Improve company productivity with a Business Account.Sign Up

x
?
Solved

force https on all http pages in .htaccess file

Posted on 2012-04-11
11
Medium Priority
?
1,008 Views
Last Modified: 2012-04-11
I have the following code in my wordpress .htaccess file:

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /dev/
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /dev/index.php [L]
</IfModule>

# END WordPress

However, I need to force all of these pages to be over https.  What lines do I add?  So if a user does navigate to any page on my site over port 80, it should automatically serve up that same page but over 443.

Any ideas experts?
0
Comment
Question by:COwebmaster
11 Comments
 
LVL 17

Expert Comment

by:Anuroopsundd
ID: 37833536
In case you wish to force HTTPS for a particular folder you can use:

RewriteEngine On RewriteCond %{SERVER_PORT} 80 RewriteCond %{REQUEST_URI} somefolder RewriteRule ^(.*)$ https://www.domain.com/somefolder/$1 [R,L]


http://stackoverflow.com/questions/1108706/correctly-switching-between-http-and-https-using-htaccess


http://www.besthostratings.com/articles/force-ssl-htaccess.html
0
 
LVL 17

Accepted Solution

by:
Anuroopsundd earned 2000 total points
ID: 37833542
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://domain.com/$1 [R,L]

http://davidwalsh.name/force-secure-ssl-htaccess
0
 
LVL 8

Expert Comment

by:X-treem
ID: 37833549
RewriteEngine On
RewriteCond %{HTTPS} !on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
0
Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 

Author Comment

by:COwebmaster
ID: 37833648
Okay, I tried the following:

RewriteEngine On
RewriteCond %{HTTPS} !on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

However, if type in www.domain.com, it does not redirect to https://www.domain.com

I also tried this:

RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://domain.com/$1 [R,L]

And the page just hangs in the browser.

So, I don't want the user to redirect to any folder or page.  if the user types into the browser to www.domain.com/page-1 or http://www.domain.com/page-1, I want to redirect them to https://www.domain.com/page-1

So whichever page they are on, it converts to https.  Any ideas?
0
 
LVL 17

Expert Comment

by:Anuroopsundd
ID: 37833672
RewriteEngine On
RewriteCond %{SERVER_PORT} !443
RewriteRule (.*) https://www.example.com/[R]
0
 

Author Comment

by:COwebmaster
ID: 37833723
Sorry, that didn't work either.
0
 
LVL 17

Expert Comment

by:Anuroopsundd
ID: 37833731
have you restarted apache after changes?
0
 
LVL 111

Expert Comment

by:Ray Paseur
ID: 37833811
You may be able to do this in PHP, as well.
<?php // RAY_https_only.php
error_reporting(E_ALL);

// DEMONSTRATE HOW TO RESTRICT A SCRIPT SO THAT IT ONLY RUNS BEHIND HTTPS

// IF NOT HTTPS
if (empty($_SERVER["HTTPS"]))
{
    // CONSTRUCT THE HTTPS URL WE WANT, PRESERVING GET VARS
    $my_uri
    = 'https://'
    . $_SERVER["HTTP_HOST"]
    . $_SERVER["REQUEST_URI"]
    ;

    // BAIL OUT WITH 301 AND LOCATION
    header("HTTP/1.1 301 Moved Permanently");
    header("Location: $my_uri");
    exit;
}

// ELSE WE ARE ALREADY IN HTTPS - START SESSION FOR HTTPS ONLY IN ALL SUBDIRECTORIES AND ALL SUBDOMAINS
$x = explode('.', strtolower($_SERVER["HTTP_HOST"]));
$y = count($x);
if ($y == 1) // MAYBE 'localhost'?
{
    $cookie_domain = $x[0];
}
else // SOMETHING LIKE 'www2.atf70.whitehouse.gov'?
{
    // USE THE LAST TWO POSITIONS TO MAKE THE HOST DOMAIN
    $cookie_domain = '.' . $x[$y-2] . '.' . $x[$y-1];
}

$sess_name = session_name();
if (session_start())
{
    // MAN PAGE: http://us2.php.net/manual/en/function.setcookie.php
    setcookie($sess_name, session_id(), NULL, '/', $cookie_domain, TRUE, TRUE);
}

Open in new window

0
 

Author Comment

by:COwebmaster
ID: 37833846
okay, and where would that php page go?

I didn't restart apache.  Do I need to  after making a change to the htaccess file?  So my file is like this:

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /dev/
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /dev/index.php [L]
RewriteCond %{SERVER_PORT} !443
RewriteRule (.*) https://www.domain.com/dev/ [R]
</IfModule>

Is that correct?
0
 

Author Comment

by:COwebmaster
ID: 37833930
Okay, I got it to work.  I placed the following in my functions.php page:

//force redirect to secure page
if($_SERVER['SERVER_PORT'] != '443') { header('Location: https://'.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']); exit(); }

That forced every page to https.
0
 

Author Closing Comment

by:COwebmaster
ID: 37833940
I got my php solution on David Walsh's site.  Thanks Anuroopsundd!
0

Featured Post

The 14th Annual Expert Award Winners

The results are in! Meet the top members of our 2017 Expert Awards. Congratulations to all who qualified!

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

If you are a web developer, you would be aware of the <iframe> tag in HTML. The <iframe> stands for inline frame and is used to embed another document within the current HTML document. The embedded document could be even another website.
Ecommerce has truly become one of the most prosperous ways of monetizing your brand on the Internet. However, when it comes to it, auditing is undoubtedly the lifeblood of this type of business.  This article will help you to conduct your ecommerce …
The purpose of this video is to demonstrate how to set up the permalinks on a WordPress Website. This will be demonstrated using a Windows 8 PC. Go to your WordPress login page. This will look like the following: mywebsite.com/wp-login.php : Go t…
The viewer will learn how to count occurrences of each item in an array.

602 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question