Apache rewrite all URL's to https with www + a few exceptions - .htaccess

I've tried all the answers to similar stack questions and nothing has worked. I need to redirect all to https://www except for example.com/blogs/* and example.com/page-name.
I currently have this:
RewriteCond %{HTTPS} =off
RewriteRule ^(.*)$ https://www.example.com/$1 [R=301,L]
RewriteCond %{http_host} ^example.com [NC]
RewriteRule ^(.*)$ https://www.example.com/$1 [R=301,L]
which redirects everything except for https://example.com, it will NOT add the www.
You can see for yourself at https://moblized.com
RewriteEngine On
RewriteCond %{HTTPS} =off
RewriteRule ^(.*)$ https://www.moblized.com/$1 [R=301,L]
RewriteCond %{http_host} ^moblized.com [NC]
RewriteRule ^(.*)$ https://www.moblized.com/$1 [R=301,L]
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} blogs
RewriteRule ^(.*)$ http://moblized.com/blogs/$1 [R,L]
# Rewrite URLs of the form 'x' to the form 'index.php?q=x'.
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !=/favicon.ico
RewriteRule ^(.*)$ index.php?q=$1 [L,QSA]
</IfModule>
# $Id: .htaccess,v 1.90.2.4 2009/12/07 12:00:40 goba Exp $
AddHandler php5-script .php
Thank you!

I hope I understood you correctly. You want:
redirect from example.com to www.example.com (except /blogs/ and /page-name)
redirect all pages to HTTPS (except /blogs/ and /page-name)
based on your current .htaccess under /page-name you mean /favicon.ico
Here are the rules for the above requirements -- put them into your .htaccess:
# activate rewrite engine
RewriteEngine On
# don't touch favicon.ico (always accept as is regardless of the domain or protocol)
RewriteRule ^favicon.ico$ - [L]
# don't touch /index.php (usually means already overwritten URL)
# otherwise we may enter into a loop
RewriteCond %{REQUEST_FILENAME} -f
RewriteRule ^index\.php$ - [L]
# ensure trailing slash is present for /blogs -> /blogs/
RewriteRule ^blogs$ http://mobilized.com/blogs/ [R=301,QSA,L]
# /blogs/ should only be accessible via http://example.com/blogs/
RewriteCond %{HTTP_HOST} !^moblized\.com$ [NC]
RewriteRule ^blogs/(.*)$ http://mobilized.com/blogs/$1 [R=301,QSA,L]
RewriteCond %{HTTP_HOST} ^moblized\.com$ [NC]
RewriteCond %{HTTPS} =on
RewriteRule ^blogs/(.*)$ http://mobilized.com/blogs/$1 [R=301,QSA,L]
RewriteRule ^blogs/.* - [L]
# redirect to www.example.com if necessary
RewriteCond %{HTTP_HOST} ^moblized\.com$ [NC]
RewriteCond %{REQUEST_URI} !=/client-ipad-contest
RewriteRule ^(.*)$ https://www.moblized.com/$1 [R=301,QSA,L]
# redirect to HTTPS if not there already
RewriteCond %{HTTPS} !=on
RewriteCond %{REQUEST_URI} !=/client-ipad-contest
RewriteRule ^(.*)$ https://www.moblized.com/$1 [R=301,QSA,L]
# Rewrite URLs of the form 'x' to the form 'index.php?q=x'.
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ /index.php?q=$1 [L,QSA]
BTW, browser most likely will show "Untrusted Certificate" warning if your customer go to https://example.com. This is because HTTPS session has to be fully established first before the request starts processing by Apache's rewrite module.
If that is problem -- then consider buying another SSL certificate (or from another vendor) which will cover both example.com and www.example.com (GoDaddy does this for sure) or get wildcard certificate which will cover all subdomains -- *.example.com (but this most likely will be much more expensive).
UPDATE: After simulating your requirements locally (sorry, I have no SSL with working Apache, so I have replaced it (in my testing) with different kind of rule/domain name) I have revised and updated the rules.
I've tested these rules locally (all pages are very simple, just include 1 image & css and a bit of text) -- everything looking good. Let me know if something does not work.

