• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 522
  • Last Modified:

.htacess redirect non SSL to SSL & non www. to www.

Hi Experts

I'd like to redirect all non https requests to https, and at the same time redirect any requests for domain.com to www.domain.com. i.e

http://domain.com gets redirected to https://www.domain.com
http://www.domain.com gets redirected to https://www.domain.com
http://domain.com/html/some_page.html  gets redirected to https://www.domain.com/html/some_page.html
etc
0
PaliTree
Asked:
PaliTree
  • 9
  • 9
1 Solution
 
xtermCommented:
For non-HTTPS to https, you can do it with a .htaccess rewrite rule, this covers both cases #2 and #3 that you listed:

    RewriteEngine On
    RewriteRule ^/(.*)         https://www.mysite.com/$1 [L,R]

For case #1, simply add a CNAME to the DNS zone for your domain - do you have access to that?  If so, do:

   @   IN CNAME  www.domain.com

(or you can do @  IN A <ip of your web server)

Then what will happen is that anybody who types in http://domain.com/ will be taken to http//www.domain.com/ and then they will be rewritten via the htaccess above to https://www.domain.com/

Let me know if you need clarification on any of it.
0
 
PaliTreeAuthor Commented:
Are you sure that can be done? I saw this for example:

"You cannot cname your base domain name. You must use an A record.
While they may allow you to add that record, it's nonsensical to do so, and resolvers will not be able to do anything useful with it.
You have to do it the other way around - use a cname record for "www" to point it to the base name. Use an A record for the base name.
But I find it easier (and it's ever so slightly faster for users) to simply use an A record for both the base name and www. "

The latter is what I have always done too (although I know you can CNAME the www tp point to the base name). But as my SSL certificate references "www.domain", I want to redirect from base name to www.domain.
0
 
xtermCommented:
Yes, ISC BIND will gripe about using a CNAME from base name to www name, but it will still work if you choose to do it that way.  That being said, that is why I presented the alternative which is to do a base name A record to the IP of the server.

The only problem with that is that if you put a ServerAlias on the www.domain.com VirtualHost for domain.com, then the URL string won't change for client.

However, if that is a problem for you, you can always create a content-less VirtualHost on the server for domain.com, and then just put a single .htaccess in the root which contains the identical rewrite that I gave you previously.

There's a lot of ways to skin this cat :)
0
Restore individual SQL databases with ease

Veeam Explorer for Microsoft SQL Server delivers an easy-to-use, wizard-driven interface for restoring your databases from a backup. No expert SQL background required. Web interface provides a complete view of all available SQL databases to simplify the recovery of lost database

 
PaliTreeAuthor Commented:
Sorry xterm - I have problems with your proposed solutions.

1) I may be wrong, but your suggestion for .htaccess looks less than ideal. If the request is for https://domain.com that will needlessly redirect to the same URL? If so, I don't like that.

2) I have asked for a .htaccess solution. If there was a simple DNS solution, then OK I'm open to that. But I'm not happy with something that "will still work" even though not technically correct. And I certainly don't want to create a content-less virtual host.
0
 
xtermCommented:
[in httpd.conf]
NameVirtualHost 1.1.1.1

<VirtualHost 1.1.1.1:80>
  ServerName www.yourdomain.com
  ServerAlias yourdomain.com
  RewriteEngine On
  RewriteRule ^/(.*)         https://www.mysite.com/$1 [L,R]
<VirtualHost>

Now:
1)  https://domain.com/ is untouched
2)  http://domain.com gets redirected to https://www.domain.com
3) http://www.domain.com gets redirected to https://www.domain.com
4) http://domain.com/html/some_page.html  gets redirected to https://www.domain.com/html/some_page.html

This way doesn't even need the .htaccess file, the rewrite goes into httpd.conf so you don't need to create an empty folder for the site.
Also, you can leave DNS with the base name record = "@ IN A 1.1.1.1" and not mess with a CNAME
I believe this addresses everything you want.
0
 
PaliTreeAuthor Commented:
But I want to use a .htacess file! I don't want to mess with the <virtualhost> definitions.
0
 
xtermCommented:
Okay, then just put that RewriteRule into .htaccess in the root of your site exactly as it appears above.

You will still need to do one of the following:
1)  Put a ServerAlias in your Apache config to tell www.yourdomain.com to answer requests for yourdomain.com
or
2) Create a separate host for yourdomain.com, with it's own .htaccess file (which you said you didn't want to do)

I'm not really sure what else I can tell you - you have all you need to make this happen.
0
 
PaliTreeAuthor Commented:
OK..

