Jump to content

confusion with .htaccess coding and SSL


pioneerx01

Recommended Posts

I have a web hosting package what has multiple damins under it, hence there is only .htaccess for all domains in the root directory.

 

Only one of my domains has SSL on it. What I need to do, is force SSL on that domain when users use non SSL link or domain and I need to have www. in the fornt if it is not listed. For example:

 

if the come from mydomain.com they need to go to https://www.mydomain.com

if the come from www.mydomain.com they need to go to https://www.mydomain.com

if the come from mydomain.com/events they need to go to https://www.mydomain.com/events

if the come from www.mydomain.com/events/register.php they need to go to https://www.mydomain.com/events/register.php

 

I have looked on google, but none seem to take into account that I have other domains besides mydomain.com that are not SSL. I need only mydomain.com traffic redirected to SSL not all the domains.

 

Any help would be appreciated

Thanks

Link to comment
Share on other sites

Most are on the lines of

 

RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]

 

or

 

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

 

 

However they all default to the domain listed in the code or domain they requested originally. Yes, I am probably missing just one line that specifies "run only on this URL", but I have never worked with .htaccess code, so I have no idea how to code it porperply.

 

Something like this, but there needs to be OR between the first two conditions. Maybe I should write each independenly?

 

RewriteEngine On

RewriteCond %{HTTP_HOST} domain.com

RewriteCond %{HTTP_HOST} www.domain.com

RewriteCond %{HTTPS} != on

RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

Edited by pioneerx01
Link to comment
Share on other sites

The second argument for RewriteCond is a regular expression, so you just make the www. part optional with a ? quantifier.

RewriteCond %{HTTP_HOST} (www.)?domain.com
There is a way to join the conditions as an OR however, by specifying the [OR] flag after the condition. With that you can take care of both your ssl requirement and you hostname requirement.

RewriteCond %{HTTP_HOST} (www.)?example.com 
RewriteCond %{HTTPS} =off [OR] 
RewriteCond %{HTTP_HOST} !www.example.com
RewriteRule (.*) https://www.example.com$1 [R=301,QSA,L] 
Link to comment
Share on other sites

Again this could be my lack on .htaccess coding knowledge, but should't the code be:

RewriteCond %{HTTPS} =off
RewriteCond %{HTTP_HOST} (www.)?example.com [OR] 
RewriteCond %{HTTP_HOST} !www.example.com
RewriteRule (.*) https://www.example.com$1 [R=301,QSA,L] 

Because the one listed by kicken in above post in my mind reads:

If (HTTP_HOST == “www.example.com” and (HTTPS == “off” OR HTTP_HOST != “www.example.com”)) rewriterule…

So if I come from "example.com" I will not get redirected to SSL

 

I will try the code anyways once it gets later in the evening/early morning. I want to minimaze the number of pottential users during the day that might be effected.

 

Thanks

Link to comment
Share on other sites

Mine would read as:

if (HTTP_HOST matches /(www.)?example.com/ AND (HTTPS=off OR HTTP_HOST does not match /www.example.com/)) redirect
The first line limits the rules to only requests for www.example.com or example.com.

The second line tests if SSL is not enabled

The third line tests if the host is something other than www.example.com (which due to the first condition, could only be example.com)

 

Because the second and third lines are joined with an [OR] tag, if either of them is true (ssl is not enabled OR the host is not www.example.com) it will redirect to www.example.com

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.