Related

301 redirect not working in .htaccess

I have two domains, autodromodifranciacorta.it and franciacortacircuit.com both pointing to the same website hosted on this IP address: 94.23.64.40.
Now i want all the content to be under one single domain, so i decided to 301 redirect all the traffic from franciacortacircuit.com to autodromodifranciacorta.it
Here is my .htaccess file:
# BEGIN WordPress
<IfModule mod_rewrite.c>
Options +FollowSymLinks
RewriteEngine On
RewriteBase /
# Redirect Entire Site to New Domain
RewriteCond %{HTTP_HOST} ^franciacortacircuit\.com$ [NC]
RewriteCond %{HTTP_HOST} ^www\.autodromodifranciacorta\.it$ [NC]
RewriteRule ^(.*)$ http://autodromodifranciacorta.it/$1 [R=301,L]
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ http://%1/$1 [R=301,L]
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
The redirect is not working and i have no clue why, because the syntax looks correct to me.
The .htaccess file is processed, because if i put a typo in it, i get server error.
Wha'ts wrong with it?
Your second http_host condition is wrong and it never matches if the current host is franciacortacircuit.com, You need to use an OR condition to match against 2 diffrent hosts.
#Redirect Entire Site to New Domain
RewriteCond %{HTTP_HOST} ^franciacortacircuit\.com$ [NC,OR]
RewriteCond %{HTTP_HOST} ^www\.autodromodifranciacorta\.it$ [NC]
RewriteRule ^(.*)$ http://autodromodifranciacorta.it/$1 [R=301,L]

Redirect a specifc but wild card * URL (with folder(s)) to new domain (same structure)

I need to redirect a specific URL (with structure) to a the same URL(s) using a new domain, but not other URLS.
domainA.com/company/careers*
domainB.com/company/careers*
The reason for this is a 3rd party vendor supplying a jquery based iframe app that perfoms a referrer check before loading.
I realize there is a bigger seo/duplicate content issue that needs to be addressed, but there is a lot of additional work that needs to happen before domainA.com is fully redirected to domainB.com so for now, Its only the "career" section.
The site is using IIS6 with HeliconTech's ISAP ReWrite3
http://www.helicontech.com/isapi_rewrite/doc/introduct.htm
Current Rules:
# Helicon ISAPI_Rewrite configuration file
# Version 3.1.0.59
<VirtualHost www.domainA.com www.domainB.com>
RewriteEngine On
#RewriteBase /
#RewriteRule ^pubs/(.+)\.pdf$ /404/?pub=$1.pdf [NC,R=301,L]
# Send away some bots
RewriteCond %{HTTP:User-Agent} (?:YodaoBot|Yeti|ZmEu|Morfeus\Scanner) [NC]
RewriteRule .? - [F]
# Ignore dirctories from FarCry Friendly URL processing
RewriteCond %{REQUEST_URI} !(^/measureone|^/blog|^/demo|^/_dev)($|/)
RewriteRule ^([a-zA-Z0-9\/\-\%:\[\]\{\}\|\;\<\>\?\,\*\!\#\#\$\ \(\)\^_`~]*)$ /index.cfm?furl=$1 [L,PT,QSA]
RewriteCond %{REQUEST_URI} ^/company/careers [NC]
RewriteRule ^company/careers/?(.*)$ http://www.domainname.com/company/careers/$1 [R=301,L]
# Allow CFFileServlet requests
RewriteCond %{REQUEST_URI} !(?i)^[\\/]CFFileServlet
RewriteBase /blog/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule .* /blog/index.php [L]
</VirtualHost>
<VirtualHost blog.domainA.com>
RewriteEngine On
#redirect old blog.domainA.com/* posts to www.domainB.com/blog/*
RewriteCond %{HTTP_HOST} ^blog.domainA\.com [nc]
RewriteRule (.*) http://www.domainB.com/blog$1 [R=301,L]
</VirtualHost>
It seems that "RewriteBase /blog/" line corrupts your "careers" rule as it implies that the request should be domainA.com/blog/company/careers*
Please consider having it like this:
<VirtualHost www.domainA.com www.domainB.com>
RewriteEngine On
RewriteBase /
#RewriteRule ^pubs/(.+)\.pdf$ /404/?pub=$1.pdf [NC,R=301,L]
# Send away some bots
RewriteCond %{HTTP:User-Agent} (?:YodaoBot|Yeti|ZmEu|Morfeus\Fucking\Scanner) [NC]
RewriteRule .? - [F]
# Ignore dirctories from FarCry Friendly URL processing
RewriteCond %{REQUEST_URI} !(^/measureone|^/blog|^/demo|^/_dev)($|/)
RewriteRule ^([a-zA-Z0-9\/\-\%:\[\]\{\}\|\;\<\>\?\,\*\!\#\#\$\ \(\)\^_`~]*)$ /index.cfm?furl=$1 [L,PT,QSA]
RewriteCond %{REQUEST_URI} ^/company/careers [NC]
RewriteRule ^company/careers/?(.*)$ http://www.domainname.com/company/careers/$1 [R=301,L]
# Allow CFFileServlet requests
RewriteCond %{REQUEST_URI} !(?i)^[\\/]CFFileServlet
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^blog/.* /blog/index.php [L]
</VirtualHost>
If you still have issues, enable logging in httpd.conf by putting
RewriteLogLevel 9
and check how your request is processed in rewrite.log.
Just check to see if the request starts with /company/careers
RewriteEngine On
RewriteCond %{REQUEST_URI} ^/company/careers [NC]
RwriteRule ^company/careers/?(.*)$ http://domainB.com/company/careers/$1 [R=301,L]
See if that works for you.

