I've had a look through existing questions, but I haven't really come across anything which works for me.
I'm currently running a site with a Secure SSL certificate. It can be accessed at https://www.example.co.uk a problem is the site can also be accessed at http://www.example.co.uk - I don't want this to be possible. I need it to redirect from http to https.
I found this one snippet of code to use in an .htaccess file.
Options +FollowSymLinks
RewriteEngine on
RewriteCond %{HTTP_HOST} ^example.co.uk [NC]
RewriteRule ^(.*)$ https://example.co.uk/$1 [L,R=301]
This works fine when the user enters example.co.uk into their address bar, but I also need to add a conditional statement of some sort so that if the user enters 'www.example.co.uk' or 'http://www.example.co.uk'.
I've tried using the likes of [OR], but this ends up creating server errors.
Any help and suggestions is appreciated.
Cheers.
Try the following:
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]
Also, you can also redirect based on port number, for example:
RewriteCond %{SERVER_PORT} ^80$
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]
This will redirect all requests received on port 80 to HTTPS.
Add the following code in .htaccess file.
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]
change example.com with your website domain
URLs redirect tutorial can be found from here - Redirect non-www to www & HTTP to HTTPS using .htaccess file
Try this, I used it and it works fine
Options +FollowSymLinks
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
Try this:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
Source:
https://www.ndchost.com/wiki/apache/redirect-http-to-https
(I tried so many different blocks of code, this 3 liner worked flawlessly)
For me work ONLY this variant:
RewriteCond %{HTTPS} off
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Thanks https://www.reg.ru/support/hosting-i-servery/sajty-i-domeny/kak-dobavit-redirekt/redirekt-s-http-na-https (in Russian)
I try all of above code but any code is not working for my website.then i try this code and This code is running perfect for my website. You can use the following Rule in htaccess :
<IfModule mod_rewrite.c>
Options +FollowSymLinks
RewriteEngine On
//Redirect http to https
RewriteCond %{SERVER_PORT} 80
RewriteCond %{HTTP_HOST} ^(www\.)?example\.com
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]
//Redirect non-www to www
RewriteCond %{HTTP_HOST} ^example.com [NC]
RewriteRule ^(.*)$ https://www.example.com/$1 [L,R=301]
</IfModule>
Change example.com with your domain name and sorry for my poor english.
# Switch rewrite engine off in case this was installed under HostPay.
RewriteEngine Off
SetEnv DEFAULT_PHP_VERSION 7
DirectoryIndex index.cgi index.php
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
# RewriteCond %{HTTP_HOST} ^compasscommunity.co.uk\.com$ [NC]
# RewriteRule ^(.*)$ https://www.compasscommunity.co.uk/$1 [L,R=301]
To redirect http://example.com or http://www.example.com to https://www.example.com in a simple way, you can use the following Rule in htaccess :
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteCond www.%{HTTP_HOST} ^(?:www\.)?(www\..+)$ [NC]
RewriteRule ^ https://%1%{REQUEST_URI} [NE,L,R]
[Tested]
%{REQUEST_SCHEME} variable is available since apache 2.4 , this variable contains the value of requested scheme (http or https), on apache 2.4 you can use the following rule :
RewriteEngine on
RewriteCond %{REQUEST_SCHEME} ^http$
RewriteCond %{HTTP_HOST} ^(www\.)?(.+)$ [NC]
RewriteRule ^ https://www.%{HTTP_HOST}%{REQUEST_URI} [NE,L,R]
There are better and more secure ways to make sure that all your traffic goes over https. For example setting up two virtual hosts and redirecting all traffic from your http to your https host. Read more on this in this answer here on security.stackexchange.com.
With setting up a virtual host for redirecting you can send a 301 status (redirect permanently) so the browser understands that all the following requests should be sent to the https server where it was redirected to. Hence no further http requests will be made after the first redirect response.
You should also carefully check the given answers because with the wrong rewrite rules set you might loose the query params from your incoming requests.
