homepage Welcome to WebmasterWorld Guest from 54.204.94.228
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / Code, Content, and Presentation / Apache Web Server
Forum Library, Charter, Moderators: Ocean10000 & incrediBILL & phranque

Apache Web Server Forum

    
Multiple domain names redirect to HTTPS
pilot537780




msg:4572220
 8:23 am on May 9, 2013 (gmt 0)

Hi all,

I have been trying to achieve the following with .htaccess:

- primary domain example.com and www.example.com redirected to https://example.com
- secondary domain example2.com and www.example2.com redirected to https://example.com
- secondary domain example3.com and www.example3.com redirected to https://example.com
... and so on

I have searched this forum and the internet and have tried many different solutions. The one that has given me the closest result to what I want is as follows:

RewriteEngine On
RewriteCond %{HTTP_HOST} .
RewriteCond %{HTTP_HOST} !^example\.com
RewriteRule (.*) https://example.com/$1 [R=301,L]


This works great except for example.com not redirecting to https://example.com (for obvious reasons) and for the trailing slash being absent in Firefox 20.0.1 and Chrome 26 (it shows in Explorer 9).

I then tried this:

RewriteEngine On
RewriteCond %{HTTP_HOST} .
RewriteCond %{HTTP_HOST} !^https://example\.com
RewriteRule (.*) https://example.com/$1 [R=301,L]


but it did not work. My website pages stopped loading.

I would be most appreciative if someone was able to give me a hand with this.

Thank you,

Chris

 

Dideved




msg:4572245
 9:41 am on May 9, 2013 (gmt 0)

It sounds like all your cases can be summed up as: redirect if the protocol is _not_ HTTPS, *or* if the domain is _not_ example.com.

RewriteCond %{SERVER_PROTOCOL} !=HTTPS [OR]
RewriteCond %{HTTP_HOST} !=example.com
RewriteRule (.*) https://example.com/$1 [R=301,L]


> and for the trailing slash being absent in Firefox 20.0.1
> and Chrome 26 (it shows in Explorer 9).

Do you mean the slash after the domain name? Whether the browser's address bar shows this or not is purely a cosmetic decision by the browser, and there isn't any way for us to control that.

lucy24




msg:4572247
 9:43 am on May 9, 2013 (gmt 0)

What is this line intended to do?
RewriteCond %{HTTP_HOST} .
On the face of it, it means "If the http_host exists" --but there's always a host. The only question is who/what the host is.

The protocol ("http" or "https") is not part of the hostname. But it's the most obvious omission in your existing conditions. There are a couple different ways to extract the protocol; the simplest is the single word HTTPS as in
RewriteCond %{HTTPS} on
(note that it's "off: on", not "true: false")
... or in your case "off", since you want to redirect requests that are already asking for the correct hostname, but need the other protocol. This rule comes after the rule covering requests for other hostnames.

You can collapse them into a single rule, with [OR] in the conditions, if-and-only-if the condition looking at hostname is positive (HTTP_HOST is...) rather than negative (HTTP_HOST is not...). Technically you can combine them anyway, since the conditions are looking at different values. But the combination of [OR] and a negative is just asking for trouble :)

phranque




msg:4572248
 9:46 am on May 9, 2013 (gmt 0)

welcome to WebmasterWorld, Chris!


the reason the second attempt didn't work is that HTTP_HOST will not include the protocol.
you might try adding another RewriteCond using %{SERVER_PROTOCOL} as the TestString.

pilot537780




msg:4572267
 10:20 am on May 9, 2013 (gmt 0)

Thanks for your help guys.

Dideved, I tried your solution but I get an internal server error. I'll check it again tomorrow. Yes, I did mean the slash after the domain name.

Lucy 24, I got the first rewrite condition in a post from jdMorgan:

The first RewriteCond is only needed if your server is accessible via HTTP/1.0. True HTTP/1.0 requests do not include the hostname header, so this RewriteCond prevents (big) problems if the request is HTTP/1.0 and the hostname is blank. You can remove this line if you are on a shared name-based server, since such servers cannot be reached with a blank hostname.

I thought I'd leave that condition in the code since I don't see it causing any problems.

I will try to come up with a rule based on your advise and I will get back to you. it's already late here in Australia so I will do that tomorrow.

lucy24




msg:4572283
 11:17 am on May 9, 2013 (gmt 0)

I got the first rewrite condition in a post from jdMorgan:

D'oh! As soon as I saw the name I remembered that there is one situation where the host is empty-- and I should know this perfectly well because it's part of the usual domain-name-canonicalization redirect. "Exactly such-and-such or exactly nothing."

using %{SERVER_PROTOCOL}

Bingo. That's one of the six alternatives I'd gone blank on :)

Sooner or later you'll have to figure out what to do with people who are using 1.0, though. Some proxies, possibly some satellite connections. I looked it up recently; humans with 1.0 do still exist, though they're not common.

