This is what I use:

RewriteCond %{HTTP_HOST} !^(www\.example\.com)?$
RewriteRule (.*) http://www.example.com/$1 [R=301,L]

Your closest example is the second code block.

Think about requests for example.com/ and example.com:80/ and www.example.com:80/ for starters.

All of your examples fail to redirect at least one of those non-canonical forms.

Thanks g1smd

Can you explain why it's important to put the port in there? And is it the same port on all servers?

It is likely that requests for

example.com/

and

example.com:80/

will return the same content. Likewise,

www.example.com/

and

www.example.com:80/

will also return that same content.

That's a Duplicate Content issue if any of those alternative, non-canonical URLs become indexed, therefore you will also want to redirect any request "with port" (both www and non-www) to "www without port".

Your examples will individually redirect either "non-www with port" or will redirect "www with port" but will not redirect both.

Most servers will be using port 80 for HTTP and port 443 for HTTPS, but there can be exceptions.

Let's make this explicitly clear:

# Redirect *all* non-blank, non-canonical hostname requests to the canonical hostname
RewriteCond %{HTTP_HOST} !^(www\.example\.com)?$
RewriteRule (.*) http://www.example.com/$1 [R=301,L] 

In short, if the requested hostname is not blank, then unless it is exactly, precisely "www.example.com", you get a redirect.

So,
example.com
example.com.
example.com:80
example.com.:80
www.example.com.
www.example.com:80
www.example.com.:80
www.www.example.com -- and all the above variations of it,
WwW.eXaMpLe.CoM -- and all the above variations

all of these perfectly-valid but non-canonical hostnames get redirected to *exactly* www.example.com

The exclusion for a blank hostname is "cheap insurance" against an actual HTTP/1.0 client request to this server. HTTP/1.0 clients cannot and do not include a Host header in their requests, which leaves the HTTP_HOST variable blank. Obviously a blank hostname would not match "exactly www.example.com" and if you redirected it, then that client would make another HTTP request, again with no Host header, and you would have yourself a nice 'infinite loop.'

This is of no concern with name-based virtual servers, since such servers cannot be reached by true HTTP/1.0 clients. But again, the exclusion is cheap insurance even on such servers -- which might conceivably get moved to an IP-based virtual hosting account at some point in the future, opening up this self-inflicted-DOS-attack vulnerability.

Jim

Thanks Guys