Solved

.htaccess  redirecting link to home page

Posted on 2013-01-04
14
308 Views
Last Modified: 2013-02-10
Hi,
I need help with my .htaccess file, all works well execpt if I try the following link

www.mywebsite.com.au/admin/view_upd_order.php?order_id=45

I get redirected to my home page

https://www.mywebsite.com.au/index.php

if I take out the 2 lines below all works OK but I lose the ability to force users to the SSL site?
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}


Any ideas what I am doing wrong?

Thanks for your help.

SetEnv PHPRC /home/mywebsite/public_html
Options +FollowSymLinks
Options +Indexes
RewriteEngine On
RewriteCond %{HTTP_HOST} !^www.mywebsite.com.au$ [NC]
RewriteRule ^(.*)$ https://www.mywebsite.com.au/$1 [L,R=301] 
RewriteRule ([0-9]+)(.*)\.html$ index.php?page_id=$1
ErrorDocument 404 http://www.mywebsite.com.au/index.php

RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

RedirectMatch permanent ^/show/?$  http://www.mywebsite.com.au/showme.php
RedirectMatch permanent ^/showme/?$  http://www.mywebsite.com.au/showme.php

Open in new window

0
Comment
Question by:sabecs
  • 6
  • 5
  • 3
14 Comments
 
LVL 57

Expert Comment

by:giltjr
ID: 38747129
Need to look at it more, but I would suggest changing:

     ErrorDocument 404 http://www.mywebsite.com.au/index.php

To:

     ErrorDocument 404 https://www.mywebsite.com.au/index.php

If you really want to force all traffic to https.
0
 
LVL 50

Expert Comment

by:Steve Bink
ID: 38747203
My guess is that the forced SSL is rewriting the URL improperly, and it is then being picked up by the 404 rule.  You'll need to turn on mod_rewrite's log functionality to verify what is actually being tested.  Use "RewriteLogLevel 9" and post a single attempt to browse to the affected URL.
0
 
LVL 57

Assisted Solution

by:giltjr
giltjr earned 333 total points
ID: 38747229
I would also change your:

RedirectMatch permanent ^/show/?$  http://www.mywebsite.com.au/showme.php
RedirectMatch permanent ^/showme/?$  http://www.mywebsite.com.au/showme.php

To go to https.  If you want to force SSL, then every redirect/rewrite you do should use https and not http.

I not so sure that your http rewrite rule is correct.  There are many different ways to for SSL, and I have seen a lot of then, not all, but a lot.  This was the 1st time I saw the way you are doing it.  I did find at least one place that had that way as an example so I must assume it works, but as routinet suggested, enabled logging and see what is going on.
0
 
LVL 50

Assisted Solution

by:Steve Bink
Steve Bink earned 167 total points
ID: 38747512
>>> To go to https.  If you want to force SSL, then every redirect/rewrite you do
>>> should use https and not http.
>>> I not so sure that your http rewrite rule is correct.

While I think the rule will function as expected, I believe the logic of that particular approach is redundant.  It is checking to see if the server's internal HTTPS state is off or on.  Inside a normal port 80 vhost, that should always be off, and would therefore always be applied.  The rule I use for this same concept (as noted, this would be inside a port 80 vhost):

RewriteRule /?(.*) https://mydomain.com/$1 [R,L,QSA]

The difference here is that the above rule will forward *all* requests to the SSL version of the site, absent any other considerations.  The original rule will not fire if, somehow, an SSL-enabled request gets through to your "normal" site.  This rule is normally placed at the top of my list of rules, following only the rule that forbids the TRACE method.

The other consideration is that these rules are going into an .htaccess file, which is outside any specific <VirtualHost> container.  If you do not have access to the server's conf files, the existing rule is probably the better bet.
0
 

Author Comment

by:sabecs
ID: 38747615
Thanks for your help, very much appreciated.
I tried RewriteLogLevel 9 but received a server config error.

www.mywebsite.com.au/admin/view_upd_order.php?order_id=45

I did notice that the admin directory is password protected and the .htaccess file contains the following,

AuthUserFile "/home/mywebsite/.htpasswds/public_html/admin/passwd"
AuthName "Admin's Only"
AuthType Basic
require valid-user

If I remove it then link appears to work ok, so would I need to also change this .htaccess file?
0
 
LVL 50

Expert Comment

by:Steve Bink
ID: 38748340
The RewriteLogLevel directive must go in the server or virtual host conf file.  It can not be used in an htaccess file.  Without access to the rewrite log, further troubleshooting will be difficult.
0
 
LVL 57

Expert Comment

by:giltjr
ID: 38748411
Is there anything else in the .htaccess file for the admin directory?

Does your other .htaccess file work for URL's that don't need access to the admin directory?
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 

Author Comment

by:sabecs
ID: 38749277
Thanks again for your help, there is nothing else in the .htaccess file for the admin directory and all other folders and links appear to work ok.

I just tried http://www.mywebsite.com.au/admin & www.mywebsite.com.au/admin and both of these get redirected to https://www.mywebsite.com.au/index.php also, but https://www.mywebsite.com.au/admin is OK..
0
 
LVL 57

Expert Comment

by:giltjr
ID: 38749313
When you go to http://www.mywebsite.com.au/admin are you prompted for a userid and password?
0
 

Author Comment

by:sabecs
ID: 38749334
If I got to http://www.mywebsite.com.au/admin I am not prompted for a password, just get redirected to home page, only get prompted if I use https://
0
 
LVL 57

Expert Comment

by:giltjr
ID: 38749345
Umm, I got to re-read. I thought that .htaccess files were supposed to processed "lowest" to highest", meaning if I had

/.htaccess
/admin/.htaccess

that the one in /admin would be processed first then the on in /.  I would expect you to be prompted.

What happens if you specific the full "admin" url of the default page?  Meaning something like /admin/index.php.
0
 

Author Comment

by:sabecs
ID: 38749467
0
 
LVL 57

Accepted Solution

by:
giltjr earned 333 total points
ID: 38749494
Although I don't think it should matter can you try using:



RewriteEngine On
RewriteCond %{HTTP_HOST} !^www.mywebsite.com.au$ [NC]
RewriteRule ^(.*)$ https://www.mywebsite.com.au/$1 [L,R=301]
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
RewriteRule ([0-9]+)(.*)\.html$ index.php?page_id=$1
ErrorDocument 404 http://www.mywebsite.com.au/index.php
0
 

Author Comment

by:sabecs
ID: 38749606
Thanks giltjr, I tried your suggestion but same again...
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

As Wikipedia explains 'robots.txt' as -- the robot exclusion standard, also known as the Robots Exclusion Protocol or robots.txt protocol, is a convention to prevent cooperating web spiders and other web robots from accessing all or part of a websit…
If you are running a LAMP infrastructure, this little code snippet is very helpful if you are serving lots of HTML, JavaScript and CSS-related information. The mod_deflate module, which is part of the Apache 2.2 application, provides the DEFLATE…
This video discusses moving either the default database or any database to a new volume.
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now