I have this partly working now -  base name to www.name

RewriteEngine On
RewriteCond %{HTTP_HOST} !^(.*)\.domain\.com$ [NC]
RewriteRule ^(.*)$ https://www.domain.com/$1 [R=301,L]

But whilst this seems to work fine like this:
https://domain.com/index.html >> https://www.domain.com/index.html

It does not seem to work for CGI scripts:
https://domain.com/cgi-bin/test.cgi does not go  https://www.domain.com/cgi-bin/test.cgi

I wonder why not?
0
 
xtermCommented:
You have an extra "$" sign in your ruleset after the search pattern.

It should be:
RewriteRule ^/(.*)         https://www.mysite.com/$1 [R=301,L]

You have:
RewriteRule ^(.*)$ https://www.domain.com/$1 [R=301,L]

See if that fixes it?
0
 
PaliTreeAuthor Commented:
That seems to make no difference.

But then I thought - if the .htaccess is in the document root, a request for domain/cgi-bin may not get intercepted. So I tried putting the .htaccess in both the virtual server top-level directory and in the cgi-bin directory. But in either of those locations it doesn't work at all. (Whereas at least in the document root it does redirect https://domain to https://www.domain).
0
 
xtermCommented:
I just tested this and the verbatim rule below that I gave you right from the start works perfectly in every directory from the top one, all the way down.  Please comment out your RewriteCond rule, and clone my line and try again
RewriteEngine On
RewriteRule ^(.*) https://www.mysite.com/$1 [L,R]

Open in new window

0
 
PaliTreeAuthor Commented:
With this rule - does a request for "https://www.domain.com/index.html" get re-written to "https://www.domain.com/index.html"? (i.e. needlessly)

If so - I don't want it (as I have said earlier).
0
 
xtermCommented:
This should be in the DocumentRoot of your plain text site, which will redirect them to the SSL site.  If they go to the SSL site to start with, there will be no needless redirection.

Are both your plain and encrypted sites sharing one DocumentRoot?
0
 
xtermCommented:
If so, simply do this instead, and then you won't redirect anybody who is already using SSL
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*) https://www.mysite.com/$1 [L,R]

Open in new window

0
 
PaliTreeAuthor Commented:
Thanks - but I'm still  having problems.

I am now using separate directories for regular & ssl HTML. So I have this:
server root:
   /cgi-bin
   /public_html
   /publics_html

Now I CAN put .htaccess in. say, publics_html and it will redirect https://domain/index.html to https://www.domain/index.html. But it will NOT redirect https://domain/cgi-bin/test.cgi to https://www.domain/cgi-bin/test.cgi (and that applies to all your .htaccess solutions as well as the ones I have used).

Well that's not surprising as the .htaccess file is not in the path of the request.

But if I put the .htaccess file in the site root - it never has any effect at all. And I think that is the crux of the problem I have. And that includes your suggestion of:

RewriteEngine On
RewriteRule ^(.*) https://www.buddydata.com/$1 [L,R]

(Which I wouldn't want as a permanent solution in the site root in any case)
0
 
xtermCommented:
The reason it won't work by putting a .htaccess file in the parent directory of cgi-bin, public_html and publics_html is that directory is NOT the site root.  It may be the Apache installation root, but Apache does not even look into that parent directory.  It only looks in your defined DocumentRoot directories (and honors everything below them with the exception being that lower-level .htaccess files can override higher ones if necessary and permitted)

So, you will need a .htaccess file in publics_html because that is the site root of your SSL site.

Since cgi-bin is a "special" directory, it has .htaccess turned off by default most likely, see httpd.conf:

#
# "/var/www/cgi-bin" should be changed to whatever your ScriptAliased
# CGI directory exists, if you have that configured.
#
<Directory "/var/www/cgi-bin">
    AllowOverride None
    Options None
    Order allow,deny
    Allow from all
</Directory>

You have two options to handle redirects for that directory.  You can change the line above to:

  AllowOverride FileInfo

And then just drop your .htaccess file directly into /cgi-bin

Or, you can actually put a new RewriteRule directly into httpd.conf:

   RewriteEngine On
   RewriteCond %{HTTPS} off
   RewriteRule ^/cgi-bin/(.*) https://www.mysite.com/cgi-bin/$1 [L,R]
0
 
PaliTreeAuthor Commented:
Ah yes - that should do it: "AllowOverride FileInfo"

Thanks.
0
 
PaliTreeAuthor Commented:
Done
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 9
  • 9
Tackle projects and never again get stuck behind a technical roadblock.
Join Now