I recently changed the site to HTTPS, and before the site was using both non-www and www url version..
Now I changed the site to HTTPS and forced redirect from non-www to www...
everything works fine for the old http+www urls for example:
old url
http://www.example.com/about-us.html
new url
https://www.example.com/about-us.html
in this case the old url will fully redirect to the new one, no problem
but as soon as the old url is NON-WWW it redirects to HTTPS but to the index.php page not the full path.. for example
old url
http://example.com/about-us.html OR https://example.com/about-us.html
the redirected url for this will be
https://www.example.com/ INSTEAD OF **https://www.example.com/about-us.html**
Here is my htaccess I wrote, I can't think of anything else more.. can somebody please help. Thanks
php_flag eaccelerator.enable 1
php_flag eaccelerator.optimizer 1
Options +FollowSymLinks
RewriteEngine On
# Block out any script trying to base64_encode data within the URL.
RewriteCond %{QUERY_STRING} base64_encode[^(]*\([^)]*\) [OR]
# Block out any script that includes a <script> tag in URL.
RewriteCond %{QUERY_STRING} (<|%3C)([^s]*s)+cript.*(>|%3E) [NC,OR]
# Block out any script trying to set a PHP GLOBALS variable via URL.
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
# Block out any script trying to modify a _REQUEST variable via URL.
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
# Return 403 Forbidden header and show the content of the root homepage
RewriteRule .* index.php [F]
# RewriteBase /
# If the requested path and file is not /index.php and the request
# has not already been internally rewritten to the index.php script
RewriteCond %{REQUEST_URI} !^/index\.php
# and the requested path and file doesn't directly match a physical file
RewriteCond %{REQUEST_FILENAME} !-f
# and the requested path and file doesn't directly match a physical folder
RewriteCond %{REQUEST_FILENAME} !-d
# internally rewrite the request to the index.php script
RewriteRule .* index.php [L]
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTPS:Authorization}]
RewriteCond %{HTTP_HOST} ^ip29\.216-86-153\.static\.steadfast\.net$ [NC]
RewriteRule ^(.*)$ https://www.example.com$1 [R=301,L]
RewriteCond %{HTTP_HOST} ^216\.86\.153\.29
RewriteRule ^(.*)$ https://www.example.com$1 [R=301,L]
RewriteRule ^alcatel-7404.html(.*)$ https://www.example.com/alcatel-lucent/alcatel-7404.html$1 [r=301,nc]
RewriteCond %{HTTP_HOST} ^example.com [NC]
RewriteRule ^(.*)$ https://www.example.com/$1 [L,R=301]
RewriteCond %{HTTPS} OFF
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule .* https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Hope someone can help PLEASE. Thanks
To redirect http to https://www, you can use
RewriteCond %{HTTPS} OFF [NC]
RewriteCond www.%{HTTP_HOST} ^(?:www\.)?(www\..+)$ [NC]
RewriteRule ^ http://%1%{REQUEST_URI} [NE,L,R]
Related
I want to redirect my website with https and www. I want to remove the tailing shash from the url and force to redirect with https and need to redirect with www.test.com if given test.com .
http://www.test.com -> https://www.test.com
http://test.com -> https://www.test.com
http://test.com/ -> https://www.test.com
I have tried as
#Trailing Slash Removal
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_HOST} !^www\.
RewriteCond %{HTTPS}s on(s)|offs()
RewriteRule ^ http%1://www.%{HTTP_HOST}%{REQUEST_URI} [NE,L,R]
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)/$ /$1 [L,R=301]
RewriteCond %{HTTP_HOST} ^test.com [NC]
RewriteRule ^(.*)$ https://www.test.com/$1 [L,R=301]
</IfModule>
now getting redirect with http://test.com to https://www.test.com properly but https://test.com will through error as This site can’t provide a secure connection how to get it redirect
There are multiple ways like below.
Redirecting HTTP to HTTPS
1. Redirect All Web Traffic
If you have existing code in your .htaccess, add the following:
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.yourdomain.com/$1 [R,L]
2. Redirect Only a Specific Domain
For redirecting a specific domain to use HTTPS, add the following:
RewriteEngine On
RewriteCond %{HTTP_HOST} ^yourdomain\.com [NC]
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.yourdomain.com/$1 [R,L]
3. Redirect Only a Specific Folder
Redirecting to HTTPS on a specific folder, add the following:
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} folder
RewriteRule ^(.*)$ https://www.yourdomain.com/folder/$1 [R,L]
You can do both http -> https and non-www to www in a single rule without hardcoding your domain name.
Use this rule in your site root ,htaccess or in Apache config:
RewriteEngine On
# add www and turn on https in same rule
RewriteCond %{HTTP_HOST} !^www\. [NC,OR]
RewriteCond %{HTTPS} !on
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]
RewriteRule ^ https://www.%1%{REQUEST_URI} [R=301,L,NE]
Make sure this is your top most rule and remove all other rules handling http->https and www.
