Rather than in core PHP, htaccess modification is different.
So, after some searching I have reached to the following code.
before that,
my requirements are standard in my project.
www is strictly not allowed in whole site. i.e. redirect directly to non-www version.
HTTPS is for some pages. (checkout, login page) . Strictly HTTP for other pages.
removing CodeIgniter's default index.php
Here is my code.
RewriteEngine on
#################################
# force HTTPS
RewriteCond %{HTTPS} =off
RewriteCond %{REQUEST_URI} (checkout|login)
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# force HTTP
RewriteCond %{HTTPS} =on
#RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteCond %{REQUEST_URI} !(checkout|login|css|img|js)
RewriteRule .* http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# Strict to non-www version >>> Not Working
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule ^(.*)$ http://%1%{REQUEST_URI}/$1 [R=301,NE,L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule .* index.php/$0 [L]
Issue: Not able to reach to result of non-www version of site
update(17 Oct)
# Strict to non-www version.
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteCond %{REQUEST_URI} (login|account_detail|alternate_address|update_password)
RewriteRule ^ https://%1%{REQUEST_URI} [R=301,L,QSA]
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteCond %{REQUEST_URI} !(login|account_detail|alternate_address|update_password|https|css|img|js|resources|images)
RewriteRule ^ http://%1%{REQUEST_URI} [R=301,L,QSA]
# force HTTPS
RewriteCond %{HTTPS} =off
RewriteCond %{REQUEST_URI} (login|account_detail|alternate_address|update_password)
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# force HTTP
RewriteCond %{HTTPS} =on
RewriteCond %{REQUEST_URI} !(login|account_detail|alternate_address|update_password|https|css|img|js|resources|images)
RewriteRule .* http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule .* index.php/$0 [L]
On this new updated code, htaccess tester site displaying everything perfectly.
But, after updating to site there are many issues.
When I open this link
https://example.com/login
It keeps looping, not stopping.
And on this link
http://www.example.com/login
it redirects to
https://login/login
It is easier to handle the no-www and toggle-protocol redirects separately. In the following example:
The www requests are redirected to no-www as-is (handle toggle-protocol redirect on next request)
The http requests for selected pages are redirected to https version
The https requests for other pages are redirected to http version
Note the leading /...(/|$) in the following examples. They ensure that complete path fragments are matched (e.g. in the third set of rules /js/main.js matches but /jsmith/profile does not).
RewriteEngine On
# Force NOWWW
RewriteCond %{HTTP_HOST} ^www\.(.+) [NC]
RewriteRule ^ http://%1%{REQUEST_URI} [R=302,L]
# Force HTTPS
RewriteCond %{HTTPS} =off
RewriteCond %{REQUEST_URI} /(login|account_detail|alternate_address|update_password)(/|$)
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=302,L]
# Force HTTP
RewriteCond %{HTTPS} =on
RewriteCond %{REQUEST_URI} !/(login|account_detail|alternate_address|update_password|css|img|js)(/|$)
RewriteRule ^ http://%{HTTP_HOST}%{REQUEST_URI} [R=302,L]
# Hijack all requests
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule .* index.php/$0 [L]
The following tests passed:
http://www.example.com/
http://example.com/
http://www.example.com/a/b?c=3&d=4
http://example.com/a/b?c=3&d=4
http://www.example.com/login
http://example.com/login
https://example.com/login
https://www.example.com/js/javascript.js
https://example.com/js/javascript.js
http://example.com/js/javascript.js
Note: Remember to replace 302 with 301 after testing.
Related
I force http to https redirection in my .htaccess and it works just fine. But I added RewriteCond %{REQUEST_URI} !^/robots.txt$ rule, not to redirect http://example.com/robots.txt anywhere and just serve the robots.txt file.
The problem is, it does not work and http://example.com/robots.txt gets somehow redirected to http://example.com/index.php url.
My .htaccess is as following:
RewriteEngine On
# HTTPS redirect
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteCond %{REQUEST_URI} !^/robots.txt$
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^.*$ - [L]
RewriteRule ^(.+)$ /index.php [L,QSA]
Any suggestions? Thank you.
It redirects because last rule change REQUEST_URI to /index.php. You should be using THE_REQUEST variable in first rule as that doesn't get overwritten after application of rules.
RewriteEngine On
# HTTPS redirect
RewriteCond %{HTTPS} !on
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteCond %{THE_REQUEST} !/robots\.txt [NC]
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301,NE]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . index.php [L]
Also make sure to test this change in a new browser or test it after completely clearing your browser cache.
So I have recently uploaded my new website to hostgator.
I am trying to remove .php extension and add a trailing slash to all my urls.
For example
website.com/about.php should change to website.com/about/
I have the htaccess code that has worked for other websites on different hosts, but when i tried it for this website on hostgator it doesnt work.
This is the code I tried:
RewriteEngine On
RewriteBase /
## hide .php extension snippet
# To externally redirect /dir/foo.php to /dir/foo
RewriteCond %{THE_REQUEST} ^[A-Z]{3,}\s([^.]+)\.php [NC]
RewriteRule ^ %1/ [R,L]
# add a trailing slash
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_URI} !/$
RewriteRule . %{REQUEST_URI}/ [L,R=301]
# To internally forward /dir/foo to /dir/foo.php
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME}.php -f
RewriteRule ^(.*?)/?$ $1.php [L]
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://website.co.uk/$1 [R,L]
RewriteCond %{HTTP_HOST} ^www.website.co.uk [NC]
RewriteRule ^(.*)$ http://website.co.uk/$1 [L,R=301]
Currently I now have this in my htaccess:
RewriteEngine On
RewriteBase /
RewriteCond %{THE_REQUEST} ^[A-Z]{3,}\s([^.]+)\.php [NC]
RewriteRule ^ %1 [R=301,L]
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME}.php -f
RewriteRule ^(.*?)/?$ $1.php [NC,L]
# remove www and turn on https in same rule
RewriteCond %{HTTP_HOST} ^www\. [NC,OR]
RewriteCond %{HTTPS} !on
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]
RewriteRule ^ https://%1%{REQUEST_URI} [R=301,L,NE]
Hostgator added this htaccess for me which basically redirects http requests to https and removes http://www.website.co.uk and www.website.co.uk to website.co.uk
What can I do to remove .php extension and force trailing slash?
You can replace all the code in your site root .htaccess with this:
RewriteEngine On
# remove www and turn on https in same rule
RewriteCond %{HTTP_HOST} ^www\. [NC,OR]
RewriteCond %{HTTPS} !on
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]
RewriteRule ^(.*?)/?$ https://%1/$1/ [R=301,L,NE]
# To externally redirect /dir/file.php to /dir/file
RewriteCond %{THE_REQUEST} \s/+(.+?)\.php[\s?] [NC]
RewriteRule ^ /%1/ [R=301,NE,L]
# add a trailing slash
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_URI} !/$
RewriteRule . %{REQUEST_URI}/ [L,R=301,NE]
# To internally rewrite /dir/file to /dir/file.php
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{DOCUMENT_ROOT}/$1.php -f
RewriteRule ^([^.]+?)/?$ $1.php [L]
Make sure to test this in a new browser or after clearing your browser cache.
For starters, depending on your hosting environment you may need to add the following to the beginning of your htaccess file:
Options -MultiViews
If MultiViews is on the server will do implicit filename matching. So if you request page/ it could interpret that as page.php. Use the option above to disable MultiViews and see if that helps.
I am using Zend framework where i have nice looking url controllers. Following .htaccess is working but its making SEO to see us as four links for one page.
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} -s [OR]
RewriteCond %{REQUEST_FILENAME} -l [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^.*$ - [NC,L]
RewriteRule ^.*$ index.php [NC,L]
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R]
I need to do following fix using htaccess:
www.stackoverflow.com/nice-looking-url =
https://www.stackoverflow.com/nice-looking-url
stackoverflow.com/nice-looking-url =
https://www.stackoverflow.com/nice-looking-url
http://www.stackoverflow.com/nice-looking-url =
https://www.stackoverflow.com/nice-looking-url
http://stackoverflow.com/nice-looking-url =
https://www.stackoverflow.com/nice-looking-url
How to do it correctly using htaccess? so that above input urls are safely landing with https://www. in front always?
Have your full .htaccess like this:
RewriteEngine On
## add www and turn on https in same rule - main domain
RewriteCond %{HTTP_HOST} !^www\. [NC,OR]
RewriteCond %{HTTPS} !on
RewriteCond %{HTTP_HOST} ^(?:www\.)?(example\.com)$ [NC]
RewriteRule ^ https://www.%1%{REQUEST_URI} [R=301,L,NE]
## turn on https in same rule - sub domain
RewriteCond %{HTTPS} !on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L,NE]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^ index.php [L]
Make sure to use a new browser to test your changes to avoid old browser cache.
