEX parsing with every request, and your client browsers will cache the redirect so they'll never (or rarely) request the "wrong" url again, saving you on server load.
Note, the trailing slash in Redirect permanent / http://www.example.com/.
Without it, a redirect from example.com/asdf would redirect to http://www.example.comasdf instead of http://www.example.com/asdf.
Write in .htaccess :)
## Redirect from non-www to www (remove the two lines below to enable)
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]
Can anyone please help me to stop https redirect for a particular url, htacces is being used by multiple parked domain so i am using https for my primary domain only eg.("www.domain.com") Please find my current .htaccess
#ssl
RewriteCond %{HTTP_HOST} ^www\.domain\.com [NC]
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://www.domain.com/$1 [L,R=301]
I want below url to not redirect on https
https://www.domain.com/setup/abc/{ID}
https://www.domain.com/setup/abc
etc..
basically i want urls not to redirect which are including /setup/.
RewriteEngine On
RewriteCond %{HTTP_HOST} ^www\.domain\.com [NC]
RewriteCond %{HTTPS} off
RewriteRule ^((?!^setup/).*)$ https://www.domain.com/$1 [L,R=301]
That should do the trick.
I’m trying to redirect an https://www.domain.ext to a plain https://domain.ext, but just can’t get it to work; this is where I’m right now:
RewriteEngine on
RewriteCond %{HTTP_HOST} ^https\:\/\/www\.cadenanoticias\.mx$
RewriteRule ^/?$ "https\:\/\/cadenanoticias\.mx" [R=301,L]
Allso tried
RewriteEngine on
RewriteCond %{HTTP_HOST} *!^https\://www*.cadenanoticias\.mx [NC]
RewriteRule (.*) https://cadenanoticias.mx/$1 [L,R=301]
And not working see: https:www.cadenanoticias.mx
Any idea on why it’s not working?
UPDATE FIX
Got it to work as follows:
RewriteEngine on
RewriteCond %{HTTP_HOST} ^www\.cadenanoticias\.mx$ [NC]
RewriteRule ^(.*)$ https://cadenanoticias.mx/$1 [R=301,L]
RewriteCond %{HTTPS_HOST} ^www\.cadenanoticias\.mx$ [NC]
RewriteRule .? https://%1%{REQUEST_URI} [R=301,L]
Hope it helps someone else.
%{HTTP_HOST} does not match against protocol. Use
RewriteEngine on
RewriteCond %{HTTP_HOST} ^www\.cadenanoticias\.mx$ [NC]
RewriteRule ^(.*)$ https://cadenanoticias.mx/$1 [R=301,L]
EDIT :
No, bypassing the SSL certificate validation is not possible. The SSL handshake precedes htaccess rules for security reasons. If this was possible, a hacker could hijack a SSL connection to an insecure one without really needing a valid certificate.
There's no solution for this other than buying a cheaper certificate just to do handshake and redirect.
Currently using the following to make sure my website always is using www. How would I modify this to be www and https?
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^ http://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Tried this, but ended up with www.www.website if the user had no https but did already have a www
RewriteCond %{HTTPS} off
RewriteRule ^(.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Not sure how to combine the two
Make us of {SERVER_PORT} to see if the request is made via regular connection (80), then redirect to the https URL.
This should do it:
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]
Here are some nice example, using different methods.