Forcing HTTPS on expression engine redirect loop

I'm trying to force HTTPS using the .htaccess of a site running expression engine.
As of right now you are able to go to the site using https:// but when i add any of these rules it presents a redirect loop.
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]
or
RewriteCond %{SERVER_PORT} !^443$
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
or
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://mydomain.com/$1 [R,L]
and also this fancy one
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule !/status https://%{SERVER_NAME}%{REQUEST_URI} [L,R]
and I've also tried rearranging all the rules on each of them so I'm pretty sure it has something to do with the conditions matching when they shouldn't.
I've also read some things about load balancers redirecting things counter to the .htaccess
from here:
.htaccess redirect loop when trying to add forced HTTPS rule (Amazon Elastic Beanstalk) and here: https://serverfault.com/questions/283525/force-ssl-on-one-page-via-htaccess-without-looping
i think my client is using inmotion hosting but I don't have access to the load balancer settings so I want to make sure that is the problem.
here is the entire htaccess. I removed some of the default expression engine stuff, but it was also not working before I did that.
<IfModule mod_rewrite.c>
# Enable Rewrite Engine
# ------------------------------
RewriteEngine On
RewriteBase /
# RewriteCond %{HTTPS} off
# RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# RewriteCond %{HTTP:X-Forwarded-Proto} !https
# RewriteRule !/status https://%{SERVER_NAME}%{REQUEST_URI} [L,R]
# Redirect index.php Requests
# ------------------------------
RewriteCond %{THE_REQUEST} ^[^/]*/index\.php [NC]
RewriteCond %{THE_REQUEST} ^GET
RewriteRule ^index\.php(.+) $1 [R=301,L]
# Standard ExpressionEngine Rewrite
# ------------------------------
RewriteCond $1 !\.(css|js|images|gif|jpe?g|png) [NC]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ /index.php/$1 [L]
</IfModule>
(I have them disabled because the site is live)
You might be better off posting on the EE Stack Overflow site. Or have a search on it as there's a few answers relating to https and .htaccess
Here's a post I replied to previously with an answer you might want to try:
https://expressionengine.stackexchange.com/questions/7601/adding-a-htaccess-redirect-to-https-that-plays-nicely-with-existing-ee-htacces/7659#7659
If this condition didn't work:
RewriteCond %{SERVER_PORT} !^443$
Try this:
RewriteCond %{HTTPS} !=on
Instead of this one:
RewriteCond %{HTTPS} off
I've had the same situation and here's what just worked for me with an EE3 site:
#non-www to www
RewriteCond %{HTTP_HOST} !^www\.domainname\.co.uk$
RewriteRule (.*) https://www.domainname.co.uk/$1 [R=301,L]
# Force HTTPS
RewriteCond %{HTTPS} !=on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
# Removes index.php from ExpressionEngine URLs
RewriteCond %{THE_REQUEST} ^GET.*index\.php [NC]
RewriteCond %{REQUEST_URI} !/system/.* [NC]
RewriteRule (.*?)index\.php/*(.*) /$1$2 [R=301,NE,L]