I tried to modify my .htaccess file for SEO and do not seem to understand how I can prevent web crawlers to grab double content from my website. Because it seems like Google is indexing my website in two manners:
https://www.example.com/ AND
https://www.example.com/index.php
This is the .htaccess-Code
RewriteEngine On
DirectoryIndex index.php
RewriteBase /
# remove .php; use THE_REQUEST to prevent infinite loops
RewriteCond %{HTTP_HOST} ^www\.get-to-med\.com
RewriteCond %{THE_REQUEST} ^GET\ (.*)\.php\ HTTP
RewriteRule (.*)\.php$ $1 [R=301]
# remove index
RewriteRule (.*)index$ $1 [R=301]
# remove slash if not directory
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} /$
RewriteRule (.*)/ $1 [R=301]
# add .php to access file, but don't redirect
RewriteCond %{REQUEST_FILENAME}.php -f
RewriteCond %{REQUEST_URI} !/$
RewriteRule (.*) $1\.php [L]
RewriteCond %{HTTP_HOST} ^get-to-med.com
RewriteRule (.*) https://www.get-to-med.com/$1 [R=301,L]
RewriteCond %{HTTPS} !on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
ErrorDocument 404 /diese-seite-existiert-nicht.php
Instead of messing with the .htaccess file endlessly, why not add a canonical tag in the index.php file to the desired version of the page:
<link rel="canonical" href="https://www.example.com/" />
Any search engines following the canonical rule will act accordingly.
As for the .htaccess issue, you've got DirectoryIndex index.php in there so that probably has something to do with it (any time the / directory is requested, the index.php file will be returned; may be stored by Google as such).
I want to redirect all pages on my site (including index) to UnderWork.html
and I'm doing this using .htaccess with this code:
RewriteEngine on
RewriteRule ^(.*)$ UnderWork.html
...and its works fine.
Now I am adding some more code to my .htaccess to redirect all traffic to the non-www domain and now my code looks like this:
RewriteEngine on
RewriteCond %{HTTP_HOST} ^www\.domain\.in
RewriteRule ^(.*)$ http://domain.in$1 [R=permanent,L]
RewriteRule ^(.*)$ UnderWork.html
Here is where I have a problem. If I enter a URL like: domain.in/xyz then it works as before, but if I use a URL like: www.domain.in/xyz then Apache converts it to coincart.inxyz/.
What am I doing wrong here? How can I get what i want? Thanks in advance.
Below are rules that work for me:
RewriteEngine On
# Adding trailing slash for directory requests.
RewriteCond %{REQUEST_FILENAME} -d
RewriteCond %{REQUEST_URI} !^/www$
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.+[^/])$ http://example.com/$1/ [R=permanent]
# External redirection from www subdomain to non-www domain.
RewriteCond %{HTTP_HOST} ^www\. [NC]
RewriteRule ^/?(.*) http://example.com/$1 [L,R=permanent]
# Internal redirection to index.php for nonexistent URLs.
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !\.(jpg|jpeg|png|gif)$
RewriteRule . /index.php [L,QSA]
To show a custom page when a directory root (domain root in particular) is requested, use the Apache's DirectoryIndex directive:
DirectoryIndex UnderWork.html
Rather than in core PHP, htaccess modification is different.
So, after some searching I have reached to the following code.
before that,
my requirements are standard in my project.
www is strictly not allowed in whole site. i.e. redirect directly to non-www version.
HTTPS is for some pages. (checkout, login page) . Strictly HTTP for other pages.
removing CodeIgniter's default index.php
Here is my code.
RewriteEngine on
#################################
# force HTTPS
RewriteCond %{HTTPS} =off
RewriteCond %{REQUEST_URI} (checkout|login)
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# force HTTP
RewriteCond %{HTTPS} =on
#RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteCond %{REQUEST_URI} !(checkout|login|css|img|js)
RewriteRule .* http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# Strict to non-www version >>> Not Working
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule ^(.*)$ http://%1%{REQUEST_URI}/$1 [R=301,NE,L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule .* index.php/$0 [L]
Issue: Not able to reach to result of non-www version of site
update(17 Oct)
# Strict to non-www version.
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteCond %{REQUEST_URI} (login|account_detail|alternate_address|update_password)
RewriteRule ^ https://%1%{REQUEST_URI} [R=301,L,QSA]
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteCond %{REQUEST_URI} !(login|account_detail|alternate_address|update_password|https|css|img|js|resources|images)
RewriteRule ^ http://%1%{REQUEST_URI} [R=301,L,QSA]
# force HTTPS
RewriteCond %{HTTPS} =off
RewriteCond %{REQUEST_URI} (login|account_detail|alternate_address|update_password)
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# force HTTP
RewriteCond %{HTTPS} =on
RewriteCond %{REQUEST_URI} !(login|account_detail|alternate_address|update_password|https|css|img|js|resources|images)
RewriteRule .* http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule .* index.php/$0 [L]
On this new updated code, htaccess tester site displaying everything perfectly.
But, after updating to site there are many issues.
When I open this link
https://example.com/login
It keeps looping, not stopping.
And on this link
http://www.example.com/login
it redirects to
https://login/login
It is easier to handle the no-www and toggle-protocol redirects separately. In the following example:
The www requests are redirected to no-www as-is (handle toggle-protocol redirect on next request)
The http requests for selected pages are redirected to https version
The https requests for other pages are redirected to http version
Note the leading /...(/|$) in the following examples. They ensure that complete path fragments are matched (e.g. in the third set of rules /js/main.js matches but /jsmith/profile does not).
RewriteEngine On
# Force NOWWW
RewriteCond %{HTTP_HOST} ^www\.(.+) [NC]
RewriteRule ^ http://%1%{REQUEST_URI} [R=302,L]
# Force HTTPS
RewriteCond %{HTTPS} =off
RewriteCond %{REQUEST_URI} /(login|account_detail|alternate_address|update_password)(/|$)
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=302,L]
# Force HTTP
RewriteCond %{HTTPS} =on
RewriteCond %{REQUEST_URI} !/(login|account_detail|alternate_address|update_password|css|img|js)(/|$)
RewriteRule ^ http://%{HTTP_HOST}%{REQUEST_URI} [R=302,L]
# Hijack all requests
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule .* index.php/$0 [L]
The following tests passed:
http://www.example.com/
http://example.com/
http://www.example.com/a/b?c=3&d=4
http://example.com/a/b?c=3&d=4
http://www.example.com/login
http://example.com/login
https://example.com/login
https://www.example.com/js/javascript.js
https://example.com/js/javascript.js
http://example.com/js/javascript.js
Note: Remember to replace 302 with 301 after testing.
I write a lot of RewriteRule in my .htaccess file , but problem occurs when I switch from https to http pages; it does not follow these rules
NOTE : everything working fine on localhost , issues are on server <---- UPDATE
Here is my website , currently all links display as per RewriteRule*
for e.g. about us page link display as
http://www.mywebsite.com/about
BUT
if I am at login page ( which is on https ) and click on about us page then it turns into below.
http://www.mywebsite.com/about?slug=about_us
or if I click on any category on left panel then it comes as
http://www.mywebsite.com/auction/category/1?cid=1
Note : even mouse hovering on pages display rewrite link
below is .htaccess file with needed information.
IndexIgnore *
RewriteEngine on
Options +FollowSymLinks
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^auction/category/([0-9]+)/?$ bids.php?cid=$1 [NC]
RewriteRule ^login/?$ login.php [NC]
RewriteRule ^register/?$ register.php [NC]
RewriteRule ^logout/?$ logout.php [NC]
# static pages
RewriteRule ^about/?$ page.php?slug=about_us [NC]
# Rewrite to https
RewriteCond %{SERVER_PORT} !^443$ [OR]
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} /login [OR]
RewriteCond %{REQUEST_URI} /do_login.php
RewriteRule ^(.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,NC,L,QSA]
# don't do anything for images/css/js (leave protocol as is)
RewriteRule \.(gif|jpe?g|png|ico|css|js)$ - [NC,L]
# traffic to http:// except some pages
RewriteCond %{SERVER_PORT} ^443$ [OR]
RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} !(/login|/do_login.php)
RewriteRule ^(.*) http://%{HTTP_HOST}%{REQUEST_URI} [R=301,NC,L,QSA]
Note : Here is complete .htaccess file
Please tell me where I am wrong/missing ?
I Also have few more confusion
If i change the case of rewrite URL ( Login or lOgin or logiN ) then it gives error?
Is it good practice to write [NC,L] with all RewriteRule?
Exactly when I should write [QSA] ?
UPDATE
After suggestions from all answers, changing in RewriteRule almost fixed all issue but now there is one last issue.
