I have the following configuration,
RewriteCond %{HTTPS} !^on$ [nocase,ornext]
RewriteCond %{HTTP_HOST} !^www\. [nocase,ornext]
RewriteCond %{HTTP_HOST} !\.com$ [nocase]
RewriteRule ^(.*)$ https://www.acme.com/$1 [redirect=301,last]
the purpose is to redirect to a canonical URL if the request is either not HTTPS, nor begins with www. or ends with .com.
For being seamlessly compatible with developer engines, I want to exclude all these directives if %{HTTP_HOST} includes, for example, dev.internal or so. In this case the RewriteRule should be skipped immediately. Since the three ORs are evaluated with the higher precedence than an (implicit) AND, I wonder how and where to place my dev.internal exception...
Thanks for any advice!
//edit: hmm... if OR has the higher precendence, shouldn't
RewriteCond %{HTTP_HOST} !internal\. [nocase]
RewriteCond %{HTTP:X-Forwarded-Proto} !^https$ [nocase,ornext]
RewriteCond %{HTTP_HOST} !^www\. [nocase,ornext]
RewriteCond %{HTTP_HOST} !\.com$ [nocase]
RewriteRule ^(.*)$ https://www.acme.com/$1 [redirect=301,last]
work then?
If my understanding of ornext is correct then yes, your way should work (can someone else confirm it?).
Here's another way, if you don't want to rely on that:
RewriteCond %{HTTP_HOST} internal\. [nocase] # If it's an internal host...
RewriteRule .* - [skip=1] # ... skip the next rule (and leave the URL unchanged)
RewriteCond %{HTTP:X-Forwarded-Proto} !^https$ [nocase,ornext]
RewriteCond %{HTTP_HOST} !^www\. [nocase,ornext]
RewriteCond %{HTTP_HOST} !\.com$ [nocase]
RewriteRule ^(.*)$ https://www.acme.com/$1 [redirect=301,last]
Related
I am trying to redirect all requests coming in to the web server as http://portal.company.com/legacy to http://portal.company.com/wps/portal/public/legacy/legacyportlet with the following rule, but it is not working as expected.
RewriteEngine on
RewriteCond %{HTTP_HOST} ^portal\.company\.com$ [NC]
RewriteCond %{REQUEST_URI} ^/legacy$ [NC]
RewriteRule ^(.*)$ /wps/portal/public/legacy/legacyportlet$1 [NC,L,PT]
I have also tried
RewriteCond %{HTTP_HOST} ^portal\.company\.com$ [NC]
RewriteRule ^/legacy /wps/portal/public/legacy/legacyportlet [NC,L,PT]
Any help would be greatly appreciated!
Thanks
It doesn't look like your source or target URLs change in any way, so possibly you're better off using Apache's basic Redirect directive which just redirects one URL to another.
Use this rule:
RewriteCond %{HTTP_HOST} ^portal\.company\.com$ [NC]
RewriteRule ^legacy/?$ /wps/portal/public/legacy/legacyportlet [NC,L]
Remember that in .htaccess RewriteRule doesn't match leading slash of URI.
I'm trying to use mod_rewrite to redirect certain pages to use SSL. For that I have:
RewriteCond %{SERVER_PORT} ^443$
RewriteCond %{REQUEST_URI} !^/login(\.php)?$ [NC]
RewriteCond %{REQUEST_URI} !^/contact-us(\.php)?$ [NC]
RewriteCond %{REQUEST_URI} !^/\..*$
RewriteRule ^(.*)$ http://www.example.com/$1 [R=301,L]
RewriteCond %{HTTP_HOST} !^dev\.example\.com$ [NC]
RewriteCond %{SERVER_PORT} ^80$
RewriteCond %{REQUEST_URI} ^/login(\.php)?$ [NC,OR]
RewriteCond %{REQUEST_URI} ^/contact-us(\.php)?$ [NC]
RewriteRule ^(.+)\.php$ https://www.example.com/$1 [R=301,L]
This works fine, and does exactly what I want it to do.
Later in my .htacess I have a:
RewriteRule ^members/(.+)/change-password$ members/.change-password.php?item=$1 [NC,QSA,L]
So if a URL appears as, for example:
http://www.example.com/members/foo-bar/change-password
Internally it would be processed as:
/members/.change-password.php?item=foo-bar
Again, this works fine and is doing what I want it too.
What I now need to do is include this in my original SSL redirect logic to ensure that any change password requests are redirected to the same URL but over https instead. I've tried:
RewriteCond %{SERVER_PORT} ^443$
RewriteCond %{REQUEST_URI} !^/login(\.php)?$ [NC]
RewriteCond %{REQUEST_URI} !^/contact-us(\.php)?$ [NC]
RewriteCond %{REQUEST_URI} !^/\..*$
RewriteCond %{REQUEST_URI} !^/members/.+/change-password [NC]
RewriteRule ^(.*)$ http://www.example.com/$1 [R=301,L]
RewriteCond %{HTTP_HOST} !^dev\.example\.com$ [NC]
RewriteCond %{SERVER_PORT} ^80$
RewriteCond %{REQUEST_URI} ^/login(\.php)?$ [NC,OR]
RewriteCond %{REQUEST_URI} ^/contact-us(\.php)?$ [NC,OR]
RewriteCond %{REQUEST_URI} ^/members/.+/change-password [NC]
RewriteRule ^(.+)\.php$ https://www.example.com/$1 [R=301,L]
But this doesn't work - I just get the page delivered over http. Changing the .+ to .* appears to put me into a permanent redirect loop.
I'm guessing this is because of the internal rewrite but no matter what I try I can't seem to resolve it.
Can anyone please advise?
Thanks,
Adam M.
A further review of the mod_rewrite documentation led me to a bit I'd missed specific to its usage in .htaccess files. Basically the [L] flag doesn't actually indicate last as per the norm. Instead you need to use the [END] flag (http://httpd.apache.org/docs/current/rewrite/flags.html#flag_l refers).
Of course that then led me to another issue - my hosting provider doesn't have an up-to-date installation of either Apache or mod_rewrite so the [END] flag triggered the ubiqitous HTTP 500 Internal Server Error.
So what to do? Well I went back to my original ruleset with the knowledge that [L] wasn't doing what I was expecting and spotted the error straight away - the %{REQUEST_URI} value had been updated by the internal rewrite:
RewriteRule ^members/(.+)/change-password$ members/.change-password.php?url-slug=$1 [NC,QSA,L]
Therefore changing my original redirection logic to exclude this resolved my issue:
RewriteCond %{SERVER_PORT} ^443$
RewriteCond %{REQUEST_URI} !^/login(\.php)?$ [NC]
RewriteCond %{REQUEST_URI} !^/contact-us(\.php)?$ [NC]
RewriteCond %{REQUEST_URI} !^/\..*$
RewriteCond %{REQUEST_URI} !^/members/.+/change-password$ [NC]
RewriteCond %{REQUEST_URI} !^/members/\.change-password(\.php)? [NC]
RewriteRule ^(.*)$ http://www.example.com/$1 [R=301,L]
RewriteCond %{HTTP_HOST} !^dev\.example\.com$ [NC]
RewriteCond %{SERVER_PORT} ^80$
RewriteCond %{REQUEST_URI} ^/login(\.php)?$ [NC,OR]
RewriteCond %{REQUEST_URI} ^/contact-us(\.php)?$ [NC,OR]
RewriteCond %{REQUEST_URI} ^/members/.+/change-password$ [NC]
RewriteRule ^(.+)(\.php)?$ https://www.example.com/$1 [R=301,L]
I'm building a preprod environment where the client and developpers will be able to check that everything is working fine for their website they are about to put up but i must disable all HTTPS redirection because at this point it would fall in the PROD site wathever the HOSTNAME is sent in the request.
This is one of the examples i'm using:
RewriteCond %{HTTP_HOST} (www\.)?domain\.com
RewriteCond %{HTTP_HOST} ^s\.domain\.com
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} !^/?basket/$
RewriteCond %{REQUEST_URI} !^/?basket/add/
RewriteCond %{REQUEST_URI} !^/?basket/delete/
RewriteCond %{REQUEST_URI} !^/?basket/modify/
RewriteCond %{REQUEST_URI} !^/?basket//add/
RewriteCond %{REQUEST_URI} !^/?basket//delete/
RewriteCond %{REQUEST_URI} !^/?basket//modify/
RewriteCond %{REQUEST_URI} !^/?basket/info_panier.js
RewriteRule ^/?basket/.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]
Problem is, even if i visit:
http://s.domain.com/basket//coordonnees/login/
It still redirects me to the HTTPS version, but i have a rewrite condition on the s.domain.com saying to skip this rule... What am i doing wrong?
CrazyCoder
Never mind i found it two seconds later, but this might help other people:
The condition:
RewriteCond %{HTTP_HOST} (www\.)?domain\.com
Came clashing on the condition:
RewriteCond %{HTTP_HOST} ^s\.domain\.com
Because i didn't put a ! off the start. If i put ! before the (www.)?domain.com it will not match s.domain.com and thus work fine...
The Problem:
Been spinning my wheels and reading up on this one for awhile and looking for some help now. I'm looking to take a group of non-friendly URLs (there are actually more "groups" but this should me for an example):
domainname.com/?section=zebras
domainname.com/?section=monkeys&id=555
and turn them into friendly URLs, as well as do a 301 on the old versions, so that any old bookmarks (and search engines) will still resolve them. The new format I'm looking for would be:
domainname.com/zebras/
domainname.com/monkeys/555
I'm fully intending to write separate RewriteCond/RewriteRule combinations for each of those scenarios, so I don't necessarily need a super-rule that catches all my scenarios. Oh and this is all in .htaccess.