Dideved




msg:4572379
 4:13 pm on May 9, 2013 (gmt 0)

> Dideved, I tried your solution but I get an internal server
> error. I'll check it again tomorrow. Yes, I did mean the
> slash after the domain name.

That's interesting... I tested it on my local server before I posted. Can you let me know what version of Apache you're on? And can you let me know what your error log said after trying this solution?

pilot537780




msg:4572533
 12:53 am on May 10, 2013 (gmt 0)

Didevid,

My Apache version is 2.2.21. As for what the error log said, I was not able to find out. When I check the error log in my cPanel, it does not show any entries! (I will lodge a support ticket with my web host to find out why)

Dideved




msg:4572552
 3:31 am on May 10, 2013 (gmt 0)

I installed Apache 2.2.21. All default config except that I enabled mod_rewrite and created virtual hosts for the various domains... but the rewrite rules from my first post still worked. :/

So at this point, I can only figure that there's something else in the htaccess or in the main config that's causing a conflict. If you want, you can try to post your whole htaccess and main config, and one of us might be able to spot the issue. Or you can get your host to start logging errors (which is probably a good thing to do anyway).

pilot537780




msg:4572617
 8:51 am on May 10, 2013 (gmt 0)

I have used the following code and it redirects all http domains properly to https://example.com:

RewriteEngine On
RewriteCond %{HTTP_HOST} .
RewriteCond %{HTTP_HOST} !^example\.com\.au [OR]
RewriteCond %{HTTPS} off
RewriteRule (.*) https://example.com.au/$1 [R=301,L]


If you have any comments about the syntax in the above code, please let me know.

Whilst I was checking if the redirects were working, I found another problem. If the address I enter is https://example2.com then I get an SSL certificate error message (the SSL certificate is for example.com). If I click on "continue to this website", I am then correctly redirected to https://example.com. Is there a way to avoid the SSL certificate error?

Didevid, there was nothing else in my htaccess so there must be something in the main config that prevents your code to work (I do not have access to that config file).

[edited by: engine at 9:46 am (utc) on May 10, 2013]
[edit reason] examplified [/edit]

lucy24




msg:4572801
 6:38 pm on May 10, 2013 (gmt 0)

RewriteCond %{HTTP_HOST} !^example\.com\.au
Did you intentionally leave off the closing anchor? If a specific port number is required, include it before the closing anchor. If it's optional, the form would be

!^example\.com\.au(:1234)?$

Whenever a rule has more than one condition, list them in order of "most likely to fail". For testing it may be convenient to put them in some other order so it makes intuitive sense-- easier for you to read and debug. But once it's working, go for efficiency. For example, if most of your visitors are already https, put that condition first.

phranque




msg:4572926
 12:06 am on May 11, 2013 (gmt 0)

Is there a way to avoid the SSL certificate error?


the secure handshake must occur before the web connection is made, so there's no way to redirect first to avoid that message.

if you are accepting secure connections for example2.com you should have a secure certificate for that hostname.

pilot537780




msg:4573391
 2:31 am on May 13, 2013 (gmt 0)

lucy24,

No, I did not leave off the closing anchor intentionally. My knowledge of htaccess is quite limited. I wrote the code based on code snippets I found on the net and they did not have closing anchors. What is the significance of the closing anchor?

As for the order of my conditions, they were already in the right order (again, not intentionally! :-)) but thanks for the tip. It will certainly be useful in the future.

phranque,

example2.com, example3.com, etc are all domains I bought to prevent competitors from buying them. They do not have a secure certificate. I will ask my web host if there is any way to refuse secure connections for these domains.

lucy24




msg:4573398
 3:29 am on May 13, 2013 (gmt 0)

Opening and closing anchors are basically what the name says.

foobar = text contains "foobar"
^foobar = text begins "foobar"
foobar$ = text ends "foobar"
^foobar$ = text begins and ends (i.e. is exactly) "foobar"

In the particular case of testing for hosts, leaving off the closing anchor means "there may or may not be a port number here". It's generally only for insurance, since the chances are very small that someone will come in asking for any specific port number, let alone the wrong one. Opening anchors on the other hand are essential because that's where you determine whether the host does or does not include "www." or perhaps a subdomain name.

Anchors aren't specific to htaccess. It's how Regular Expressions work everywhere. The most important .htaccess-specific feature of Regular Expressions is that you have to escape literal spaces, even inside grouping brackets, because a space has syntactic meaning almost everywhere in Apache. Sometimes you also have to escape / slashes, but luckily not in mod_rewrite or mod_alias.

pilot537780




msg:4573955
 6:43 am on May 14, 2013 (gmt 0)

lucy24,

Thank you for the explanation. I will leave the closing anchor off. Nothing wrong with insurance!

Thank you to everyone for the advice. I would not have been able to get my domain redirects working without your help.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / Apache Web Server
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved