Wild card redirection for HTTPS and Non-www version

htaccess https
27,165

Solution 1

Looks like you didn't "escape" the slashes in your directive. Putting backslashes before any / . or : should make it work. Also adding the ^ ("begins with") and $ ("ends with") on the wildcard helps. Here is what we use:

Standard Domain: Perhaps there is a consolidated way, but this snippet should work for a standard domain. Change the target of the first RewriteRule to https if you need all to https mode:

RewriteCond %{HTTP_HOST} ^example\.com$
RewriteRule ^(.*)$ "http\:\/\/www\.example\.com\/$1" [R=301,L]

RewriteCond %{HTTPS_HOST} ^example\.com$
RewriteRule ^(.*)$ "https\:\/\/www\.example\.com\/$1" [R=301,L]

Addon Domain: If you are trying to do this with an "addon domain", and want to redirect the subdomain utility scheme, this would do that. Again, change the target of first directive to https and it should force SSL:

RewriteCond %{HTTP_HOST} ^addondomain\.example\.com$ [OR]
RewriteCond %{HTTP_HOST} ^www\.addondomain\.example\.com$ [OR]
RewriteCond %{HTTP_HOST} ^addondomain\.com$
RewriteRule ^(.*)$ "http\:\/\/www\.addondomain\.com\/$1" [R=301,L]

RewriteCond %{HTTPS_HOST} ^addondomain\.example\.com$ [OR]
RewriteCond %{HTTPS_HOST} ^www\.addondomain\.example\.com$ [OR]
RewriteCond %{HTTPS_HOST} ^addondomain\.com$
RewriteRule ^(.*)$ "https\:\/\/www\.addondomain\.com\/$1" [R=301,L]

Hope that helps!

Solution 2

A few assumptions:

  1. Everything should be redirected to HTTPS
  2. Only the apex domain should be redirected to the www subdomain. Subdomains are not redirected to the www sub-subdomain. ie. subdomain.example.com is not redirected to www.subdomain.example.com.
  3. Your SSL cert covers the main subdomain, www subdomain and all subdomains.
  4. Your SSL cert is installed on the application server, not a front-end proxy.

Try something like the following using mod_rewrite in the root .htaccess file:

RewriteEngine On

# Redirect the apex domain to www subdomain (ensure HTTPS)
RewriteCond %{HTTP_HOST} ^example\.com [NC]
RewriteRule (.*) https://www.%{HTTP_HOST}/$1 [R=301,L]

# Redirect to HTTPS if not already
RewriteCond %{HTTPS} !on
RewriteRule (.*) Https://%{HTTP_HOST}/$1 [R=301,L]

NB: To help with development it is often easier to test with 302 (temporary) redirects, which are not cached by the browser. 301 (permanent) redirects are cached hard by the browser (by default), so can make testing problematic.

Share:
27,165

Related videos on Youtube

SherylHohman
Author by

SherylHohman

JavaScript, React.js, React-Redux, React Native, node.js, git, bash Also: Python 3, Deep Learning, TensorFlow, Keras, numpy, Jupyter notebook Hartman Products: Vice President, CTO Keen interest in education: TA'd for: Hack Reactor Core Telegraph Academy Software Engineering Intensive Prep Course, Rio Vista Library, CSU Sacramento SO ready to help.

Updated on September 18, 2022

Comments

  • SherylHohman
    SherylHohman over 1 year

    I want to enable SSL for my main website and sub-domain websites. For SEO reasons, I need to redirect HTTP requests to HTTPS requests. I think I should do that using a wild card redirect in my .htaccess file, but, I already have a wild card redirect in my htaccess file as follows:

    RewriteCond %{HTTP_HOST} ^mscaspian.com$
RewriteRule (.*) http://www.mscaspian.com/$1 [R=301,L]

    As you can see, that will redirect Non-WWW version of my site to WWW version. I need to know how to utilize Both Redirects for my websites and domain.

    • Simon Hayter
      Simon Hayter over 9 years
      You wouldn't be able to do this on the .htaccess level unless your Domain DNS is setup to support a wildcard. Basically standard DNS will support CNAME and A Record. www = cname, so unless your dns supports cname = * then you can't do that, it'd only work for created CNAMES. Also, what is the purpose of this? seems like your trying to fix a wheel that isn't broken.
    • Admin
      Admin over 9 years
      can you please be more clear about that explanation? i am using cloudflare's name servers. what i'm gonna do is perfectly natural. the redirects including (non-www to www and http to https) are both for the sake of SEO matters.
  • Admin
    Admin over 9 years
    The first one worked perfect for me. thank you! i really need to have some basics of http requests. would you please explain what exactly those 2 directives do? because when i look at the redirects page of Cpanel i only see one redirection. and the second example is brilliant but i don't use Add-on domains, instead i need to know how to set this up for a website ( in my case a wordpress one ) located in a sub-folder. I've read many articles about that process but i want to know whether it is possible through Htaccess, too.
  • dhaupin
    dhaupin over 9 years
    I wouldnt trust what cPanel says about redirects you make manually in HT. Basically it looks for any derivative and pushes URL to www mode, then puts the original URi at the end of that. As far as redirecting wordpress goes, it should be possible with HT. How are you pointing your domain relative to the wordpress install folder? Do you use an A record or is it sitting right in folder? And do you want to mask the install folder in WP URL?
  • Admin
    Admin over 9 years
    well i'm not using A record for websites in sub-folders. each site is in its own folder. if your meaning by "masking the install folder" is that to change the install folder and yet keep the website accessible on its address then it will be good to do that, if that won't make it complicated to redirect. the reason why i need to redirect wordpress site through HT is that that way all the files (js, css, images etc) will also load through https.
  • freedev
    freedev almost 7 years
    HTTPS_HOST does not exist.
  • MrWhite
    MrWhite over 6 years
    "Looks like you didnt escape the slashes..." - Slashes, dots and colons don't need to be escaped in the RewriteRule substitution - it's an ordinary string. But slashes and colons don't need to be escaped in mod-rewrite regex either. (cPanel escapes everything - but that's just cPanel.) "Also adding the ^ and $ on the wildcard helps." - that's entirely optional, it doesn't "help" the regex. And as freedev suggests, HTTPS_HOST is either very non-standard, or a typo? (TBH, it looks like a typo, the standard vars are HTTP_HOST and HTTPS.)
  • Klaaz
    Klaaz about 5 years
    Great solution! Just add a forward to a non www domain and it will be perfect!

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

HTTP request to an API has been blocked from an HTTPS website
How to redirect HTTPS to HTTP behind proxy (CloudFlare)
How to force ssl and www for a subdomain as an independent domain?
htaccess redirect non-www to www with SSL/HTTPS
Properly force SSL with .htaccess, no double authentication
htaccess force HTTPS except one page
Forcing SSL and www in .htaccess
Forcing HTTPS with .htaccess on site with Wordpress in subfolder
CERTIFICATE_VERIFY_FAILED flutter
flutter URI.https: type 'int' is not a subtype of type 'Iterable<dynamic>' error