Solved

.htacces, redirect http to https

Posted on 2014-04-18
3
354 Views
Last Modified: 2014-04-29
I'm hoping this one is easy.

Here is our current .htaccess file

AddType application/octet-stream .ova

RewriteEngine on
# do not do anything for already existing files
RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -l [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule .+ - [L]

# Handle redirection to routes
RewriteRule     ^public/(.*) app/routes/public/$1 [L]
RewriteRule     ^admin/(.*) app/routes/admin/www/$1 [L]
RewriteRule     ^adminv2/(.*) app/routes/adminv2/www/$1 [L]

# Handle framework requests
RewriteRule ^(.*)$ app/routes/public/$1  [L]
AddType x-httpd-php53 .php

Open in new window


It redirects all requests to a CMS file which handles displaying the correct page. We've also got stuff in there which allows links to direct files to work.

I'm trying to force all http requests to https, however when I try to add it, it either breaks links to direct files, breaks the CMS, or forces the browser into a loop.

The rules I think we need to add are; the first rule redirects non-www to www, the second I think should handle the redirection of http.

RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^(.*)$ http://www.voip-sec.com/$1 [L,R=301]

RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://www.voip-sec.com/$1 [L,R=301]

Open in new window


but I seem to be unable to get them to work correctly with the existing rules.
0
Comment
Question by:SheppardDigital
  • 2
3 Comments
 
LVL 34

Expert Comment

by:gr8gonzo
ID: 40008744
1. Check out my article on .htaccess - it might be helpful:
http://www.experts-exchange.com/Software/Server_Software/Web_Servers/Apache/A_10732-The-Basics-of-htaccess-Files-and-URL-Redirection.html

2. If you've added those rules to the end, then any previous rules that "hit" will keep your new rules from being executed, because of the "L" flag which indicates the Last Rule (my article covers this), so try adding them above the other rules.

3. I would suggest making your first "non-www-to-www" rule also redirect them to https at the same time so you avoid a second redirect.
0
 

Author Comment

by:SheppardDigital
ID: 40009332
Thanks, I've amended the .htaccess file to this...

AddType application/octet-stream .ova

RewriteEngine on

RewriteCond %{HTTP_HOST} !^www.voip-sec.com$ [NC]
RewriteRule ^(.*)$ https://www.voip-sec.com/$1 [R]

RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://www.voip-sec.com/$1 [L,R=301]

# do not do anything for already existing files
RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -l [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule .+ - [L]

# Handle redirection to routes
RewriteRule     ^public/(.*) app/routes/public/$1 [L]
RewriteRule     ^admin/(.*) app/routes/admin/www/$1 [L]
RewriteRule     ^adminv2/(.*) app/routes/adminv2/www/$1 [L]

# Handle framework requests
RewriteRule ^(.*)$ app/routes/public/$1  [L]
AddType x-httpd-php53 .php

Open in new window


My reasoning is I'm saying if HTTPS is off, then redirect to the https URL using a redirect and the L flag to stop processing further rules. In theory I think this should work, however it sends the script in a redirect. The URL does indeed change to https but it's like the .htaccess file doesn't see the https in the URL and constantly tries to redirect.

I did try using PHP to do this, but I believe some setting on the server always returns port 80 as the port regardless of whether the protocol is http or https. I'm not sure if this could be the cause of the problem?
0
 
LVL 34

Accepted Solution

by:
gr8gonzo earned 500 total points
ID: 40009648
Try changing your HTTPS condition from "off" to "!=on"
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction As you’re probably aware the HTTP protocol offers basic / weak authentication, which in combination with the relevant configuration on your web server, provides the ability to password protect all or part of your host.  If you were not…
In Solr 4.0 it is possible to atomically (or partially) update individual fields in a document. This article will show the operations possible for atomic updating as well as setting up your Solr instance to be able to perform the actions. One major …
This Micro Tutorial will teach you how to censor certain areas of your screen. The example in this video will show a little boy's face being blurred. This will be demonstrated using Adobe Premiere Pro CS6.
In a recent question (https://www.experts-exchange.com/questions/28997919/Pagination-in-Adobe-Acrobat.html) here at Experts Exchange, a member asked how to add page numbers to a PDF file using Adobe Acrobat XI Pro. This short video Micro Tutorial sh…

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question