/login URL always changed into /login.php.
below is my updated .htaccess
IndexIgnore *
Options -MultiViews
Options +FollowSymLinks
#mod_rewrite
RewriteEngine on
RewriteBase /
# Rewrite www to non www
RewriteCond %{HTTP_HOST} ^www.%{HTTP_HOST} [NC]
RewriteRule ^(.*)$ http://%{HTTP_HOST}/$1 [R=301,L]
# minimize the css on all http:// pages
<IfModule mod_rewrite.c>
RewriteCond %{HTTPS} off
RewriteRule ^(.*).css$ /csszip.php?file=$1.css [L]
</IfModule>
#switch over http to https
# Rewrite to https
RewriteCond %{SERVER_PORT} !^443$ [OR]
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} (/login|/do_login)\.php [NC]
RewriteRule ^(.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
# don't do anything for images/css/js (leave protocol as is)
RewriteRule \.(gif|jpe?g|png|ico|css|js)$ - [NC,L]
# traffic to http:// except some pages
RewriteCond %{SERVER_PORT} ^443$ [OR]
RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} !(/login|/do_login)\.php [NC]
RewriteRule ^(.*) http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^login/?$ login.php [NC]
RewriteRule ^register/?$ register.php [NC]
# ...many other rules...with [NC] falg
RewriteRule ^auction/category/([^/.]+)/?$ bids.php?cid=$1 [NC]
RewriteRule ^about/?$ page.php?slug=about_us [NC]
# ...many more rules.... with [NC] flag
HTTPS suggestion
For your HTTPS issue I would match on port or HTTPS as there are known apache problems relating to the HTTPS tag.
To cover this match on both (as shown in your edited answer)
RewriteCond %{SERVER_PORT} !^443$ [OR]
RewriteCond %{HTTPS} != on
##REWRITE RULE
RewriteCond %{SERVER_PORT} ^443$ [OR]
RewriteCond %{HTTPS} = on
##REWRITE RULE
A valid point is also that %{REQUEST_URI} isn't affected by any substitutions.
The way you are using it at the moment, if any rule matches you will send them to the original url (before any substitution started).
If you want to take the url after and substition and matching use $1
Answers to your further questions:
If I change the case of rewrite URL then it gives error?
This is because your [NC] isn't on the rewrite cond for the HTTPS section of your .htaccess
You match RewriteCond %{REQUEST_URI} /login [OR] this is only looking for lower case login, if you want to accept uppercase login append NC.
Is it good practice to write [NC,L] with all RewriteRule?
No, it depends what you want to do [NC] says don't match case on this rule, if you don't want to match case on that rule (or condition) then add it.
Not matching the case with [NC] means site.com/login.php = sYte.cOm/LoGin.PHP
[L] means if this is true, stop processing everything
Exactly when I should write [QSA] ?
QSA applies when you have a ? in your substitution and you want to append toe old string to the new URL
Consider the following rule:
RewriteRule /pages/(.+) /page.php?page=$1 [QSA]
With the [QSA] flag, a request for /pages/123?one=two will be mapped to /page.php?page=123&one=two. Without the [QSA] flag, that same request will be mapped to /page.php?page=123 - that is, the existing query string will be discarded.
Do use QSA if you want to keep any additional get arguments.
Another further question
/login URL always changed into /login.php
The only way for this to happen is if you have a redirect [R=301] somewhere in your code, the only place I can see that is this section:
# Rewrite to https
RewriteCond %{SERVER_PORT} !^443$ [OR]
RewriteCond %{HTTPS} != on
RewriteCond %{REQUEST_URI} (/login|/do_login)\.php [NC]
RewriteRule ^(.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
Where this will only match the following URL's
.php, /login.php, /do_login.php
I believe the culprit is as I outlined in the first response with %{REQUEST_URI}
Your code essentially says, if these conditions are met, send them to https://theurltheywentto, which is not what you want to do, you want to send them to /login.
Have you tried using (as mentioned in my https section)
RewriteRule ^(.*) https://%{HTTP_HOST}/login [R=301,L]
Or perhaps (if you have /do_login) and other options
RewriteRule ^(.*).php https://%{HTTP_HOST}/$1 [R=301,L]
Where test.com/do_login.php will become https://test.com/do_login
How about you try:
# Rewrite to https
RewriteCond %{REQUEST_URI} (/login|/do_login)\.php [NC]
RewriteCond %{HTTPS} != on
RewriteRule ^(.*)\.php https://%{HTTP_HOST}/$1 [R=301,L]
I think this might be of your help
.htaccess redirect https to http not working
and for last question this might be of your help
http://httpd.apache.org/docs/current/rewrite/flags.html and
http://www.addedbytes.com/download/mod_rewrite-cheat-sheet-v2/png/
EDIT:
You can try using
RewriteCond %{SERVER_PORT} ^443$
RewriteCond %{SERVER_PORT} !^443$
instead of
RewriteCond %{HTTPS} on [NC]
RewriteCond %{HTTPS} off [NC]
For detail
Please see this link, someone had similar problem. Please see second reply of the post
http://www.webmasterworld.com/apache/3228459.htm
you can solve this by creating the domain alias
You can't do it within .htaccess, but within a http.conf <VirtualHost> section you can use the ServerName and ServerAlias directives to accomplish this.
Your confusion over /about is due to redirecting to %{REQUEST_URI}, which isn't changed as you make substitutions. Capture the URI and use $1 if you don't really want the URI as it started uring this round of rewrite processing.