My Progress:
I was originally getting into a redirect loop because I was just doing two RewriteRules back to back - one for the friendly URL and one for the 301 redirect. Came across my favorite way (so far) around the redirect loop which works (for my scenario #1 at least):
RewriteCond %{ENV:REDIRECT_STATUS} !200
RewriteCond %{QUERY_STRING} ^section=zebras$ [NC]
RewriteRule ^.*$ http://www.domainname.com/zebras/? [R=301,NC,L]
RewriteRule ^zebras/$ /index\.php?section=zebras [NC,L]
However, I'd like to have something that works for more than just "zebras" (for instance, I'd like it to work for "lions" as well), so I'm trying to make that more generic. What I am trying now looks like this:
RewriteCond %{ENV:REDIRECT_STATUS} !200
RewriteCond %{QUERY_STRING} ^section=([a-z]+)$ [NC]
RewriteRule ^section=([a-z]+)$ http://www.domainname.com/$1/? [R=301,NC,L]
RewriteRule ^([a-z]+)/$ /index\.php?section=$1 [NC,L]
However, this doesn't work. I think I have something "not quite right", I just can't tell what it is - there's something I'm missing or formatting incorrectly somewhere. Sorry in advance for the lengthy description, just wanted to be clear.
Do this:
RewriteEngine on
RewriteBase /
RewriteCond %{ENV:REDIRECT_STATUS} 200
RewriteRule ^ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_URI} !(\.\w+|/)$
RewriteRule (.*) /$1/ [R,L]
RewriteCond %{QUERY_STRING} ^section=([a-z]+)$ [NC]
RewriteRule ^ /%1/? [R=301,NC,L]
RewriteRule ^([a-z]+)/$ /index\.php?section=$1 [NC,L]
RewriteCond %{QUERY_STRING} ^section=([a-z]+)&id=(\d+)$ [NC]
RewriteRule ^ /%1/%2/? [R=302,NC,L]
RewriteRule ^([a-z]+)/(\d+)/$ /index\.php?section=$1&id=$2 [NC,L]
Description
Prevents looping:
RewriteCond %{ENV:REDIRECT_STATUS} 200
RewriteRule ^ - [L]
Prevents trailing slash problem:
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_URI} !(\.\w+|/)$
RewriteRule (.*) /$1/ [R,L]
Handles rewrites with only section=([a-z]+) in them:
RewriteCond %{QUERY_STRING} ^section=([a-z]+)$ [NC]
RewriteRule ^ /%1/? [R=302,NC,L]
RewriteRule ^([a-z]+)/$ /index\.php?section=$1 [NC,L]
Handles rewrites with only section=([a-z]+)&id=(\d+) in them:
RewriteCond %{QUERY_STRING} ^section=([a-z]+)&id=(\d+)$ [NC]
RewriteRule ^ /%1/%2/? [R=302,NC,L]
RewriteRule ^([a-z]+)/(\d+)/$ /index\.php?section=$1&id=$2 [NC,L]
mistake in your rules:
section=([a-z]+) is not available in the URI part. So, RewriteRule ^section=([a-z]+)$ never matched.
I've been trying to get a wikipedia style language thing to work. So that the url will be en.example.com for English, fr.example.com for French, etc... This is working fine however I would like the admin area to always default to base language, i.e. not set the LANGUAGE environment variable. I've tried adding RewriteCond %{REQUEST_URI} !^admin [NC] but it seems to have no effect.
My mod_rewrite code is as follows:
# Handle languages
# Picks up the language code from the browser accept-language parameter
RewriteCond %{HTTP:Accept-Language} ^([a-z]{2}).*$ [NC]
RewriteCond %{HTTP_HOST} !^[a-z]{2}\.[a-z]{2,}\. [NC]
RewriteRule ^(.*)$ http://%1.%{HTTP_HOST}/$1 [R=301]
RewriteCond %{REQUEST_URI} !^admin [NC]
RewriteCond %{HTTP_HOST} ^([a-z]{2})\.[a-z]{2,}\. [NC]
RewriteRule ^(.*)$ - [ENV=LANGUAGE:%1,QSA]
# Redirecting all requests to one script
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^([\+a-zA-Z0-9,%\(\)\_\ -/]+)$ /index.php [NC,L,QSA]
Thanks for any help, I'm sure it's something really stupid that is wrong, as usual.
Your problem is that REQUEST_URI doesn't start with admin, its going to have a slash in front... it might start with /admin if you have no rewrite base... so you can change it to !^/admin or just !admin or !admin/ if all your code is in foo.com/admin/*
REQUEST_URI is going to be the entire GET like "/foo/bar.html"