I've had a look through existing questions, but I haven't really come across anything which works for me.
I'm currently running a site with a Secure SSL certificate. It can be accessed at https://www.example.co.uk a problem is the site can also be accessed at http://www.example.co.uk - I don't want this to be possible. I need it to redirect from http to https.
I found this one snippet of code to use in an .htaccess file.
Options +FollowSymLinks
RewriteEngine on
RewriteCond %{HTTP_HOST} ^example.co.uk [NC]
RewriteRule ^(.*)$ https://example.co.uk/$1 [L,R=301]
This works fine when the user enters example.co.uk into their address bar, but I also need to add a conditional statement of some sort so that if the user enters 'www.example.co.uk' or 'http://www.example.co.uk'.
I've tried using the likes of [OR], but this ends up creating server errors.
Any help and suggestions is appreciated.
Cheers.
Try the following:
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]
Also, you can also redirect based on port number, for example:
RewriteCond %{SERVER_PORT} ^80$
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]
This will redirect all requests received on port 80 to HTTPS.
Add the following code in .htaccess file.
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]
change example.com with your website domain
URLs redirect tutorial can be found from here - Redirect non-www to www & HTTP to HTTPS using .htaccess file
Try this, I used it and it works fine
Options +FollowSymLinks
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
Try this:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
Source:
https://www.ndchost.com/wiki/apache/redirect-http-to-https
(I tried so many different blocks of code, this 3 liner worked flawlessly)
For me work ONLY this variant:
RewriteCond %{HTTPS} off
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Thanks https://www.reg.ru/support/hosting-i-servery/sajty-i-domeny/kak-dobavit-redirekt/redirekt-s-http-na-https (in Russian)
I try all of above code but any code is not working for my website.then i try this code and This code is running perfect for my website. You can use the following Rule in htaccess :
<IfModule mod_rewrite.c>
Options +FollowSymLinks
RewriteEngine On
//Redirect http to https
RewriteCond %{SERVER_PORT} 80
RewriteCond %{HTTP_HOST} ^(www\.)?example\.com
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]
//Redirect non-www to www
RewriteCond %{HTTP_HOST} ^example.com [NC]
RewriteRule ^(.*)$ https://www.example.com/$1 [L,R=301]
</IfModule>
Change example.com with your domain name and sorry for my poor english.
# Switch rewrite engine off in case this was installed under HostPay.
RewriteEngine Off
SetEnv DEFAULT_PHP_VERSION 7
DirectoryIndex index.cgi index.php
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
# RewriteCond %{HTTP_HOST} ^compasscommunity.co.uk\.com$ [NC]
# RewriteRule ^(.*)$ https://www.compasscommunity.co.uk/$1 [L,R=301]
To redirect http://example.com or http://www.example.com to https://www.example.com in a simple way, you can use the following Rule in htaccess :
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteCond www.%{HTTP_HOST} ^(?:www\.)?(www\..+)$ [NC]
RewriteRule ^ https://%1%{REQUEST_URI} [NE,L,R]
[Tested]
%{REQUEST_SCHEME} variable is available since apache 2.4 , this variable contains the value of requested scheme (http or https), on apache 2.4 you can use the following rule :
RewriteEngine on
RewriteCond %{REQUEST_SCHEME} ^http$
RewriteCond %{HTTP_HOST} ^(www\.)?(.+)$ [NC]
RewriteRule ^ https://www.%{HTTP_HOST}%{REQUEST_URI} [NE,L,R]
There are better and more secure ways to make sure that all your traffic goes over https. For example setting up two virtual hosts and redirecting all traffic from your http to your https host. Read more on this in this answer here on security.stackexchange.com.
With setting up a virtual host for redirecting you can send a 301 status (redirect permanently) so the browser understands that all the following requests should be sent to the https server where it was redirected to. Hence no further http requests will be made after the first redirect response.
You should also carefully check the given answers because with the wrong rewrite rules set you might loose the query params from your incoming requests.
If you want to redirect HTTP to HTTPS and want to add www with each URL, use the htaccess below
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,L]
it will first redirect HTTP to HTTPS and then it will redirect to www.
Since this is one of the top results in the search, if you're trying to add http to https redirect on AWS beanstalk, the accepted solution will not work.
You need following code instead:
RewriteCond %{HTTP:X-Forwarded-Proto} =http
RewriteRule ^.*$ https://%{HTTP:Host}%{REQUEST_URI} [L,R=permanent]
Try this
RewriteCond %{HTTP_HOST} !^www. [NC]
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]
Perfect Code Going to HTML index :
RewriteEngine on
RewriteCond %{HTTP_HOST} ^YourNameWebsite\.com$ [OR]
RewriteCond %{HTTP_HOST} ^www\.YourNameWebsite\.com$
RewriteRule ^/?$ "https\:\/\/YourNameWebsite\.com\/index\.html" [R=301,L]
Or
Perfect Code Going to PHP index :
RewriteEngine on
RewriteCond %{HTTP_HOST} ^YourNameWebsite\.com$ [OR]
RewriteCond %{HTTP_HOST} ^www\.YourNameWebsite\.com$
RewriteRule ^/?$ "https\:\/\/YourNameWebsite\.com\/index\.php" [R=301,L]
None of these worked for me, except for this. My site was hosted in https://www.asmallorange.com
RewriteEngine On
RewriteCond %{HTTPS} !on
RewriteCond %{SERVER_PORT} !^443$
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
The below code, when added to the .htaccess file, will automatically redirect any traffic destined for http: to https:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
</IfModule>
If your project is in Laravel add the two lines
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
just below RewriteEngine On. Finally your .htaccess file will look like the following.
<IfModule mod_rewrite.c>
<IfModule mod_negotiation.c>
Options -MultiViews -Indexes
</IfModule>
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
# Handle Authorization Header
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
# Redirect Trailing Slashes If Not A Folder...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} (.+)/$
RewriteRule ^ %1 [L,R=301]
# Handle Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
</IfModule>
Visite here to more information
in .htaccess file add following line to restrict http access
SSLRequireSSL
for some reason its inverted in my host
so if i want it to reditect i need to check if https is on and then redirect to https
RewriteCond %{HTTPS} =on
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [L,R=301]
is the code i use
I have Installed SSL on my server.
So request are https by default.
But when I enter Url http://example.com/abc/a it redirects to
https://example.com it should be go to (https://example.com/abc/a).
And when I tried with exact secure Url https://example.com/abc/a it
redirects to same.
I want to solve my first case.
You need to add following code at top of your .htaccess file, if you are using Magento
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301,NE]
You have not shown what you have in your .htaccess file but I use the following to redirect all standard http traffic to https.
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://%{SERVER_NAME}/$1 [R,L]
Options +FollowSymLinks
RewriteEngine on
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301,NE]
i use mod_rewrite to allow "friendly URLS" to replace search parameters, which works fine.
However i need to now redirect all traffic to https:// but allow only some pages to remain on http://
(i need to do this so my referrals are collected by the sites i send traffic to)
Over the years i have added to the .htaccess file, most works OK but i dont fully understand it, so it may be getting messy too :-(
i have the below (i have cut out anything i dont think is relevant)
<IfModule mod_rewrite.c>
Options +FollowSymlinks
RewriteEngine On
</IfModule>
<IfModule mod_rewrite.c>
RewriteCond %{SCRIPT_FILENAME} -d [OR]
RewriteCond %{SCRIPT_FILENAME} -f
RewriteRule "(^|/)\." - [F]
</IfModule>
<IfModule mod_rewrite.c>
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^profile/([A-Za-z0-9'/-]+)-([0-9]+)$ profile.php?id=$2 [NC,L,QSA]
# NOTE: this allows for profile.php?id=123 to be replaced with /profile/name-123
# redirects any http:// traffic to https://
RewriteCond %{HTTPS} !on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</IfModule>
The above works OK, but redirect ALL pages to https
I have tried adding /changing the https redirect part to the below to allow urlout.php not to be redirected, but this just loops and i get a browser warning that the page has too many redirects :-(
# redirects any http:// traffic to https://
RewriteCond %{HTTPS} !on
RewriteCond ${REQUEST_URI} !^/urlout\.php
#RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
I have tried a few other things too, but they either dont redirect and everything goes to https, or i get a loop error or internal 500 error...
Basically i want all pages to go to https, but not urlout.php
Any advice on any of the code above would me much appreciated!
Answering my own questions:
i managed to do this, was a silly mistake of me not adding [NC] after the first condition...