multiple errors, not redirecting, apache2/htaccess

Here is my .htaccess file
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} ^domain\.com
RewriteRule ^(.*)$ http://www.domain.com$1 [R=301,L]
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^. /archive/index.php [L]
going to domain.com will redirect me to www.domain.com
however, going to domain.com/2011/11/18/blog-title will show http://domain.com/var/htdocs/public_html/ instead in the browser URL.
My objective is any page at domain.com will redirect to www.domain.com
and wether I go to www.domain.com or domain.com /YYYY or /YYYY/MM or /YYYY/MM/DD will pass a PHP REQUEST_URI so I can get data from a MySQL database.
I originally copied the .htaccess file from WordPress but it doesn't seem to work properly since /var/htdocs/public_html appears in the browser URL bar.
This will do the trick:
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^ http://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Or this if you want a specific domain:
RewriteCond %{HTTP_HOST} ^example\.com$ [NC]
RewriteRule ^(.*)$ http://www.example.com/$1 [L,R=301]
The rules are from Drupal 7 and Drupal 6 respectively and have always worked well for me
EDIT
Looking at your code again I think the only problem is that you don't have a / between http://www.domain.com and $1. Other than that it's pretty much identical to the second example above which definitely works

Remove www site-wide, force https on certain directories and http on the rest?

Firstly, I would like to remove the www. from my domain name
http://www.example.com => http://example.com
I would also like for certain directories to be secure (https), while the rest remain http
http://example.com/login => https://example.com/login
Obviously it needs to work for all conditions, for example if someone types in:
http://www.example.com/login => https://example.com/login
Also when people navigate away from the login page it returns to http. Currently in the .htaccess is the following which is done automatically by the software I am using and I suppose needs to be there for it to work:
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule .* ./index.php
Any ideas on how I can achieve dream control all these things?
Thanks in advance!
===================
#Gumbo Following your advice this is my complete .htaccess
RewriteEngine On
# remove www from host
RewriteCond %{HTTP_HOST} ^www\.(.+)
RewriteCond %{HTTPS}s/%1 ^(on(s)|offs)/(.+)
RewriteRule ^ http%2://%3%{REQUEST_URI} [L,R=301]
# force HTTPS
RewriteCond %{HTTPS} =off
RewriteRule ^(login)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# force HTTP
RewriteCond %{HTTPS} =on
RewriteRule !^(login)$ http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule .* ./index.php
Options -Indexes
Navigating to http://example/login still goes to http://example/index.php when it should go to https://example/login Do I have the order wrong?
Try these rules:
# remove www from host
RewriteCond %{HTTP_HOST} ^www\.(.+)
RewriteCond %{HTTPS}s/%1 ^(on(s)|offs)/(.+)
RewriteRule ^ http%2://%3%{REQUEST_URI} [L,R=301]
# force HTTPS
RewriteCond %{HTTPS} =off
RewriteRule ^(login|foo|bar|…)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# force HTTP
RewriteCond %{HTTPS} =on
RewriteRule !^(login|foo|bar|…)$ http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
You also might want to add some additional conditions to only change the protocol on GET and HEAD requests but not on POST requests.
This code works for me:
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ https://%1/$1 [R=301,L]
RewriteCond %{HTTPS} !=on
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
</IfModule>
remove www (tested):
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{HTTP_HOST} ^www\.yoursite\.com$ [NC]
RewriteRule ^(.*)$ http://yoursite.com/$1 [L,R=301]
redirect (not tested):
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{THE_REQUEST} \/login/?.*\ HTTP [NC]
RewriteRule ^(.*)$ https://yoursite.com/login [L,R=301]
After reading this all post time line i have get success for following error: My website(c4dprime.com) was attached https: in mozilla firefox browser. Google and internet explore are show domain address as http: (The real problem in firefox) I did not want https: for my domain in any browser because one unknow redirect attached with my domain by https: (Cause for this error)after Installing following plugins in wordpress,(Easy redirect for ssl).... I have told to every one do not use any low level plugins for wordpress.
Anyway! After reading many articles and tutorials at this topic via google search engine. Now i am happy to say i have solve this problem from this post tips. Remember one thing about me i am new to in this form and wordpress.
This tip is help full for me
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{HTTP_HOST} ^www\.yoursite\.com$ [NC]
RewriteRule ^(.*)$ http://yoursite.com/$1 [L,R=301]
After edit or some changes in my .htaccess file following code i have use now with solved this error.
AddHandler c4d-prime .com
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} on
RewriteBase /
RewriteRule ^$ http://www.c4dprime.com/ [R=301,L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress

Resources