Home > Software design >  htaccess file for http to https redirection does not work
htaccess file for http to https redirection does not work

Time:11-30

I have a problem and can't understand wht it does not work...

  • I have a website in www.example.com/FOLDER
  • I try to create a http to https htaccess file (of course my server supports it)
  • So i create an .htaccess file in the FOLDER subir as so:
RewriteEngine On  
 RewriteCond %{HTTPS} off  
 RewriteRule FOLDER/(.*) https://www.example.com/FOLDER/$1 [R,L]

but it does not work: if I browse to http://www.example.com/FOLDER/index.php, it remains in http, it is not redirected to https://...

I also tried

RewriteCond %{HTTPS} off  
RewriteCond %{REQUEST_URI} FOLDER 
RewriteRule FOLDER/(.*) https://www.example.com/FOLDER/$1 [R,L]

but still no luck...

If i try:

RewriteCond %{HTTPS} off   
RewriteRule (.*) https://www.example.com/FOLDER/$1 [R,L]

the server replies error: too many redirects... (which I dont understand since the redirect should go in https and so the condition should not apply the 2nd time...)

If I do all that stuff in an .htaccess file in the root directory I still have the same problems...

BUT, if I do

http://www.example.com/FOLDER/SUBFOLDER

then it works and sends me to

https://www.example.com/FOLDER/SUBFOLDER

What am I missing??

Additional data requested:

SERVER:

[PHP_INI_SCAN_DIR] => :/web/htdocs/www.example.com/php.d
    [PORTID] => 10018
    [DOMAINNAME] => www.example.com
    [APACHE_MAX_SPARE] => 3
    [WORKERS] => 35
    [APACHE_THREADS] => 5
    [PM_MAX_CHILDREN] => 40
    [SUPERVISOR_GROUP_NAME] => php-fpm
    [PATH] => /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
    [PM_MAX_REQUESTS] => 1000
    [HOME] => /root
    [PM_PROCESS_IDLE_TIMEOUT] => 60s
    [LANG] => en_US.utf8
    [TERM] => xterm
    [SUPERVISOR_SERVER_URL] => unix:///var/run/supervisor/supervisor.sock
    [APACHE_SERVER_LIMITS] => 8
    [SHLVL] => 0
    [SUPERVISOR_ENABLED] => 1
    [GROUPNAME] => 18729849
    [PM] => dynamic
    [USERNAME] => 18729849
    [APACHE_MIN_SPARE] => 1
    [SUPERVISOR_PROCESS_NAME] => php-fpm
    [MAINDOMAINNAME] => www.example.com
    [APACHE_MAX_WORKERS] => 40
    [HOSTNAME] => webxc250s02.ad.xxxx.xx
    [APACHE_START_SERVERS] => 1
    [PWD] => /
    [SCRIPT_NAME] => /ser.php
    [REQUEST_URI] => /ser.php
    [QUERY_STRING] => 
    [REQUEST_METHOD] => GET
    [SERVER_PROTOCOL] => HTTP/1.0
    [GATEWAY_INTERFACE] => CGI/1.1
    [REMOTE_PORT] => 10410
    [SCRIPT_FILENAME] => /web/htdocs/www.example.com/home/ser.php
    [SERVER_ADMIN] => [email protected]
    [CONTEXT_DOCUMENT_ROOT] => /web/htdocs/www.example.com/home/
    [CONTEXT_PREFIX] => 
    [REQUEST_SCHEME] => http
    [DOCUMENT_ROOT] => /web/htdocs/www.example.com/home/
    [REMOTE_ADDR] => nnn
    [SERVER_PORT] => 80
    [SERVER_ADDR] => nnn
    [SERVER_NAME] => www.example.com
    [SERVER_SOFTWARE] => Apache
    [SERVER_SIGNATURE] =>      
    [HTTP_ACCEPT_LANGUAGE] => it-IT,it;q=0.9,en-US;q=0.8,en;q=0.7,la;q=0.6,pt;q=0.5,fr;q=0.4,de;q=0.3,es;q=0.2
    [HTTP_ACCEPT_ENCODING] => gzip, deflate, br
    [HTTP_SEC_CH_UA_PLATFORM] => "Windows"
    [HTTP_SEC_CH_UA_MOBILE] => ?0
    [HTTP_SEC_CH_UA] => " Not A;Brand";v="99", "Chromium";v="96", "Google Chrome";v="96"
    [HTTP_SEC_FETCH_DEST] => document
    [HTTP_SEC_FETCH_USER] => ?1
    [HTTP_SEC_FETCH_MODE] => navigate
    [HTTP_SEC_FETCH_SITE] => none
    [HTTP_ACCEPT] => text/html,application/xhtml xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
    [HTTP_USER_AGENT] => Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
    [HTTP_UPGRADE_INSECURE_REQUESTS] => 1
    [HTTP_CONNECTION] => close
    [HTTP_X_FORWARDED_PROTO] => https
    [HTTP_X_FORWARDED_PORT] => 443
    [HTTP_X_REAL_IP] => nnn
    [HTTP_HOST] => www.example.com
    [proxy-nokeepalive] => 1
    [HTTPS] => on
    [UNIQUE_ID] => xxx
    [FCGI_ROLE] => RESPONDER
    [PHP_SELF] => /ser.php
    [REQUEST_TIME_FLOAT] => 1638222363.152
    [REQUEST_TIME] => 1638222363