However, for others, the below code will redirect ALL to https:// from http:// with the exception of 1 page (urlout.php in my case)
# redirects any http:// traffic to https:// with exception of urlout.php
RewriteCond %{HTTPS} off [NC]
RewriteCond %{REQUEST_URI} !^/urlout\.php [NC]
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
I needed to do this, so that sites i send traffic to can see my domain as the "HTTP referrer".
I however found a simpler way to pass the referrer from https to http (although browser specific!) of adding to the HTML head:
<meta name="referrer" content="origin">
My ref for this was (among others): moz.com's Meta Referrer Tag Blog Post
If you want to redirect some spacific pages to https, forexample, To redirect :
http://www.example.com/page.html
to
https://www.example.com/page.html
And
http://www.example.com/page2.html
to
- https://www.example.com/page2.html
You may try the following :
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule ^(page|page2)\.html$ https://www.example.com/$1.html [L,R]
If you want to redirect the whole site from http to https, you can use the following :
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://www.example.com/$1 [NC,L,R]
RewriteCond %{HTTPS} off is important to avoid redirect loop as it skips the rule for https requests.
I've tried implementing a number of suggested solutions to this problem but can't get anything to work.
I am using 2 .htaccess files, one in my root directory which reads as follows:
RewriteEngine on
RewriteBase /
RewriteRule ^(webservice|api) - [L]
RewriteCond %{HTTPS} off
RewriteRule (.*) https://www.domain.com%{REQUEST_URI} [R=301,L]
This redirects all traffic to the main website through https which I need.
However in a subdirectory I want to disable the reroute and force all requests that go to this directory through http. The .htaccess file in /webservice/rest/ reads:
RewriteEngine On
RewriteBase /webservice/rest/
RewriteCond %{HTTPS} on
RewriteRule (.*) http://www.domain.com/webservice/rest/%{REQUEST_URI} [R=301,L]
RewriteRule ^testingPost/?$ testingPost.php [NC]
RewriteRule ^([a-zA-Z0-9\_\-]+)/?(\?([a-zA-Z0-9\_\-\=\?\&]))?$ otherfiledirect.php?method=$1¶ms=$2 [NC]
There are a few redirects taking place, but the 3rd and 4th line in the 2nd htaccess don't seem to be doing anything - can anyone see what I'm doing wrong and how to keep https on the main site but force http on any url below /webservice/rest/ ??
Cheers
The problem was with the ssl config file in the server. Allow Override needed to be set to All under the secure virtual host at port 443. After changing that, the following code in the root htaccess file allowed me to force https across the whole website except a specific folder:
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} !/webservice [NC]
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
So any request to http would go to https. However I still needed to explicitly change requests to https on my specified folder to redirect to http, so added the following code after the above:
RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} /webservice [NC]
RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
Bullet proof.
Try this in /webservice/rest/.htaccess and make sure to test in a new browser:
RewriteEngine On
RewriteBase /webservice/rest/
RewriteCond %{HTTPS} on
RewriteRule ^ http://www.domain.com/%{REQUEST_URI} [R=301,L,NE]
RewriteRule ^testingPost/?$ testingPost.php [L,NC]
RewriteRule ^([\w-]+)/?(\?([\w-=?&]))?$ otherfiledirect.php?method=$1¶ms=$2 [L,NC]
In my website mycreditstatus.co.za, I use .htaccess to rewrite and redirect a URL from http to https and here's the code I use for the .htaccess in the public_html (http) directory:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
It works just fine but it rewrites and redirects all http urls into https.
The problem is that my website also performs some requests to non-https sites so I don't want to rewrite and redirect some of the links to https.
Here's one of the links that I don't want to redirect/rewrite:
http://imupost.co.za/
I want to know the code that I should write for the .htaccess on the public_ssl (https) directory since the request will be coming from there.
Try this code :
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} ^imupost.co.za$
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301]
Have this code in .htaccess under your public_html dir:
Options +FollowSymLinks -MultiViews
# Turn mod_rewrite on
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} !^imupost\.co\.za$ [NC]
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
And have this code in .htaccess under your public_ssl dir:
Options +FollowSymLinks -MultiViews
# Turn mod_rewrite on
RewriteEngine On
RewriteCond %{HTTPS} on
RewriteCond %{HTTP_HOST} ^imupost\.co\.za$ [NC]
RewriteRule ^ http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]