I installed basic Yii2 application and want to force all connections to use HTTPS instead of HTTP. Here my .htaccess:
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,NE,R=301]
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ http://%1/$1 [R=301,L]
RewriteRule (.+)/$ /$1 [L,R=301]
RewriteCond %{THE_REQUEST} ^.*/index\.php
RewriteRule ^(.*)index.php$ /$1 [R=301,L]
RewriteCond %{THE_REQUEST} ^.*/index\.html
RewriteRule ^(.*)index.html /$1 [R=301,L]
RewriteCond %{THE_REQUEST} ^.*/main\.html
RewriteRule ^(.*)main.html /$1 [R=301,L]
# If a directory or a file exists, use the request directly
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
# Otherwise forward the request to index.php
RewriteRule . index.php
And in web/index.php I'm adding
$_SERVER['HTTPS']='on';
When I open site I see an error "too many redirects". I check chrome network inspector and I see that from https://example.org I'm redirecting to https://example.org and so get into the cycle
I used following code to redirect http to https in .htaccess file
RewriteCond %{HTTP_HOST} ^example\.com$ [NC]
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://example/$1 [R=301,L]
It redirects all request on port 80 to https.
I've read many articles and cannot seem to get ALL of the combined .htaccess Rewrites to work together. I either get re-direct loops or one or a few do not work at all.
To be clear I'm looking for the following 5 to occur if needed:
Ensure www on all URLs
Ensure HTTPS for all version of site
Remove index.php from url
Remove all .php extension / Re-direct to url without .php extension
Could be in tandem with the previous: add trailing slash
Some examples:
example.com/index.php => https://www.example.com/
www.example.com/info/really-good-info.php => https://www.example.com/info/really-good-info/
www.example.com/about-us.php => https://www.example.com/about-us/
www.example.com/careers/index.php => https://www.example.com/careers/
Here is current .htaccess setup:
<IfModule mod_rewrite.c>
Options +SymLinksIfOwnerMatch
RewriteEngine On
RewriteBase /
# Remove all .php extensions without interfering with .js or .css.
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)\.(?!js|css)([^.]*)$ $1\.php
# Remove index from url.
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index?$1 [L,QSA]
RewriteCond %{THE_REQUEST} ^[A-Z]{3,}\s(.*)/index\.php [NC]
RewriteRule ^ %1 [R=301,L]
# Ensure www on all URLs.
RewriteCond %{HTTP_HOST} ^example.com [NC]
RewriteRule ^(.*)$ https://www.example.com/$1 [L,R=301]
# Ensure we are using HTTPS version of the site.
RewriteCond %{HTTPS} !on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# Ensure all URLs have a trailing slash.
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_URI} !(.*)/$
RewriteRule ^(.*)$ https://www.example.com/$1/ [L,R=301]
</IfModule>
The above .htaccess is ONLY in my root folder and currently does 3 out of the 5 needed: changes to HTTPS, adds www and removes index.php. It does not remove any other .php files extension nor does it add trailing slash.
I see 2 issues:
Redirect rules appearing after rewrite ones
Adding .php should only happen after you ensure corresponding .php file exists.
Have it this way:
Options +SymLinksIfOwnerMatch
RewriteEngine On
RewriteBase /
# Ensure www on all URLs.
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [L,R=302]
# Ensure we are using HTTPS version of the site.
RewriteCond %{HTTPS} !on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=302]
RewriteCond %{THE_REQUEST} \s/*(.*?)/index\.php [NC]
RewriteRule ^ %1/ [R=302,L]
RewriteCond %{THE_REQUEST} \s/+(.+?)\.php[\s?] [NC]
RewriteRule ^ /%1/ [R=302,L]
# Ensure all URLs have a trailing slash.
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^[^.]*?[^/.]$ %{REQUEST_URI}/ [L,R=302]
# Remove all .php extensions without interfering with .js or .css.
RewriteCond %{REQUEST_FILENAME}.php -f
RewriteRule ^([^.]+?)/?$ $1.php [L]
# Remove index from url.
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^([^.]+?)/?$ index.php?$1 [L,QSA]
Make sure to clear your browser cache before testing this.
Try this to avoid the loop:
#non-www. http to www. https
RewriteCond %{ENV:HTTPS} !on
RewriteCond %{HTTP_HOST} ^(www\.)?yourdomain\.com$
RewriteRule (.*) https://www.yourdomain.com/$1 [R=301,L]
#non-www. https to www. https
RewriteCond %{ENV:HTTPS} on
RewriteCond %{HTTP_HOST} ^yourdomain\.com$
RewriteRule (.*) https://www.yourdomain.com/$1 [R=301,L]
RewriteCond %{THE_REQUEST} \s/*(.*?)/index\.php [NC]
RewriteRule ^ %1/ [R=302,L]
RewriteCond %{THE_REQUEST} \s/+(.+?)\.php[\s?] [NC]
RewriteRule ^ /%1/ [R=302,L]
# Ensure all URLs have a trailing slash.
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^[^.]*?[^/.]$ %{REQUEST_URI}/ [L,R=302]
# Remove all .php extensions without interfering with .js or .css.
RewriteCond %{REQUEST_FILENAME}.php -f
RewriteRule ^([^.]+?)/?$ $1.php [L]
# Remove index from url.
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^([^.]+?)/?$ index.php?$1 [L,QSA]