Solved

.htaccess  redirecting link to home page

Posted on 2013-01-04
14
310 Views
Last Modified: 2013-02-10
Hi,
I need help with my .htaccess file, all works well execpt if I try the following link

www.mywebsite.com.au/admin/view_upd_order.php?order_id=45

I get redirected to my home page

https://www.mywebsite.com.au/index.php

if I take out the 2 lines below all works OK but I lose the ability to force users to the SSL site?
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}


Any ideas what I am doing wrong?

Thanks for your help.

SetEnv PHPRC /home/mywebsite/public_html
Options +FollowSymLinks
Options +Indexes
RewriteEngine On
RewriteCond %{HTTP_HOST} !^www.mywebsite.com.au$ [NC]
RewriteRule ^(.*)$ https://www.mywebsite.com.au/$1 [L,R=301] 
RewriteRule ([0-9]+)(.*)\.html$ index.php?page_id=$1
ErrorDocument 404 http://www.mywebsite.com.au/index.php

RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

RedirectMatch permanent ^/show/?$  http://www.mywebsite.com.au/showme.php
RedirectMatch permanent ^/showme/?$  http://www.mywebsite.com.au/showme.php

Open in new window

0
Comment
Question by:sabecs
  • 6
  • 5
  • 3
14 Comments
 
LVL 57

Expert Comment

by:giltjr
ID: 38747129
Need to look at it more, but I would suggest changing:

     ErrorDocument 404 http://www.mywebsite.com.au/index.php

To:

     ErrorDocument 404 https://www.mywebsite.com.au/index.php

If you really want to force all traffic to https.
0
 
LVL 50

Expert Comment

by:Steve Bink
ID: 38747203
My guess is that the forced SSL is rewriting the URL improperly, and it is then being picked up by the 404 rule.  You'll need to turn on mod_rewrite's log functionality to verify what is actually being tested.  Use "RewriteLogLevel 9" and post a single attempt to browse to the affected URL.
0
 
LVL 57

Assisted Solution

by:giltjr
giltjr earned 333 total points
ID: 38747229
I would also change your:

RedirectMatch permanent ^/show/?$  http://www.mywebsite.com.au/showme.php
RedirectMatch permanent ^/showme/?$  http://www.mywebsite.com.au/showme.php

To go to https.  If you want to force SSL, then every redirect/rewrite you do should use https and not http.

I not so sure that your http rewrite rule is correct.  There are many different ways to for SSL, and I have seen a lot of then, not all, but a lot.  This was the 1st time I saw the way you are doing it.  I did find at least one place that had that way as an example so I must assume it works, but as routinet suggested, enabled logging and see what is going on.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 50

Assisted Solution

by:Steve Bink
Steve Bink earned 167 total points
ID: 38747512
>>> To go to https.  If you want to force SSL, then every redirect/rewrite you do
>>> should use https and not http.
>>> I not so sure that your http rewrite rule is correct.

While I think the rule will function as expected, I believe the logic of that particular approach is redundant.  It is checking to see if the server's internal HTTPS state is off or on.  Inside a normal port 80 vhost, that should always be off, and would therefore always be applied.  The rule I use for this same concept (as noted, this would be inside a port 80 vhost):

RewriteRule /?(.*) https://mydomain.com/$1 [R,L,QSA]

The difference here is that the above rule will forward *all* requests to the SSL version of the site, absent any other considerations.  The original rule will not fire if, somehow, an SSL-enabled request gets through to your "normal" site.  This rule is normally placed at the top of my list of rules, following only the rule that forbids the TRACE method.

The other consideration is that these rules are going into an .htaccess file, which is outside any specific <VirtualHost> container.  If you do not have access to the server's conf files, the existing rule is probably the better bet.
0
 

Author Comment

by:sabecs
ID: 38747615
Thanks for your help, very much appreciated.
I tried RewriteLogLevel 9 but received a server config error.

www.mywebsite.com.au/admin/view_upd_order.php?order_id=45

I did notice that the admin directory is password protected and the .htaccess file contains the following,

AuthUserFile "/home/mywebsite/.htpasswds/public_html/admin/passwd"
AuthName "Admin's Only"
AuthType Basic
require valid-user

If I remove it then link appears to work ok, so would I need to also change this .htaccess file?
0
 
LVL 50

Expert Comment

by:Steve Bink
ID: 38748340
The RewriteLogLevel directive must go in the server or virtual host conf file.  It can not be used in an htaccess file.  Without access to the rewrite log, further troubleshooting will be difficult.
0
 
LVL 57

Expert Comment

by:giltjr
ID: 38748411
Is there anything else in the .htaccess file for the admin directory?

Does your other .htaccess file work for URL's that don't need access to the admin directory?
0
 

Author Comment

by:sabecs
ID: 38749277
Thanks again for your help, there is nothing else in the .htaccess file for the admin directory and all other folders and links appear to work ok.

I just tried http://www.mywebsite.com.au/admin & www.mywebsite.com.au/admin and both of these get redirected to https://www.mywebsite.com.au/index.php also, but https://www.mywebsite.com.au/admin is OK..
0
 
LVL 57

Expert Comment

by:giltjr
ID: 38749313
When you go to http://www.mywebsite.com.au/admin are you prompted for a userid and password?
0
 

Author Comment

by:sabecs
ID: 38749334
If I got to http://www.mywebsite.com.au/admin I am not prompted for a password, just get redirected to home page, only get prompted if I use https://
0
 
LVL 57

Expert Comment

by:giltjr
ID: 38749345
Umm, I got to re-read. I thought that .htaccess files were supposed to processed "lowest" to highest", meaning if I had

/.htaccess
/admin/.htaccess

that the one in /admin would be processed first then the on in /.  I would expect you to be prompted.

What happens if you specific the full "admin" url of the default page?  Meaning something like /admin/index.php.
0
 

Author Comment

by:sabecs
ID: 38749467
0
 
LVL 57

Accepted Solution

by:
giltjr earned 333 total points
ID: 38749494
Although I don't think it should matter can you try using:



RewriteEngine On
RewriteCond %{HTTP_HOST} !^www.mywebsite.com.au$ [NC]
RewriteRule ^(.*)$ https://www.mywebsite.com.au/$1 [L,R=301]
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
RewriteRule ([0-9]+)(.*)\.html$ index.php?page_id=$1
ErrorDocument 404 http://www.mywebsite.com.au/index.php
0
 

Author Comment

by:sabecs
ID: 38749606
Thanks giltjr, I tried your suggestion but same again...
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In my time as an SEO for the last 2 years and in the questions I have assisted with on here I have always seen the need to redirect from non-www urls to their www versions. For instance redirecting http://domain.com (http://domain.com) to http…
In Solr 4.0 it is possible to atomically (or partially) update individual fields in a document. This article will show the operations possible for atomic updating as well as setting up your Solr instance to be able to perform the actions. One major …
In this video I am going to show you how to back up and restore Office 365 mailboxes using CodeTwo Backup for Office 365. Learn more about the tool used in this video here: http://www.codetwo.com/backup-for-office-365/ (http://www.codetwo.com/ba…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

816 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now