?
Solved

.htacces, redirect http to https

Posted on 2014-04-18
3
Medium Priority
?
363 Views
Last Modified: 2014-04-29
I'm hoping this one is easy.

Here is our current .htaccess file

AddType application/octet-stream .ova

RewriteEngine on
# do not do anything for already existing files
RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -l [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule .+ - [L]

# Handle redirection to routes
RewriteRule     ^public/(.*) app/routes/public/$1 [L]
RewriteRule     ^admin/(.*) app/routes/admin/www/$1 [L]
RewriteRule     ^adminv2/(.*) app/routes/adminv2/www/$1 [L]

# Handle framework requests
RewriteRule ^(.*)$ app/routes/public/$1  [L]
AddType x-httpd-php53 .php

Open in new window


It redirects all requests to a CMS file which handles displaying the correct page. We've also got stuff in there which allows links to direct files to work.

I'm trying to force all http requests to https, however when I try to add it, it either breaks links to direct files, breaks the CMS, or forces the browser into a loop.

The rules I think we need to add are; the first rule redirects non-www to www, the second I think should handle the redirection of http.

RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^(.*)$ http://www.voip-sec.com/$1 [L,R=301]

RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://www.voip-sec.com/$1 [L,R=301]

Open in new window


but I seem to be unable to get them to work correctly with the existing rules.
0
Comment
Question by:SheppardDigital
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 35

Expert Comment

by:gr8gonzo
ID: 40008744
1. Check out my article on .htaccess - it might be helpful:
http://www.experts-exchange.com/Software/Server_Software/Web_Servers/Apache/A_10732-The-Basics-of-htaccess-Files-and-URL-Redirection.html

2. If you've added those rules to the end, then any previous rules that "hit" will keep your new rules from being executed, because of the "L" flag which indicates the Last Rule (my article covers this), so try adding them above the other rules.

3. I would suggest making your first "non-www-to-www" rule also redirect them to https at the same time so you avoid a second redirect.
0
 

Author Comment

by:SheppardDigital
ID: 40009332
Thanks, I've amended the .htaccess file to this...

AddType application/octet-stream .ova

RewriteEngine on

RewriteCond %{HTTP_HOST} !^www.voip-sec.com$ [NC]
RewriteRule ^(.*)$ https://www.voip-sec.com/$1 [R]

RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://www.voip-sec.com/$1 [L,R=301]

# do not do anything for already existing files
RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -l [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule .+ - [L]

# Handle redirection to routes
RewriteRule     ^public/(.*) app/routes/public/$1 [L]
RewriteRule     ^admin/(.*) app/routes/admin/www/$1 [L]
RewriteRule     ^adminv2/(.*) app/routes/adminv2/www/$1 [L]

# Handle framework requests
RewriteRule ^(.*)$ app/routes/public/$1  [L]
AddType x-httpd-php53 .php

Open in new window


My reasoning is I'm saying if HTTPS is off, then redirect to the https URL using a redirect and the L flag to stop processing further rules. In theory I think this should work, however it sends the script in a redirect. The URL does indeed change to https but it's like the .htaccess file doesn't see the https in the URL and constantly tries to redirect.

I did try using PHP to do this, but I believe some setting on the server always returns port 80 as the port regardless of whether the protocol is http or https. I'm not sure if this could be the cause of the problem?
0
 
LVL 35

Accepted Solution

by:
gr8gonzo earned 2000 total points
ID: 40009648
Try changing your HTTPS condition from "off" to "!=on"
0

Featured Post

Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As Wikipedia explains 'robots.txt' as -- the robot exclusion standard, also known as the Robots Exclusion Protocol or robots.txt protocol, is a convention to prevent cooperating web spiders and other web robots from accessing all or part of a websit…
If you are a web developer, you would be aware of the <iframe> tag in HTML. The <iframe> stands for inline frame and is used to embed another document within the current HTML document. The embedded document could be even another website.
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Suggested Courses
Course of the Month7 days, 19 hours left to enroll

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question