If you want to redirect HTTP to HTTPS and want to add www with each URL, use the htaccess below
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,L]
it will first redirect HTTP to HTTPS and then it will redirect to www.
Since this is one of the top results in the search, if you're trying to add http to https redirect on AWS beanstalk, the accepted solution will not work.
You need following code instead:
RewriteCond %{HTTP:X-Forwarded-Proto} =http
RewriteRule ^.*$ https://%{HTTP:Host}%{REQUEST_URI} [L,R=permanent]
Try this
RewriteCond %{HTTP_HOST} !^www. [NC]
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]
Perfect Code Going to HTML index :
RewriteEngine on
RewriteCond %{HTTP_HOST} ^YourNameWebsite\.com$ [OR]
RewriteCond %{HTTP_HOST} ^www\.YourNameWebsite\.com$
RewriteRule ^/?$ "https\:\/\/YourNameWebsite\.com\/index\.html" [R=301,L]
Or
Perfect Code Going to PHP index :
RewriteEngine on
RewriteCond %{HTTP_HOST} ^YourNameWebsite\.com$ [OR]
RewriteCond %{HTTP_HOST} ^www\.YourNameWebsite\.com$
RewriteRule ^/?$ "https\:\/\/YourNameWebsite\.com\/index\.php" [R=301,L]
None of these worked for me, except for this. My site was hosted in https://www.asmallorange.com
RewriteEngine On
RewriteCond %{HTTPS} !on
RewriteCond %{SERVER_PORT} !^443$
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
The below code, when added to the .htaccess file, will automatically redirect any traffic destined for http: to https:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
</IfModule>
If your project is in Laravel add the two lines
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
just below RewriteEngine On. Finally your .htaccess file will look like the following.
<IfModule mod_rewrite.c>
<IfModule mod_negotiation.c>
Options -MultiViews -Indexes
</IfModule>
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
# Handle Authorization Header
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
# Redirect Trailing Slashes If Not A Folder...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} (.+)/$
RewriteRule ^ %1 [L,R=301]
# Handle Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
</IfModule>
Visite here to more information
in .htaccess file add following line to restrict http access
SSLRequireSSL
for some reason its inverted in my host
so if i want it to reditect i need to check if https is on and then redirect to https
RewriteCond %{HTTPS} =on
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [L,R=301]
is the code i use
I have created url-masking (url-mapping) on my portal.
Same php code are running with different urls.
My portal link is http://subdomain.domain.in (main-link) and client url is http://www.client-domain.com.
I want to redirect client URL HTTP to https using my .htaccess file.
Edit from comment:
RewriteEngine On
RewriteCond %{HTTP_HOST} ^client-domain.in [NC]
RewriteRule ^(.*)$ https://%{SERVER_NAME}%{REQUEST_URI}/$1 [L,R=301]
RewriteCond %{HTTP_HOST} ^mydomain.in [NC]
RewriteRule ^(.*)$ http://%{SERVER_NAME}%{REQUEST_URI}/$1 [L,R=301]
you can use below code for the same
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
it will redirect your url http to https.
My problem is solved now.
I have added this code in .htaccess, and client's url work with HTTPS.
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} www.client-domain.com [NC]
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}/$1 [R=301,L]
RewriteCond %{HTTPS} on
RewriteCond %{HTTP_HOST} ^my-domain.in [NC]
RewriteRule ^(.*)$ http://%{SERVER_NAME}%{REQUEST_URI}/$1 [L,R=301]
I am having an issue with subdomain.. i have a subdomain content.domain.com
which i want to use for cookieless domain content..
but when i wrote it in website.. its automatically add full website url.. which i have added in .htaccess
can you please let me know how can i stop redirecting the subdomain ....
Please help......
here is code for htaccess for domain redicretion
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule .* https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
You can combine both rules into a single rule
Using a RewriteCond you can omit a subdomain.