.htaccess in the root

Options  Indexes  

ErrorDocument 401 default

RewriteEngine On
   
RewriteRule ^$  https://www.example.com/index.php [QSA,L,R=301]
  
RewriteCond %{REQUEST_URI} ^/admin [NC]
RewriteRule (.*) $1 [QSA,L]
   
RewriteCond %{REQUEST_URI} !^admin [NC]
RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule (.*) $1 [QSA,L]
#RewriteRule ^(. ) - [PT,L] 
  
RewriteCond %{REQUEST_URI} nologin
RewriteRule ^(.*)/nologin$ https://www.example.com/$1?nologin [QSA,L,R]
 
RewriteCond %{REQUEST_URI} login
RewriteRule ^(.*)/login$ https://www.example.com/$1?login [QSA,L,R]
  
RewriteRule ^(.*)\.png$ - [L] 
RewriteRule ^(.*)\.jpg$ - [L] 
RewriteRule ^(.*)\.gif$ - [L]  
RewriteRule ^(.*)\.ico$ - [L] 
RewriteRule ^(.*)\.ico$ - [L]  
RewriteRule ^(.*)\.txt$ - [L]   
RewriteRule ^(.*)\.xml$ - [L]  
RewriteRule ^(.*)\.php$ - [L]    
 
RewriteRule ^home$ my.php?layout= [QSA,L]
RewriteRule ^home/$ my.php?layout= [QSA,L]
RewriteRule ^home/([^/]*)$ my.php?layout=$1 [QSA,L]
RewriteRule ^home/([^/]*/)$ my.php?layout=$1 [QSA,L]
RewriteRule ^home/([^/]*)/(.*)$ my.php?layout=$1&page=$2 [QSA,L] 
RewriteRule ^([^/]*)$ my.php?e3=$1 [QSA,L]
RewriteRule ^([^/]*)/$ my.php?e3=$1 [QSA,L]
RewriteRule ^([^/]*)/([^/]*)$ my.php?e3=$1&layout=$2 [QSA,L]
RewriteRule ^([^/]*)/([^/]*)/$ my.php?e3=$1&layout=$2 [QSA,L]
RewriteRule ^([^/]*)/([^/]*)/(.*)$ my.php?e3=$1&layout=$2&page=$3 [QSA,L]
RewriteRule ^(.*) we.php?layout=default [L]

ErrorDocument 404 /errors/404.html

CodePudding user response:

[HTTP_X_FORWARDED_PROTO] => https
[HTTP_X_FORWARDED_PORT] => 443
[HTTP_X_REAL_IP] => nnn
:
[HTTPS] => on

You are evidently behind a proxy server of some kind. It is unclear here whether HTTPS is the Apache server variable or an environment variable of the same name, set by your system. I assume the later, since you were getting a redirect-loop when testing against %{HTTPS} off in Apache.

If you are wanting to apply this only to the /FOLDER/ subdirectory then create a /FOLDER/.htaccess file and try the following:

# /FOLDER/.htaccess

RewriteEngine On

# Redirect HTTP to HTTPS
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^ https://www.example.com%{REQUEST_URI} [R,L]

This tests the X-Forwarded-Proto HTTP request header which is set by an intermediary proxy. This rule should only be used if you are behind a proxy server (as appears to be the case), since this header could otherwise be faked.

This should ultimately be a 301 (permanent) redirect, so change R to R=301 once you have confirmed this works as intended.

Note that mod_rewrite directives are not inherited (by default) so the mod_rewrite directives in the root .htaccess file are not processed.

Page link:https//www.codepudding.com/Softwaredesign/210178.html

Prev:Optimal way to transfer values from a Map<K, V<List>> to a Map<otherKey, otherValue&l
Next:On which table Subtotal of Item ordered values stored in magento 2 admin?
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding