I have an SSL certificate for the 'www' subdomain of a web site we'll call example.com.
Therefore I can force SSL, but if the user doesn't enter 'www.example.com' into their browser, the SSL certificate appears invalid.
I wish to accomplish this with mod_rewrite rules in an .htaccess file at the root of the web site.
No matter what URI the user enters, (e.g. example.com, www.example.com, https://example.com, example.com/folder/file.html, etc.), I want to force the HTTPS and the www subdomain, keeping whatever URI they provided, of course.
I was playing around with the .htaccess file and some rules, as I've already done some research, but I don't have much experience with mod_rewrite or .htaccess. I think I found the SVN revision that almost worked for me, but not quite. Here it is:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
RewriteCond %{HTTP_HOST} ^example.com [nc]
RewriteRule ^(.*)$ https://www.example.com/$1 [r=301,nc]
Try not to laugh too hard at my file; it is mostly derived from examples I found online.
Any pointers are appreciated! =)
Try this:
RewriteCond %{HTTPS} !on [OR]
RewriteCond %{HTTP_HOST} !^www\.example\.com$ [NC]
RewriteRule ^ https://www.example.com%{REQUEST_URI} [R=301]
Related
I have a website that with a domain example.info. Recently I acquired two new domains: example.com and example.org.
I had a SSL certificate on example.info, and I was redirecting all http to https like this:
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Now I want example.com to be the main url and the other two I just want to redirect to example.com.
I changed the SSL certificate from the .info to the .com and everything is good but my problem is that for example Google links me from the https://example.info and now it is failing because that url doesn't have the SSL certificate anymore. So what I want to do is to redirect https://example.info to https://example.com.
I have tried different things, but this is one of the solutions that didn't work.
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} !^(www\.)?example\.info$
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{HTTPS} on
RewriteCond %{HTTP_HOST} ^(www\.)?example\.info$
RewriteRule ^ https://example\.com [L,R=301]
What am I doing wrong? How can I achieve to redirect https://example.info to https://example.com and keep the redirection to https for example.com?
//// EDIT
If I can't redirect https://example.info because I don't have a valid certificate anymore, how do I prevent that when I write http://example.info it gets redirected to https?
I think the best you can do is this:
RewriteCond %{HTTP_HOST} ^(www\.)?example\.(info|org)$
RewriteRule ^ https://example\.com%{REQUEST_URI} [L,R=301]
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
I have an issue that came out after I have successfully transferred my website from a server to another (it's always the same url). Basically I have a forums created with xenforo that can be reached at https://forums.mywebsite.com.
Of course you can log in with your account and save username/password in the browser if needed. The problem is the following:
With https://forums.mywebsite.com you are still logged
With http://forums.mywebsite.com you have to login every time
With www.forums.mywebsite.com you have to login every time
I guess that there is an issue with the cookies, because the cookies for the https work while the others not. My idea was to redirect every single url to an https url; so:
With https://forums.mywebsite.com > no changes
With http://forums.mywebsite.com > https://forums.mywebsite.com
With www.forums.mywebsite.com > https://forums.mywebsite.com
I really need this and telling users to use only https is not a great solution because there always be someone that uses http or www. My idea was this:
RewriteEngine on
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule (.*) https://www.forums.mywebsite.com%{REQUEST_URI} [R=301,L]
Anyway when I type www.forums.mywebsite.com I still don't get a redirect to https://forums.mywebsite.com. Do I have to change any config file?
I am editing this .htaccess that can be found at the root of the system as you can see here (taken from WinSCP).
On my Xenforo board I require the same thing, redirect everything to https://example.com without www.
This is what I use:
#Redirect www and http
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ https://%1/$1 [R=301,L]
Never had a problem with it like this.
My host automatically sets up subdomains for all our hosted websites. So that zzz-thewebsite.myhosting.com is the same files as www.thewebsite.com ...
Unfortunately, somehow google has indexed the subdomains and now I probably have duplicate content.
I'd like to remove the subdomains from the index. I'm not sure the best way to do it.
I was thinking a .htaccess file that redirects zzz-thewebsite.myhosting.com to www.thewebsite.com would probably do the trick. Of course, there are subfolders involved as well.
Is there an elegant solution for this? I suppose a robots.txt might also do it but that will be in the both the zzz-thewebsite.myhosting.com and www.thewebsite.com "sites" since they are the same physical folder on the hosting.
Thank you.
Ben's answer below works great for me on non https sites but is not working for an https site. What I am using is this:
#attempt to redirect subdomain
RewriteCond %{HTTP_HOST} ^thewebsite-zzz.myhosting.com$ [NC]
RewriteRule ^(.*)$ https://www.thewebsite.com%{REQUEST_URI} [R=301,NC,L,QSA]
#https only
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
#www only
RewriteCond %{HTTP_HOST} ^thewebsite.com [NC]
RewriteRule ^(.*)$ https://www.thewebsite.com/$1 [L,R=301,NC]
Setting up a permanent redirect is a preferred way.
RewriteCond %{HTTP_HOST} ^zzz-thewebsite.myhosting.com$ [NC]
RewriteRule ^(.*)$ https://www.thewebsite.com%{REQUEST_URI} [R=301,NC,L,QSA]
I'm having trouble getting these redirects to work under all conditions. I'm hoping I can fix it with .htaccess but there may be something mucked up with the way I'd previously tried to force redirects through my host's control panel.
Anyway, olddomain.com/whatever, with http:// or https:// and with or without www should permanently redirect to https://www.newdomain.com/whatever.
At one point I had everything except https://olddomain.com redirecting properly. Now I've broken it and I'm just getting the too many redirects error.
I believe both domains have a Let's Encrypt certificate attached to them. The old domain doesn't need to be secured if that makes a difference.
According to https://serverfault.com/a/728957, you can use this snippet to help redirect users to a https://www of the site.
RewriteEngine On
# ensure www.
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# ensure https
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Hope that helps!
I have forced a ecommerce site to be always in https, due to some issues with having only specific urls triggered as secure. I have used the following in my .htaccess
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.vshoen.com/$1 [R,L]
But now my problem is all external links without www in the url open in https as well for some reason. Most of the time its not a problem but there are a few specific links that need to simply be http://url.com instead of http://www.url.com and for in this case they are not loading as its trying to open them as https://url.com
I was hoping there would be a resolution to this, this is a wordpress site if that makes any difference.
Thanks in advance.
Try this:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} ^www\. [NC]
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,NC,L]