Have it like this:
RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\. [NC,OR]
RewriteCond %{HTTPS} !on
RewriteCond %{HTTP_HOST} ^(?!content\.domain\.com)(?:www\.)?(.+)$ [NC]
RewriteRule ^ https://www.%1%{REQUEST_URI} [R=301,L,NE]
Make sure you clear your browser cache while testing this change.
I need to redirect all the pages of my website from https to http except sign-in page. I want if someone try to browse sign-in page via http, it should be redirected to https. My website is developed under drupal 7. However, I have written some condition in .htaccess but no luck. What I did as:
RewriteEngine On
RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} !^/sign-in
RewriteRule ^(.*)$ http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
By the above code all the page are redirecting https to http but not getting exception for sign-in.
Keep these 2 redirect rules at top of your .htaccess:
RewriteEngine On
# redirect anything except /sign-in to http
RewriteCond %{HTTPS} on
RewriteCond %{THE_REQUEST} !/sign-in [NC]
RewriteRule ^ http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301,NE]
# redirect /sign-in to https
RewriteCond %{HTTPS} off
RewriteCond %{THE_REQUEST} /sign-in [NC]
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301,NE]
Try to something like this
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} !^/sign-in\.php$ [NC]
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L,QSA]
RewriteCond %{HTTPS} on
RewriteRule ^(sign-in\.php)$ http://%{HTTP_HOST}/$1 [R=301,L,QSA]
I have this code for forcing SSL on a website generally:
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Which I got from here
I would like it to only apply to a specific sub-domain.
For example, if you were to visit http://sub.domain.org it should redirect to https://sub.domain.org.
I have a hunch that I need to add another RewriteCond which basically says is the domain that is being hit is http://sub.domain.org, but I am at a loss on how to write this code.
I've been looking at other stackoverflow questions such as:
Force HTTPS and WWW for domain and only HTTPS for subdomains HTACESS
Force SSL/https using .htaccess and mod_rewrite
and the Apache docs: https://httpd.apache.org/docs/current/mod/mod_rewrite.html#rewritecond
And I've had these attempts:
RewriteCond %{HTTPS} !=on
RewriteCond %{HTTP_HOST} !^(reports\.)?uksacb\.org$ [NC]
RewriteRule ^.*$ https://%1%{REQUEST_URI} [R,L]
Sort of reversed the answer in this question/answer:
RewriteCond %{HTTPS} !=on
RewriteCond %{HTTP_HOST} =reports.uksacb.org
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
However I'm still failing to make sense of how to do it correctly.
If anyone could explain to me what I'm doing wrong, what I need to do to get it right and how does one go about debugging their rewrite conditions and rules to make sure it works properly I'd be very grateful. Sometimes I think my browser is caching the rules I've written and my different attempts are not taking any affect!
My whole .htaccess looks like this:
Options -MultiViews
RewriteEngine On
# Redirect Trailing Slashes If Not A Folder...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)/$ /$1 [L,R=301]
# Force SSL
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# Handle Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
To avoid using the domain or subdomain names I used to use the following code:
# Redirect HTTP to HTTPS
RewriteCond %{HTTPS} off
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
I prefer without WWW.
%{HTTPS} Set to on if the request is served over SSL.
%{HTTP_HOST} Everything between the protocol (http:// or https://) and the request (/example-file.txt).
%{REQUEST_URI} Everything after the server address — for example, a request to http://example.com/my/example-file.txt sets this value as my/example-file.txt.
%{HTTP:X-Forwarded-Proto} The protocol used when the URL was requested — set to http or https.
I hope it can be useful for anybody.
For debugging I use a website I found https://htaccess.madewithlove.be/
Using the rules you provided
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
I got an error at
RewriteCond %{HTTPS} !=on
This might work for you
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{SERVER_NAME}/%$1 [R,L]
Found the above example at https://www.sslshopper.com/apache-redirect-http-to-https.html