How To Re-direct all Traffic to "WWW" Apache

Tessando
Tessando used Ask the Experts™
on
I am running Amazon Linux with Apache (for a Wordpress installation) and I'd like to redirect all traffic to the "WWW" instance of my site.

So, if someone types in "sitename.com" I'd like Apache to redirect them to "www.sitename.com".

Thanks for your help
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Sr. Network / Systems Admin
Commented:
Assuming you have mod rewrite enabled in apache, and have configured your httpd.conf to allow .htaccess, you would then create an .htaccess file in your web root (base directory your site is pointing to), and place this in that .htaccess file:

RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]

Open in new window

Dr. KlahnPrincipal Software Engineer

Commented:
We've discussed this issue over the last year several times and it would be worth while to look up those discussions.  It is not as simple as it seems.

HTTP requests must be redirected via HTTP.  HTTP requests cannot be redirected to HTTPS due to the lack of previous negotiation.  HTTPS requests must be redirected via HTTPS.  So the actual rewrite rule is more complicated that it would appear.
TessandoIT Administrator

Author

Commented:
Kent's solution worked for now. This is just a simple Wordpress site in AWS. Thank you for your contribution and pointing me in the right direction. I will be reading those discussions as Dr. Klahn mentioned for my own understanding. Thanks again.
David FavorFractional CTO
Distinguished Expert 2018

Commented:
As Dr. Klahn suggested, the first step is having a correctly configured HTTPS setup...

To me this includes, HTTP2 + HTTPS (HSTS + OSCP Stapling) + Brotli. This combination produces HTTPS speed which runs circles around most HTTP setups.

The next step is configuring a site to avoid any duplicate content penalties from indexes, especially Google.

Use to be having HTTP + HTTPS or www hosts return content was acceptable. These days are long gone. If you make this mistake you'll have a functional setup + zero SEO traction in any index.

The following is the template I use for many 1000s of sites, which makes use of LetsEncrypt.org for cert generation, as LetsEncrypt certs can be auto renewed forever via a simple CRON job, to reduce renewal work to zero.

<VirtualHost *:80>
   ServerName  www.WEBSITE
   ServerAdmin support@WEBSITE
   RewriteEngine on
   RewriteCond %{HTTP_HOST} ^www\.(.+) [NC]
   RewriteRule ^(.*)$ https://%1%{REQUEST_URI} [NC,L,R=302]
   Include logging.conf
</VirtualHost>

<VirtualHost *:80>
   ServerName  WEBSITE
   ServerAdmin support@WEBSITE
   RewriteEngine on
   RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [NC,L,R=302]
   Include logging.conf
</VirtualHost>

<IfModule mod_ssl.c>

   <VirtualHost *:443>

      ServerName  www.WEBSITE
      ServerAdmin support@WEBSITE

      RewriteEngine on
      RewriteCond %{HTTP_HOST} ^www\.(.+) [NC]
      RewriteRule ^(.*)$ https://%1%{REQUEST_URI} [L,R=302]

      Include logging.conf

      SSLEngine on
      SSLUseStapling on

      SSLCertificateFile    /etc/letsencrypt/live/WEBSITE/fullchain.pem
      SSLCertificateKeyFile /etc/letsencrypt/live/WEBSITE/privkey.pem

      # Enable HTTP Strict Transport Security with a 2 year duration
      Header always set Strict-Transport-Security "max-age=63072000; preload"

   </VirtualHost>

   <VirtualHost *:443>

      ServerName  WEBSITE
      ServerAdmin support@WEBSITE

      DocumentRoot /sites/OWNER/WEBSITE/TYPE

      <Directory /sites/OWNER/WEBSITE/TYPE>
          Options +Indexes +FollowSymLinks
          AllowOverride All 
          Require all granted
      </Directory>

      Include logging.conf

      SSLEngine on
      SSLUseStapling on

      SSLCertificateFile    /etc/letsencrypt/live/WEBSITE/fullchain.pem
      SSLCertificateKeyFile /etc/letsencrypt/live/WEBSITE/privkey.pem

      # Enable HTTP Strict Transport Security with a 2 year duration
      Header always set Strict-Transport-Security "max-age=63072000; preload"

   </VirtualHost>

</IfModule>

Open in new window


This approach also organizes sites using an OWNER concept which might be a project, account, client, whatever.

Notice the 302 redirects, rather than 301 redirects.

Beware of guides which suggest 301 redirects, as many small fortunes have been lost from using 301s rather than 302s, as 301s cache in browsers forever, making it impossible to change a redirect target.
David FavorFractional CTO
Distinguished Expert 2018

Commented:
Just noticed an update was made while I was typing.

Kent's solution is minimally sufficient.

To maximize income via 100% flexibility for any future changes, best use a template similar to what I posted.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial